- Forum komputerowe
- → Przeglądanie profilu: Tematy: Sup Sis feggit meggit xoxo
Sup Sis feggit meggit xoxo
Rejestracja: 15 mar 2013OFFLINE Ostatnio: 25 03 2013 07:46
Moja zawartośćStatystyki
- Grupa: Użytkownik
- Całość postów: 11
- Odwiedzin: 500
- Tytuł: Początkujący
- Wiek: Wiek nie został ustalony
- Urodziny: Data urodzin nie została podana
-
Płeć
Nie podano
O mnie
-
Jaki posiadasz system operacyjny?
Windows 7 (x64) service pack 1
0
Neutralna
Znajomi
Sup Sis feggit meggit xoxo nie posiada znajomych
Ostatnio byli
-
Gość
mar 19 2013 - 14:33 -
makensis
mar 18 2013 - 19:47 -
pawel315
mar 16 2013 - 22:34
Moje tematy
16 gigowy pendrive nie mieści 9 gigowego pliku ;-;
21 03 2013 - 19:59
Pendrive KINGSTON. Napisane jest 16 giga, we właściwościach jest napisane 14,5 giga. Chcę włozyć do niego plik 9 gigowy to wyświetla się komunikat "Dysk docelowy jest pełny, aby kontynuować włóż nowy dysk". Pendrive jest nowiutki. Co mam zrobić żeby działał jak należy?
Brak transferu danych przy poprawnym połączeniu do sieci. W czym problem?
18 03 2013 - 20:05
Nie umiem sprawić, aby mi działał internet mimo, że jest napisane, że połączenie z internetem jest aktywne. Nie znam się na tym i nie wiem jakie informacje mogą być przydatne dlatego wklejam zrzut ekranu.
sieć.png 750,19 KB
69 Ilość pobrań. To wszystko dzieje się po formacie, router nie był dotykany, nawet na niego nie patrzyłem. Wszystko zostało tak jak było przed formatem. Jedyna różnica to to, że nie działa (stwierdzam to na podstawie tego, że nie moge korzystać z żadnej przeglądarki).
sieć.png 750,19 KB
69 Ilość pobrań. To wszystko dzieje się po formacie, router nie był dotykany, nawet na niego nie patrzyłem. Wszystko zostało tak jak było przed formatem. Jedyna różnica to to, że nie działa (stwierdzam to na podstawie tego, że nie moge korzystać z żadnej przeglądarki).
Logi - Funkcje w programach nie działają + uber zamuł
16 03 2013 - 21:40
Po włączeniu kompa mam taki problem, że niektóre programy/aplikacje nie działają. Np po kliknięciu na ikonkę opery lub innych przeglądarek nie chcą się włączyć (wygląda to w ten sposób, że kółeczko obok kurosra sobie się kręci, ale mimo wszystko nie chce się włączyć). Foldery otwierają się bez problemu, dokumenty tekstowe też. Taki "odkurzacz" też działa, o grach nie ma co gadać. Największy problem jest z przeglądarkami. Żeby sprawdzić czy nie jest to po prostu wielki zamuł zostawiłem kompa na 30 minut po włączeniu (nic nie dotykałem po zalogowaniu się) i wciąż jest ten sam problem. Uwaga w trybie awaryjnym wszystko śmiga. Ten cały problem pojawił się z dnia na dzień.
Pierwszy log jest z RSIT x64
Pierwszy log jest z RSIT x64
Logfile of random's system information tool 1.09 (written by random/random)
Run by dom at 2013-03-16 20:15:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 25 GB (12%) free of 200 GB
Total RAM: 4095 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:16:03, on 2013-03-16
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\dom\Desktop\OTL.exe
C:\Program Files\trend micro\dom.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1342608838_220770
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=hp&babsrc=lnkry_nt"]Babylon Search[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]MetroMSN.pl - MSN.pl - wydarzenia, styl życia, dom, pieniądze, rozrywka i gwiazdy,metro, Hotmail[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]Bing[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]Bing[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
F2 - REG:system.ini: Shell=C:\PROGRA~3\Fh59IZN.bat
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll
O2 - BHO: Linkury SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O2 - BHO: Zoomex - {67BF155D-7896-43A3-1C8B-B3F619E820B1} - C:\ProgramData\Zoomex\50fd51e662695.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll
O3 - Toolbar: Linkury Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{81022E93-1FC7-4565-916F-AB4D30895698}: NameServer = 62.179.1.62
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file)
O20 - AppInit_DLLs: c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll c:\progra~2\zoomex\sprote~1.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9572 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x274
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
ctfmon.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\dom\Desktop\OTL.exe"
"C:\Users\dom\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\RMAutoUpdate.job
C:\Windows\tasks\RMSchedule.job
C:\Windows\tasks\ZoomExUpdaterTask{DAED68F5-436B-4787-8ECB-67A74F866FE0}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\dom\AppData\Roaming\Mozilla\Firefox\Profiles\vty4knvd.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.13.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mywebsearch.com/Plugin]
"Description"=My Web Search Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll [2012-08-13 1393272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
Linkury SmartbarEngine - C:\Windows\system32\mscoree.dll [2010-11-05 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2012-06-24 1968248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
UrlHelper Class - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll [2011-02-08 1057160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-10-02 5748928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
MediaBar - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll [2011-01-24 89008]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
Linkury SmartbarEngine - C:\Windows\system32\mscoree.dll [2010-11-05 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2012-06-24 1417336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
UrlHelper Class - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll [2011-02-08 721288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BF155D-7896-43A3-1C8B-B3F619E820B1}]
Zoomex - C:\ProgramData\Zoomex\50fd51e662695.dll [2013-01-21 120832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-06 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-06 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} -
{ae07101b-46d4-4a98-af68-0333ea26e113} - Linkury Smartbar - C:\Windows\system32\mscoree.dll [2010-11-05 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{07B18EA9-A523-4961-B6BB-170DE4475CCA}
{D4027C7F-154A-4066-A1AD-4243D8127440} -
{28387537-e3f9-4ed7-860c-11e69af4a8a0} - MediaBar - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll [2011-01-24 89008]
{ae07101b-46d4-4a98-af68-0333ea26e113} - Linkury Smartbar - C:\Windows\system32\mscoree.dll [2010-11-05 444752]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"ccleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2012-06-22 5283680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper]
C:\Users\dom\AppData\Local\Smartbar\Application\Linkury.exe [2013-01-21 13824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-08-28 2252800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-06-27 1996200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
C:\PROGRA~2\MYWEBS~1\bar\2.bin\m3SrchMn.exe /m=2 /w /h []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~2\MYWEBS~1\bar\2.bin\mwsoemon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-03-07 3093624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor]
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-08-21 105120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-05-29 115032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^dom^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^runctf.lnk]
C:\Users\dom\AppData\Local\Temp\dYSEvWR.exe,M1N1 []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Audiosrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\drmkaud]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HDAudBus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MMCSS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{640167b4-59b0-47a6-b335-a6b3c0695aea}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Audiosrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\drmkaud]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HDAudBus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MMCSS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{640167b4-59b0-47a6-b335-a6b3c0695aea}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-16 20:09:31 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-03-16 20:09:18 ----A---- C:\Windows\ntbtlog.txt
2013-03-16 18:12:10 ----D---- C:\Users\dom\AppData\Roaming\Malwarebytes
2013-03-16 18:12:03 ----D---- C:\ProgramData\Malwarebytes
2013-03-16 18:12:03 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-16 18:12:03 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-03-16 15:31:10 ----D---- C:\rsit
2013-03-16 15:31:10 ----D---- C:\Program Files\trend micro
2013-03-12 14:56:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-09 06:45:33 ----A---- C:\Windows\system32\win32k.sys
2013-03-09 06:45:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-03-09 06:45:29 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-03-09 06:45:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-03-09 06:45:25 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-03-09 06:45:25 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-03-07 18:22:31 ----D---- C:\ProgramData\PMB Files
2013-03-07 18:22:17 ----D---- C:\Program Files (x86)\Pando Networks
======List of files/folders modified in the last 1 month======
2013-03-16 20:09:57 ----D---- C:\Windows
2013-03-16 20:09:31 ----D---- C:\Windows\System32
2013-03-16 20:09:19 ----D---- C:\Windows\system32\config
2013-03-16 20:09:15 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-16 20:09:14 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-16 19:56:40 ----RD---- C:\Program Files (x86)
2013-03-16 19:49:57 ----SHD---- C:\System Volume Information
2013-03-16 19:44:47 ----D---- C:\Windows\system32\catroot
2013-03-16 19:44:46 ----D---- C:\Windows\system32\catroot2
2013-03-16 19:43:29 ----D---- C:\Windows\winsxs
2013-03-16 19:43:15 ----SHD---- C:\Windows\Installer
2013-03-16 19:43:13 ----AD---- C:\Windows\Temp
2013-03-16 19:43:12 ----SHD---- C:\Config.Msi
2013-03-16 19:40:16 ----D---- C:\Windows\SoftwareDistribution
2013-03-16 19:37:18 ----D---- C:\Windows\system32\LogFiles
2013-03-16 19:26:01 ----D---- C:\Users\dom\AppData\Roaming\Skype
2013-03-16 18:12:03 ----HD---- C:\ProgramData
2013-03-16 18:12:03 ----D---- C:\Windows\system32\drivers
2013-03-16 18:08:32 ----D---- C:\Program Files (x86)\Opera
2013-03-16 15:31:10 ----RD---- C:\Program Files
2013-03-16 11:04:03 ----D---- C:\Windows\inf
2013-03-16 10:17:30 ----D---- C:\Windows\Microsoft.NET
2013-03-16 07:55:40 ----RSD---- C:\Windows\assembly
2013-03-16 07:48:43 ----SD---- C:\ProgramData\Microsoft
2013-03-15 19:16:59 ----D---- C:\Users\dom\AppData\Roaming\BitTorrent
2013-03-15 17:04:11 ----D---- C:\Windows\Prefetch
2013-03-15 14:19:08 ----D---- C:\Users\dom\AppData\Roaming\DAEMON Tools Lite
2013-03-15 14:18:07 ----D---- C:\Windows\debug
2013-03-15 13:52:50 ----D---- C:\Windows\SysWOW64
2013-03-15 06:36:33 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 06:33:34 ----D---- C:\Windows\pss
2013-03-14 06:30:02 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 06:30:02 ----D---- C:\Windows\system32\migration
2013-03-14 06:30:02 ----D---- C:\Windows\AppPatch
2013-03-14 06:30:02 ----D---- C:\Program Files\Internet Explorer
2013-03-14 06:30:02 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 06:27:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-12 20:12:05 ----D---- C:\Program Files\Common Files
2013-03-12 17:18:54 ----D---- C:\ProgramData\BioWare
2013-03-12 17:11:43 ----D---- C:\ProgramData\InstallShield
2013-03-12 17:11:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-12 14:56:06 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-07 18:29:27 ----RD---- C:\Users
2013-03-07 18:19:33 ----D---- C:\Program Files (x86)\League of Legends
2013-03-07 18:12:51 ----D---- C:\Users\dom\AppData\Roaming\RenPy
2013-03-06 22:00:32 ----D---- C:\Windows\system32\wbem
2013-03-06 21:59:35 ----D---- C:\Windows\Tasks
2013-03-06 21:59:35 ----D---- C:\Windows\system32\wfp
2013-03-06 21:59:35 ----D---- C:\Windows\system32\DriverStore
2013-03-06 21:59:34 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-06 21:59:34 ----D---- C:\Windows\system32\Tasks
2013-03-06 21:59:34 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-06 21:59:32 ----D---- C:\Windows\Help
2013-03-06 21:59:26 ----D---- C:\Users\dom\AppData\Roaming\ijjigame
2013-03-06 21:59:25 ----D---- C:\Users\dom\AppData\Roaming\GG
2013-03-06 21:59:25 ----D---- C:\Users\dom\AppData\Roaming\Gadu-Gadu 10
2013-03-06 21:59:25 ----D---- C:\Users\dom\AppData\Roaming\FunnyGames
2013-03-06 21:59:25 ----D---- C:\Users\dom\AppData\Roaming\Downloaded Installations
2013-03-06 21:59:25 ----D---- C:\Users\dom\AppData\Roaming\Condusiv_Technologies
2013-03-06 21:59:21 ----D---- C:\Program Files\Condusiv Technologies
2013-03-06 21:59:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-06 21:59:19 ----D---- C:\Program Files (x86)\Diskeeper Setup Files
2013-03-06 21:59:04 ----D---- C:\Windows\registration
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
R0 DKDFM;Device Filter Manager Driver; C:\Windows\system32\drivers\DKDFM.sys [2012-04-05 40752]
R0 DKTLFSMF;Telemetry File System Mini Filter Driver; C:\Windows\system32\drivers\DKTLFSMF.sys [2012-07-09 106832]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-27 564824]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2012-09-04 31080]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 1235968]
S1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2010-08-12 2715824]
S1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-04 359936]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 123408]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
S3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 DKRtWrt;DKRtWrt; C:\Windows\system32\DRIVERS\DKRtWrt.sys [2012-06-18 52048]
S3 dump_wmimmc;dump_wmimmc; \??\C:\ijji\ENGLISH\AVA\Binaries\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 LVUVC64;Logitech Webcam C160(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2011-04-01 4184672]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2005-01-02 4682]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-07 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-11-07 57856]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-07-26 76888]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S3 aspnet_state;„Usługa stanu ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2010-06-15 3583592]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-07 1255736]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-04 238080]
S4 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2010-08-12 551896]
S4 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]
S4 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-07 115608]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-08-21 794272]
S4 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-01-29 541608]
S4 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
-----------------EOF-----------------Drugi z OTLOTL logfile created on: 2013-03-16 20:15:52 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\dom\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 74,99% Memory free
8,00 Gb Paging File | 7,04 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 24,29 Gb Free Space | 12,44% Space Free | Partition Type: NTFS
Drive D: | 146,39 Gb Total Space | 146,28 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
Drive E: | 121,09 Gb Total Space | 120,99 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
Computer Name: DOM-KOMPUTER | User Name: dom | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013-03-16 14:41:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\dom\Desktop\OTL.exe
PRC - [2013-02-10 15:44:12 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012-12-14 16:49:28 | 000,824,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2013-01-09 19:53:19 | 014,586,888 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2012-07-04 07:20:54 | 000,238,080 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2010-08-12 14:32:42 | 000,551,896 | ---- | M] (Protection Technology) [Disabled | Stopped] -- C:\Windows\SysNative\appdrvrem01.exe -- (appdrvrem01)
SRV - [2013-03-07 15:29:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-01-29 16:58:21 | 000,541,608 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-12-14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-12-14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-08-21 14:43:58 | 000,794,272 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012-08-13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2012-07-26 21:17:03 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-06-27 11:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-02-14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-04-01 04:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010-06-15 16:19:03 | 003,583,592 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2012-12-14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012-11-27 20:00:20 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2012-11-07 22:09:19 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012-11-07 22:09:18 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012-09-04 12:34:14 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2012-08-24 14:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2012-07-26 02:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2012-07-09 14:54:58 | 000,106,832 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DKTLFSMF.sys -- (DKTLFSMF)
DRV:[b]64bit:[/b] - [2012-07-04 07:59:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2012-07-04 07:59:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012-07-04 06:10:56 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012-06-18 19:14:34 | 000,052,048 | ---- | M] (Condusiv Technologies) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DKRtWrt.sys -- (DKRtWrt)
DRV:[b]64bit:[/b] - [2012-04-19 03:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:[b]64bit:[/b] - [2012-04-05 02:32:54 | 000,040,752 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DKDFM.sys -- (DKDFM)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-23 13:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012-01-31 03:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2011-12-23 12:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2011-12-23 12:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:[b]64bit:[/b] - [2011-12-23 12:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2011-04-01 04:07:54 | 004,184,672 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-08-12 14:32:43 | 002,715,824 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\appdrv01.sys -- (appdrv01)
DRV:[b]64bit:[/b] - [2010-03-09 11:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2009-08-17 12:20:46 | 001,235,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009-07-16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-22 15:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2008-04-22 07:53:36 | 000,012,744 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Entech64.sys -- (ENTECH64)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005-01-02 04:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://searchfunmoods.com/?f=1&a=iron2&ir=iron2&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0CtBtC0DyEtD0DtBtA0EtN0D0Tzu0CtAyDtCtN1L2XzutBtFtBtFtCtFyEtDyB&cr=911712656"]Funmoods Search[/url]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = [url="http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&ir=iron2&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0CtBtC0DyEtD0DtBtA0EtN0D0Tzu0CtAyDtCtN1L2XzutBtFtBtFtCtFyEtDyB&cr=911712656"]Funmoods Search[/url]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]{searchTerms} - Bing[/url]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{30F5AB16-9F1E-4E99-93F2-ECB9ABB0EC12}: "URL" = [url="http://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=ft-100&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0CtBtC0DyEtD0DtBtA0EtN0D0Tzu0CtBtAtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2048707667"]Searchya Search[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.com"]Google[/url]
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]{searchTerms} - Bing[/url]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = [url="http://search.babylon.com/?affID=110809&tt=bandext_3312_8&babsrc=HP_ss&mntrId=44dbd23e00000000000000ffe5264df8"]Babylon Search[/url]
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = [url="http://search.babylon.com/?affID=110809&tt=bandext_3312_8&babsrc=HP_ss&mntrId=44dbd23e00000000000000ffe5264df8"]Babylon Search[/url]
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = [url="http://search.babylon.com/?affID=110809&tt=bandext_3312_8&babsrc=HP_ss&mntrId=44dbd23e00000000000000ffe5264df8"]Babylon Search[/url]
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1342608838_220770
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=hp&babsrc=lnkry_nt"]Babylon Search[/url]
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\SearchScopes,Backup.Old.DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]{searchTerms} - Bing[/url]
IE - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\dom\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\dom\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012-09-11 12:47:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-03-12 14:56:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011-12-31 11:18:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dom\AppData\Roaming\mozilla\Extensions
[2012-12-16 22:15:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dom\AppData\Roaming\mozilla\Firefox\Profiles\afss4h8w.default\extensions
[2012-12-16 22:15:50 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\dom\AppData\Roaming\mozilla\Firefox\Profiles\afss4h8w.default\extensions\ffxtlbr@funmoods.com
[2012-08-17 19:07:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dom\AppData\Roaming\mozilla\Firefox\Profiles\afss4h8w.default\extensions\staged
[2012-02-05 14:46:21 | 000,000,000 | ---D | M] (@@toolbarname@@) -- C:\Users\dom\AppData\Roaming\mozilla\Firefox\Profiles\afss4h8w.default\extensions\toolbar@ask.com
[2012-12-16 22:15:49 | 000,000,777 | ---- | M] () -- C:\Users\dom\AppData\Roaming\mozilla\firefox\profiles\afss4h8w.default\searchplugins\Funmoods.xml
[2012-08-17 19:07:49 | 000,000,777 | ---- | M] () -- C:\Users\dom\AppData\Roaming\mozilla\firefox\profiles\afss4h8w.default\searchplugins\Search.xml
[2013-03-12 14:56:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-11-01 22:49:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013-03-07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013-03-07 17:48:47 | 000,002,980 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2013-03-07 17:48:47 | 000,001,619 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2013-03-07 17:48:47 | 000,001,130 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2013-03-07 17:48:47 | 000,001,071 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2013-03-07 17:48:47 | 000,001,396 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2013-03-07 17:48:47 | 000,001,896 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - homepage: [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=hp&babsrc=lnkry"]Babylon Search[/url]
CHR - default_search_provider: Web (Enabled)
CHR - default_search_provider: search_url = [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}"]Babylon Search[/url]
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: [url="http://feed.helperbar.com/?publisher=OC&dpid=OC&co=PL&userid=92d654ad-8e8a-48ea-8b5c-46abd9a276b4&affid=111583&searchtype=hp&babsrc=lnkry"]Babylon Search[/url]
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\dom\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\dom\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\dom\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\dom\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - plugin: GoogleChromeRemotePlugin (Enabled) = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: ijji Auto Install Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll
CHR - plugin: Google Update (Enabled) = C:\Users\dom\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Linkury Smartbar = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\
CHR - Extension: Funmoods = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.3_0\
CHR - Extension: Zoomex = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihgkpinpdipaabjllhocmhmicfnbmdl\1\
CHR - Extension: New Tab = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\7.0.19_0\
CHR - Extension: Ptasie Radio = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gijligoemhhgfdldpnhfpbacahbjafpo\1.3_0\
CHR - Extension: SweetIM for Facebook = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: Linkury Smartbar = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\
CHR - Extension: Funmoods = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.3_0\
CHR - Extension: Zoomex = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihgkpinpdipaabjllhocmhmicfnbmdl\1\
CHR - Extension: New Tab = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\7.0.19_0\
CHR - Extension: Ptasie Radio = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gijligoemhhgfdldpnhfpbacahbjafpo\1.3_0\
CHR - Extension: SweetIM for Facebook = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:[b]64bit:[/b] - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (Zoomex) - {67BF155D-7896-43A3-1C8B-B3F619E820B1} - C:\ProgramData\Zoomex\50fd51e662695.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3625104046-687358821-1933599865-1000..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-3625104046-687358821-1933599865-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:[b]64bit:[/b] - Extra context menu item: &Search - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:[b]64bit:[/b] - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81022E93-1FC7-4565-916F-AB4D30895698}: NameServer = 62.179.1.62
O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\datamngr.dll (iMesh, Inc)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll (iMesh, Inc)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~2\zoomex\sprote~1.dll) - File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\PROGRA~3\Fh59IZN.bat) - C:\ProgramData\Fh59IZN.bat ()
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{11978c38-5a30-11e1-bd8e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{11978c38-5a30-11e1-bd8e-806e6f6e6963}\Shell\AutoRun\command - "" = H:\autorun.exe -auto
O33 - MountPoints2\{1d900ee7-38cc-11e2-8536-e0cb4ec21d40}\Shell - "" = AutoRun
O33 - MountPoints2\{1d900ee7-38cc-11e2-8536-e0cb4ec21d40}\Shell\AutoRun\command - "" = G:\_AUTORUN\AUTORUN.EXE
O33 - MountPoints2\{9f2043ef-61a8-11df-beca-e0cb4ec21d40}\Shell - "" = AutoRun
O33 - MountPoints2\{9f2043ef-61a8-11df-beca-e0cb4ec21d40}\Shell\AutoRun\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (autocheck C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013-03-16 19:57:00 | 000,000,000 | ---D | C] -- C:\Users\dom\Desktop\Nowy folder
[2013-03-16 18:12:10 | 000,000,000 | ---D | C] -- C:\Users\dom\AppData\Roaming\Malwarebytes
[2013-03-16 18:12:03 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013-03-16 18:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-03-16 18:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013-03-16 18:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-03-16 18:11:50 | 000,000,000 | ---D | C] -- C:\Users\dom\AppData\Local\Programs
[2013-03-16 15:40:45 | 000,187,464 | ---- | C] (Webroot) -- C:\Users\dom\Documents\antizeroaccess.exe
[2013-03-16 15:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013-03-16 15:31:10 | 000,000,000 | ---D | C] -- C:\rsit
[2013-03-16 15:12:42 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\dom\Desktop\dds.com
[2013-03-16 14:41:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\dom\Desktop\OTL.exe
[2013-03-15 14:38:52 | 000,000,000 | ---D | C] -- C:\Users\dom\AppData\Local\Torch
[2013-03-15 14:38:40 | 001,159,144 | ---- | C] (Torch Media Inc.) -- C:\Users\dom\Desktop\TorchSetup.exe
[2013-03-14 22:18:32 | 000,000,000 | ---D | C] -- C:\Users\dom\Desktop\Windołsałkę ;-;
[2013-03-12 14:56:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013-03-12 14:12:44 | 021,328,680 | ---- | C] (Mozilla) -- C:\Users\dom\Desktop\Firefox Setup 19.0.2.exe
[2013-03-09 06:45:29 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013-03-09 06:45:26 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013-03-09 06:45:25 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013-03-09 06:45:25 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013-03-07 18:22:33 | 000,000,000 | ---D | C] -- C:\Users\dom\AppData\Local\PMB Files
[2013-03-07 18:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013-03-07 18:22:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013-03-07 18:21:51 | 000,000,000 | ---D | C] -- C:\Users\dom\.swt
[2011-12-15 09:21:43 | 002,161,160 | ---- | C] (DownVision ) -- C:\Users\dom\AppData\Local\setup.exe
[2011-06-03 15:44:52 | 029,451,264 | ---- | C] (Take-Two Interactive Software, Inc.) -- C:\Users\dom\Borderlands.exe
[2011-06-03 15:44:52 | 000,121,984 | ---- | C] (Valve Corporation) -- C:\Users\dom\steam_api.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013-03-16 20:22:48 | 005,242,880 | ---- | M] () -- C:\Users\dom\ntuser.dat
[2013-03-16 20:09:59 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013-03-16 20:09:49 | 000,305,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-03-16 20:09:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-03-16 20:09:17 | 3220,480,000 | -HS- | M] () -- C:\hiberfil.sys
[2013-03-16 19:54:11 | 000,068,224 | ---- | M] () -- C:\Users\dom\AppData\Local\GDIPFONTCACHEV1.DAT
[2013-03-16 19:44:30 | 000,019,520 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-16 19:44:29 | 000,019,520 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-16 19:42:44 | 000,000,358 | -H-- | M] () -- C:\Windows\tasks\ZoomExUpdaterTask{DAED68F5-436B-4787-8ECB-67A74F866FE0}.job
[2013-03-16 19:42:44 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2013-03-16 19:37:16 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2013-03-16 18:12:03 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-03-16 18:08:24 | 000,430,184 | ---- | M] () -- C:\Users\dom\Documents\Malwarebytes-AntiMalware(13117).exe
[2013-03-16 15:40:45 | 000,187,464 | ---- | M] (Webroot) -- C:\Users\dom\Documents\antizeroaccess.exe
[2013-03-16 15:16:42 | 000,935,175 | ---- | M] () -- C:\Users\dom\Desktop\RSITx64.exe
[2013-03-16 15:12:42 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\dom\Desktop\dds.com
[2013-03-16 15:10:44 | 000,377,856 | ---- | M] () -- C:\Users\dom\Desktop\gmer.exe
[2013-03-16 14:41:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\dom\Desktop\OTL.exe
[2013-03-15 14:38:40 | 001,159,144 | ---- | M] (Torch Media Inc.) -- C:\Users\dom\Desktop\TorchSetup.exe
[2013-03-14 06:27:33 | 000,755,448 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-03-14 06:27:33 | 000,668,018 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-03-14 06:27:33 | 000,163,964 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-03-14 06:27:33 | 000,127,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-03-14 06:27:33 | 000,006,610 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-03-13 20:34:38 | 000,282,014 | ---- | M] () -- C:\Users\dom\Desktop\quadełę.jpg
[2013-03-12 14:56:18 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013-03-12 14:12:57 | 021,328,680 | ---- | M] (Mozilla) -- C:\Users\dom\Desktop\Firefox Setup 19.0.2.exe
[2013-03-07 19:08:01 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2013-03-07 18:21:40 | 003,510,632 | ---- | M] () -- C:\Users\dom\Desktop\LeagueofLegends.exe
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013-03-16 20:09:31 | 000,305,704 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-03-16 19:54:11 | 000,068,224 | ---- | C] () -- C:\Users\dom\AppData\Local\GDIPFONTCACHEV1.DAT
[2013-03-16 18:12:03 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-03-16 18:08:24 | 000,430,184 | ---- | C] () -- C:\Users\dom\Documents\Malwarebytes-AntiMalware(13117).exe
[2013-03-16 15:16:42 | 000,935,175 | ---- | C] () -- C:\Users\dom\Desktop\RSITx64.exe
[2013-03-16 15:10:44 | 000,377,856 | ---- | C] () -- C:\Users\dom\Desktop\gmer.exe
[2013-03-13 20:34:34 | 000,282,014 | ---- | C] () -- C:\Users\dom\Desktop\quadełę.jpg
[2013-03-12 14:56:18 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013-03-12 14:56:18 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013-03-07 18:21:39 | 003,510,632 | ---- | C] () -- C:\Users\dom\Desktop\LeagueofLegends.exe
[2013-02-06 20:53:18 | 000,003,150 | ---- | C] () -- C:\ProgramData\RWvESYd.js
[2013-02-06 20:53:18 | 000,000,153 | ---- | C] () -- C:\ProgramData\RWvESYd.reg
[2013-02-06 20:53:18 | 000,000,077 | ---- | C] () -- C:\ProgramData\RWvESYd.bat
[2013-02-06 20:40:54 | 000,003,149 | ---- | C] () -- C:\ProgramData\Fh59IZN.js
[2013-02-06 20:40:54 | 000,000,153 | ---- | C] () -- C:\ProgramData\Fh59IZN.reg
[2013-02-06 20:40:54 | 000,000,077 | ---- | C] () -- C:\ProgramData\Fh59IZN.bat
[2013-01-29 19:27:14 | 000,000,008 | ---- | C] () -- C:\Windows\313231.INI
[2013-01-26 01:14:46 | 000,524,288 | -HS- | C] () -- C:\Users\dom\ntuser.dat{5705bf44-6743-11e2-8a2b-e0cb4ec21d40}.TMContainer00000000000000000002.regtrans-ms
[2013-01-26 01:14:46 | 000,524,288 | -HS- | C] () -- C:\Users\dom\ntuser.dat{5705bf44-6743-11e2-8a2b-e0cb4ec21d40}.TMContainer00000000000000000001.regtrans-ms
[2013-01-26 01:14:46 | 000,065,536 | -HS- | C] () -- C:\Users\dom\ntuser.dat{5705bf44-6743-11e2-8a2b-e0cb4ec21d40}.TM.blf
[2012-11-15 21:20:14 | 000,000,741 | ---- | C] () -- C:\Users\dom\.recently-used.xbel
[2012-11-09 18:26:58 | 004,792,320 | ---- | C] () -- C:\Users\dom\ntuser.dat.iobit
[2012-11-07 21:59:00 | 005,242,880 | ---- | C] () -- C:\Users\dom\ntuser.dat
[2012-08-17 19:07:54 | 000,384,835 | ---- | C] () -- C:\Users\dom\AppData\Local\speeddial.crx
[2012-07-04 06:34:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-07-04 06:34:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-04-18 18:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-03-16 14:42:18 | 000,524,288 | -HS- | C] () -- C:\Users\dom\ntuser.dat{bc2529e7-6f6d-11e1-87da-e0cb4ec21d40}.TMContainer00000000000000000002.regtrans-ms
[2012-03-16 14:42:18 | 000,524,288 | -HS- | C] () -- C:\Users\dom\ntuser.dat{bc2529e7-6f6d-11e1-87da-e0cb4ec21d40}.TMContainer00000000000000000001.regtrans-ms
[2012-03-16 14:42:18 | 000,065,536 | -HS- | C] () -- C:\Users\dom\ntuser.dat{bc2529e7-6f6d-11e1-87da-e0cb4ec21d40}.TM.blf
[2012-01-01 14:00:23 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011-12-15 09:21:32 | 000,460,624 | ---- | C] () -- C:\Users\dom\AppData\Local\promo.exe
[2011-09-28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-07-09 21:21:59 | 000,000,026 | ---- | C] () -- C:\Windows\NeoSetup.INI
[2011-06-03 15:44:52 | 000,198,144 | ---- | C] () -- C:\Users\dom\rld.dll
[2011-06-03 15:44:52 | 000,037,752 | ---- | C] () -- C:\Users\dom\SetupHelper.exe
[2011-04-09 15:53:01 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011-04-01 04:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011-04-01 04:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011-04-01 04:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010-08-25 11:30:35 | 000,007,603 | ---- | C] () -- C:\Users\dom\AppData\Local\Resmon.ResmonCfg
[2010-08-09 16:25:09 | 000,000,091 | ---- | C] () -- C:\Users\dom\AppData\Local\fusioncache.dat
[2010-05-14 19:29:45 | 000,046,080 | ---- | C] () -- C:\Users\dom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-07 11:54:54 | 000,524,288 | -HS- | C] () -- C:\Users\dom\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010-05-07 11:54:54 | 000,524,288 | -HS- | C] () -- C:\Users\dom\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010-05-07 11:54:54 | 000,065,536 | -HS- | C] () -- C:\Users\dom\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010-05-07 11:54:54 | 000,000,020 | -HS- | C] () -- C:\Users\dom\ntuser.ini
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2012-07-07 09:24:17 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\.minecraft
[2013-01-21 15:20:06 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\.mono
[2013-01-21 20:02:00 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\.spoutcraft
[2012-02-18 16:24:38 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\AVG2012
[2011-12-15 14:07:08 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Babylon
[2013-03-15 19:16:59 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\BitTorrent
[2013-03-06 21:59:25 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Condusiv_Technologies
[2013-03-15 14:19:08 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\DAEMON Tools Lite
[2013-03-06 21:59:25 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Downloaded Installations
[2012-12-16 22:15:59 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Funmoods
[2013-03-06 21:59:25 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\FunnyGames
[2013-03-06 21:59:25 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Gadu-Gadu 10
[2013-03-06 21:59:25 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\GG
[2013-03-06 21:59:26 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\ijjigame
[2013-01-21 19:55:53 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\inkscape
[2012-11-15 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\IObit
[2010-09-01 19:46:20 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\LolClient
[2012-05-17 07:57:38 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\LolClient2
[2010-05-10 21:12:52 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Nowe Gadu-Gadu
[2012-11-27 19:59:23 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\OpenCandy
[2010-05-10 21:50:30 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\OpenFM
[2012-09-16 16:21:05 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Opera
[2012-03-08 20:29:05 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Origin
[2012-12-16 22:16:00 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\PDFCreatorPackages
[2013-03-07 18:12:51 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\RenPy
[2013-01-25 10:35:49 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\SplitMediaLabs
[2011-12-30 22:20:53 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Stykz
[2011-12-30 22:18:00 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Stykz Help
[2011-02-27 14:08:52 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\The Creative Assembly
[2010-08-24 19:55:02 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Touchstone
[2012-11-15 16:46:08 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\TS3Client
[2012-11-27 19:59:58 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\TuneUp Software
[2012-07-02 19:36:06 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\Tunngle
[2010-08-09 11:21:59 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\W
[2010-08-09 10:44:45 | 000,000,000 | ---D | M] -- C:\Users\dom\AppData\Roaming\wargaming.net
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 824041 bytes -> C:\Windows\Temp:temp
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >Warto jeszcze wspomnieć, że nie działają te "zaawansowane" funkcje. Sam program może się otworzyć ale funkcje w nim zawarte nie działają np. w odkurzaczu albo ccleanerze, sam program się otwiera ale nie reaguje gdy chcę go użyć do skanowania.
Aplikacje się nie włączają Windows7
15 03 2013 - 19:56
Po włączeniu kompa mam taki problem, że niektóre programy/aplikacje nie działają. Np po kliknięciu na ikonkę opery lub innych przeglądarek nie chcą się włączyć (wygląda to w ten sposób, że kółeczko obok kursora sobie się kręci, ale mimo wszystko nie chce się włączyć). Foldery otwierają się bez problemu, dokumenty tekstowe też. Taki "odkurzacz" też działa, o grach nie ma co gadać. Największy problem jest z przeglądarkami. Żeby sprawdzić czy nie jest to po prostu wielki zamuł zostawiłem kompa na 30 minut po włączeniu (nic nie dotykałem po zalogowaniu się) i wciąż jest ten sam problem. Uwaga w trybie awaryjnym wszystko śmiga. Ten cały problem pojawił się z dnia na dzień.
- Forum Komputerowe Tweaks.pl
- → Przeglądanie profilu: Tematy: Sup Sis feggit meggit xoxo
- Polityka prywatności
- Szukaj
- Regulamin Forum ·
