Skocz do zawartości

  • 👋 Witaj na MPCForum!

    Przeglądasz forum jako gość, co oznacza, że wiele świetnych funkcji jest jeszcze przed Tobą! 😎

    • Pełny dostęp do działów i ukrytych treści
    • Możliwość pisania i odpowiadania w tematach
    • System prywatnych wiadomości
    • Zbieranie reputacji i rozwijanie swojego profilu
    • Członkostwo w jednej z największych społeczności graczy

    👉 Dołączenie zajmie Ci mniej niż minutę – a zyskasz znacznie więcej!

    Zarejestruj się teraz
  • 0

Wywalanie do pulpitu podczas gry.

Tarize

Pytanie zadane przez Tarize ,

Pytanie

Tarize Specjalista

Tarize

Opublikowano
Specjalista

Tarize

Opublikowano

Wywala mnie do pulpitu jak gram w jakąkolwiek gre, a jak siedzę np. na chromie to nie wywala.

 

OTL :

OTL logfile created on: 2014-06-25 14:26:08 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dominik\Pobrane
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,78% Memory free
4,00 Gb Paging File | 2,37 Gb Available in Paging File | 59,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 70,17 Gb Free Space | 71,85% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 92,05 Gb Free Space | 94,26% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 96,94 Gb Free Space | 99,27% Space Free | Partition Type: NTFS
Drive F: | 75,13 Gb Total Space | 67,53 Gb Free Space | 89,88% Space Free | Partition Type: NTFS
Drive G: | 22,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 3,70 Gb Total Space | 1,02 Gb Free Space | 27,62% Space Free | Partition Type: FAT32
 
Computer Name: DOMINIK- | User Name: Dominik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-06-25 14:22:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominik\Pobrane\OTL.exe
PRC - [2014-06-05 19:08:20 | 003,890,208 | ---- | M] (AVAST Software) -- E:\Avast\avastui.exe
PRC - [2014-06-05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-05-12 12:59:53 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- E:\Blueconnect\DataCardMonitor.exe
PRC - [2014-05-12 12:59:52 | 000,114,688 | ---- | M] () -- E:\Blueconnect\blueconnect.exe
PRC - [2014-04-26 01:42:26 | 000,050,344 | ---- | M] (AVAST Software) -- E:\Avast\AvastSvc.exe
PRC - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009-06-23 16:43:40 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Dominik\AppData\Roaming\blueconnect\ouc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-06-05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014-06-05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014-06-05 15:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014-06-05 15:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014-06-05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014-05-12 12:59:52 | 000,114,688 | ---- | M] () -- E:\Blueconnect\blueconnect.exe
MOD - [2014-01-11 23:28:01 | 019,336,120 | ---- | M] () -- E:\Avast\libcef.dll
MOD - [2009-07-14 18:20:30 | 000,860,160 | ---- | M] () -- E:\Blueconnect\NDISAPI.dll
MOD - [2009-05-31 17:06:16 | 000,217,088 | ---- | M] () -- E:\Blueconnect\DeviceMgrUIPlugin.dll
MOD - [2009-05-31 15:07:52 | 000,159,744 | ---- | M] () -- E:\Blueconnect\SMSPlugin.dll
MOD - [2009-05-31 14:57:08 | 000,139,264 | ---- | M] () -- E:\Blueconnect\NetInfoPlugin.dll
MOD - [2009-05-20 11:41:28 | 000,061,440 | ---- | M] () -- E:\Blueconnect\SpeedManagerPlugin.dll
MOD - [2009-04-21 17:12:50 | 000,090,112 | ---- | M] () -- E:\Blueconnect\DialUpPlugin.dll
MOD - [2009-04-21 17:11:50 | 000,065,536 | ---- | M] () -- E:\Blueconnect\ConfigFilePlugin.dll
MOD - [2009-04-21 17:11:28 | 000,098,304 | ---- | M] () -- E:\Blueconnect\DeviceMgrPlugin.dll
MOD - [2009-03-10 20:08:16 | 000,155,648 | R--- | M] () -- E:\Blueconnect\DetectDev.dll
MOD - [2009-03-10 20:08:16 | 000,061,440 | R--- | M] () -- E:\Blueconnect\XCodec.dll
MOD - [2009-03-10 20:08:16 | 000,061,440 | R--- | M] () -- E:\Blueconnect\DeviceOperate.dll
MOD - [2009-03-10 20:08:14 | 000,561,152 | R--- | M] () -- E:\Blueconnect\atcomm.dll
MOD - [2009-01-09 11:31:54 | 000,139,264 | ---- | M] () -- E:\Blueconnect\LocaleMgrPlugin.dll
MOD - [2009-01-09 11:30:38 | 000,032,768 | ---- | M] () -- E:\Blueconnect\NotifyServicePlugin.dll
MOD - [2008-11-08 10:52:10 | 000,090,112 | R--- | M] () -- E:\Blueconnect\FileManager.dll
MOD - [2008-11-08 10:52:08 | 000,014,848 | R--- | M] () -- E:\Blueconnect\isaputrace.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012-07-04 08:20:54 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014-04-26 01:42:26 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- E:\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014-06-17 16:37:44 | 000,061,112 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys -- ({0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64)
DRV:64bit: - [2014-05-15 13:42:53 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014-05-15 13:42:53 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014-05-15 13:42:53 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014-05-10 15:55:12 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2014-05-10 15:55:12 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2014-04-26 01:42:29 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014-04-26 01:42:29 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014-04-26 01:42:29 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014-04-26 01:42:29 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014-04-26 01:42:29 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2013-12-19 15:11:27 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012-07-04 14:48:00 | 000,093,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis)
DRV:64bit: - [2012-07-04 08:59:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012-07-04 08:59:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012-07-04 07:10:56 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012-07-03 12:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012-07-03 12:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012-02-23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011-03-25 12:41:48 | 000,022,552 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rstfltr.sys -- (rstfltr)
DRV:64bit: - [2011-03-25 12:41:44 | 000,607,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rstescu1.sys -- (rstescu1)
DRV:64bit: - [2011-03-25 12:41:42 | 000,607,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rstescu.sys -- (rstescu)
DRV:64bit: - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010-11-21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-11-21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-09-13 19:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010-03-31 15:30:58 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010-03-31 15:30:58 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2000-01-01 02:00:00 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.amaizingsearches.info/?pid=34&r=2014/04/23&hid=10619798421346959200&lg=EN&cc=PL&unqvl=51
IE - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\..\SearchScopes\{8BDCC1E9-9E6A-4CDE-8ACD-C8026E7351B6}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms}
IE - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=34&r=2014/04/23&hid=10619798421346959200&lg=EN&cc=PL&unqvl=51
IE - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\..\SearchScopes\{CCC560C5-9C21-4E78-A525-AF30A4B6E625}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10809
IE - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: E:\Avast\WebRep\FF [2014-04-26 01:42:30 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dysk Google = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Brushed = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\
CHR - Extension: YouTube = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.3_0\
CHR - Extension: Arcane Legends = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido\1.1.0.0_0\
CHR - Extension: Google Wallet = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {1E8E2518-8C35-43B6-A669-E2B2842FB192} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\..\Toolbar\WebBrowser: (no name) - {1E8E2518-8C35-43B6-A669-E2B2842FB192} - No CLSID value found.
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] E:\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DataCardMonitor] E:\Blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001..\Run: [HW_OPENEYE_OUC_blueconnect] E:\Blueconnect\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\..Trusted Domains: aol.com ([objects] * is out of MPCforum range -  5)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{025EB583-5A0F-4F9C-BD45-61B47965E763}: NameServer = 217.116.104.104 217.116.100.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1101857A-746E-4646-AB5F-984DB67E0BF0}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E10F004-2764-48A8-BD82-6E89D8959B35}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C43B035-532C-424E-B4C6-F78987E42D04}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D506B006-F9F8-48DB-A7D2-4ED1EA5DF4DE}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF44BD61-5C7C-4E9A-AE4D-19B67489AC12}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDDEC852-246F-4F19-A926-B0FA08898217}: DhcpNameServer = 192.168.42.129
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-04-30 19:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009-05-03 19:59:04 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{09f99816-892e-11e3-95df-001d7d9ca4de}\Shell - "" = AutoRun
O33 - MountPoints2\{09f99816-892e-11e3-95df-001d7d9ca4de}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{14e35f4d-60e7-11e3-80db-001d7d9ca4de}\Shell - "" = AutoRun
O33 - MountPoints2\{14e35f4d-60e7-11e3-80db-001d7d9ca4de}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009-04-30 19:48:12 | 000,126,976 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{6884c8df-ab40-11e3-bb91-001d7d9ca4de}\Shell - "" = AutoRun
O33 - MountPoints2\{6884c8df-ab40-11e3-bb91-001d7d9ca4de}\Shell\AutoRun\command - "" = J:\autorun.exe
O33 - MountPoints2\{759e0d54-c3b5-11e3-bb71-001d7d9ca4de}\Shell - "" = AutoRun
O33 - MountPoints2\{759e0d54-c3b5-11e3-bb71-001d7d9ca4de}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{ac750219-9110-11e3-ad5f-001d7d9ca4de}\Shell - "" = AutoRun
O33 - MountPoints2\{ac750219-9110-11e3-ad5f-001d7d9ca4de}\Shell\AutoRun\command - "" = K:\setup.exe
O33 - MountPoints2\{c6299175-5e6a-11e3-83d8-001d7d9ca4de}\Shell - "" = AutoRun
O33 - MountPoints2\{c6299175-5e6a-11e3-83d8-001d7d9ca4de}\Shell\AutoRun\command - "" = K:\LGAutoRun.exe
O33 - MountPoints2\{c9f23ac6-d9c3-11e3-9cbc-001d7d9ca4de}\Shell - "" = AutoRun
O33 - MountPoints2\{c9f23ac6-d9c3-11e3-9cbc-001d7d9ca4de}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{e36eaa9b-898f-11e3-a166-001d7d9ca4de}\Shell - "" = AutoRun
O33 - MountPoints2\{e36eaa9b-898f-11e3-a166-001d7d9ca4de}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{f1046056-8eb4-11e3-b3c2-001d7d9ca4de}\Shell - "" = AutoRun
O33 - MountPoints2\{f1046056-8eb4-11e3-b3c2-001d7d9ca4de}\Shell\AutoRun\command - "" = J:\Install.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-06-25 13:17:56 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
[2014-06-24 19:14:26 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Favorites
[2014-06-24 19:10:33 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Videos
[2014-06-24 19:10:33 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Pictures
[2014-06-24 19:10:33 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Dokumenty\Music
[2014-06-24 19:02:52 | 000,000,000 | R--D | C] -- C:\Users\Dominik\Searches
[2014-06-22 21:24:20 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014-06-22 21:24:20 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014-06-22 12:08:32 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014-06-22 12:08:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014-06-21 12:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2014-06-21 11:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2014-06-20 22:03:06 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Adobe
[2014-06-20 19:46:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014-06-20 16:34:35 | 000,699,056 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-06-20 16:34:35 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-06-20 12:34:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014-06-20 12:33:16 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Google
[2014-06-20 12:33:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014-06-18 14:39:23 | 000,061,112 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
[2014-06-18 13:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014-06-09 21:00:53 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll
[2014-06-08 15:17:00 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\uTorrent
[2014-06-06 15:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2014-06-04 18:35:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014-06-04 17:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\MTA San Andreas All
[2014-06-04 15:28:12 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\TS3Client
[2014-06-04 15:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2014-06-04 15:28:06 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2014-06-03 17:28:09 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\Riot Games
[2014-06-02 17:36:28 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Roaming\WinRAR
[2014-06-01 06:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014-05-28 17:36:04 | 000,000,000 | ---D | C] -- C:\Users\Dominik\AppData\Local\Programs
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014-06-25 14:15:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-06-25 13:42:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001.job
[2014-06-25 13:38:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-06-25 12:38:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-06-25 12:28:26 | 000,030,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-06-25 12:28:26 | 000,030,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-06-25 12:21:05 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2014-06-24 00:00:37 | 001,670,862 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-06-24 00:00:37 | 000,740,520 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-06-24 00:00:37 | 000,654,328 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-06-24 00:00:37 | 000,156,070 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-06-24 00:00:37 | 000,122,200 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-06-20 19:52:39 | 001,642,532 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-06-20 16:34:35 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-06-20 16:34:35 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-06-17 16:37:44 | 000,061,112 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
[2014-06-02 17:56:09 | 000,013,421 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2014-06-02 17:56:03 | 004,949,952 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2014-06-02 17:56:02 | 000,015,834 | ---- | M] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp.dat
[2014-05-30 20:32:56 | 097,807,385 | ---- | M] () -- C:\ProgramData\Tibia_spr.bak
[2014-05-30 20:32:52 | 001,267,981 | ---- | M] () -- C:\ProgramData\Tibia_dat.bak
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014-06-20 12:33:22 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-06-20 12:33:20 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-06-02 17:56:09 | 000,013,421 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2014-06-02 17:56:02 | 004,949,952 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2014-06-02 17:56:02 | 000,015,834 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp.dat
[2014-05-30 20:32:52 | 001,267,981 | ---- | C] () -- C:\ProgramData\Tibia_dat.bak
[2014-05-17 18:51:14 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2014-05-12 13:17:44 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2014-03-29 10:52:12 | 001,642,532 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-03-19 09:00:17 | 000,007,597 | ---- | C] () -- C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
[2014-01-29 23:55:20 | 097,807,385 | ---- | C] () -- C:\ProgramData\Tibia_spr.bak
[2014-01-11 23:24:12 | 000,000,218 | ---- | C] () -- C:\Users\Dominik\AppData\Local\recently-used.xbel
[2013-07-20 20:44:48 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013-07-19 15:29:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-07-04 07:34:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-07-04 07:34:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
 
========== ZeroAccess Check ==========
 
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010-11-21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014-01-12 12:21:05 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\AVAST Software
[2014-02-13 07:20:53 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\blueconnect
[2014-06-03 23:04:45 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Riot Games
[2014-06-24 19:15:03 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TS3Client
[2014-06-20 14:18:04 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 40 bytes -> C:\ProgramData:NT
@Alternate Data Stream - 160 bytes -> C:\ProgramData\MTA San Andreas All:NT2
@Alternate Data Stream - 160 bytes -> C:\ProgramData:NT2
 
< End of report >
 

 

Extras :

OTL Extras logfile created on: 2014-06-25 14:26:08 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dominik\Pobrane
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,78% Memory free
4,00 Gb Paging File | 2,37 Gb Available in Paging File | 59,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 70,17 Gb Free Space | 71,85% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 92,05 Gb Free Space | 94,26% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 96,94 Gb Free Space | 99,27% Space Free | Partition Type: NTFS
Drive F: | 75,13 Gb Total Space | 67,53 Gb Free Space | 89,88% Space Free | Partition Type: NTFS
Drive G: | 22,19 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 3,70 Gb Total Space | 1,02 Gb Free Space | 27,62% Space Free | Partition Type: FAT32
 
Computer Name: DOMINIK- | User Name: Dominik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1292607441-2060179595-2062723199-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{176A52F4-D7EC-47E0-9DF0-9F46EA509756}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{18E13F10-D25F-4BA1-B639-4402719FA32F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{255D70A0-643D-4190-BD11-8EF6A686694E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2A3F111B-C0AC-485C-B84A-9B0EE77B62B0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{3D077CCF-3149-4219-A3B7-BA50B647CF4E}" = lport=137 | protocol=17 | dir=in | app=system | 
"{435C425F-7956-4C30-A04D-366D59DFECFE}" = lport=139 | protocol=6 | dir=in | app=system | 
"{4F5718A1-06B9-477D-B998-5D9C6B7150C1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5CEC19EB-8EDE-4CB4-926E-3ACC032C8804}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{5FB953E3-895F-4EC3-9140-41BD24E9B738}" = lport=138 | protocol=17 | dir=in | app=system | 
"{6524B25D-ECB4-4BA7-AC5F-041630FDFA3A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7D42D3D1-B418-4634-B363-D63DEB1964F4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7F514A53-243E-4BC8-A4DC-2581FE759EBD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{7F6FC816-03D9-4891-BB96-6B32B021257E}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{842A7731-C7DB-480F-8E96-7DF024757430}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{90973107-EDFD-4C45-A632-0DC23FD3799B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{92622798-96BB-42D0-A952-0627DCBC7FBA}" = lport=445 | protocol=6 | dir=in | app=system | 
"{AE760457-04E3-4D28-AD77-646F771FECDC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C494A2D8-000C-4A9D-927C-181CED041040}" = rport=445 | protocol=6 | dir=out | app=system | 
"{CC92688A-8EEF-4CE1-9852-F45C9BAACC42}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D593C63A-7F1A-412F-9B1F-AC0AC4E971A4}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D6B51E43-CB47-43DC-8F62-56C98760D993}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E9763368-B31B-404B-83EF-722749985410}" = rport=137 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0334C3A4-D907-4D92-8943-00E6B86B7F43}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0E8D5D1E-6D64-4FE4-ACB3-308FAC32525E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2D045B6E-9200-4773-A6ED-46F0B5290D92}" = protocol=58 | dir=in | [email protected],-28545 | 
"{2E06F5BC-A4C1-4B06-BB21-CB6544A56622}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3CBD6849-9E55-45D7-B780-09BADD3CB3DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{52867E24-E9EE-4342-9FFE-366791792A11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{532B5648-108E-4A0B-A3B4-CBAD5ECE20F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5DFDEC8B-F755-4075-8493-E95C5D7A7FC3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{697D8CCF-869B-4138-A26D-BC2AB9C9BBE1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{6C4FC9CF-9125-4600-9D04-0BB3D0AADCD7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6C6A0001-EF29-48C1-BDD2-58BD9BF3869C}" = protocol=6 | dir=in | app=c:\users\dominik\appdata\roaming\utorrent\utorrent.exe | 
"{6EFE508C-D576-4796-AC6B-36D77DA0B625}" = protocol=1 | dir=out | [email protected],-28544 | 
"{7F0529BA-B7FC-488F-B049-E1AF4CB555A9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{96FDE98F-1E6B-49A2-AD63-D74F6E2F5AE7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9A02251A-7B28-46E4-9EA2-B9578DA13449}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C1CF47BC-1776-4FE1-97D2-FD0A0AB4BA9D}" = protocol=1 | dir=in | [email protected],-28543 | 
"{C29BC12E-758A-4CAD-A853-BFB909910155}" = protocol=6 | dir=out | app=system | 
"{CDDFD636-2DE5-43F9-96D6-44231D08FB23}" = protocol=17 | dir=in | app=c:\users\dominik\appdata\roaming\utorrent\utorrent.exe | 
"{E750775A-D59E-4F72-9E49-DD36C97AF514}" = protocol=58 | dir=out | [email protected],-28546 | 
"{F19FA66B-3121-4440-A285-6A6BECB61647}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F59DAD9A-46AC-4DB9-9D57-C17D3D96B97C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1012456A-D118-37E0-E837-34AA28602013}" = AMD Drag and Drop Transcoding
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{68CA3A47-3F7E-0E92-DC0D-5B0C02D9AFAD}" = ccc-utility64
"{6BB150E8-6CBB-5F8F-CAE7-BE21B2C92D31}" = AMD Accelerated Video Transcoding
"{914F7627-B645-9895-F723-BAEAAC865E75}" = AMD Catalyst Install Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK
"{94C42BE9-B62A-3558-A793-AD49B354F7AA}" = Microsoft .NET Framework 4.5 PLK Language Pack
"{DA3372D5-F228-5C71-3FAC-177D4AEE8659}" = AMD Media Foundation Decoders
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = HWMonitor
"Defraggler" = Defraggler
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 5.0.1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D45A4B-D7F5-C03E-1650-885756303D13}" = CCC Help Norwegian
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 55
"{284E9E9A-D8BE-3588-D0BA-E9BB61970A1D}" = CCC Help Hungarian
"{30E18A93-982E-AF1B-D646-E8C5DAECA390}" = CCC Help French
"{4021F8B5-E8BB-D0F9-AF28-4970013FAE3D}" = Catalyst Control Center
"{470D66DF-B597-124E-EDCE-8B966AA5F230}" = CCC Help Portuguese
"{483924A6-52C5-9169-0280-14272D5FBA70}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57AE1BE1-24E8-4169-D52C-ABE31BD91562}" = CCC Help Finnish
"{5B5745F7-23EF-9E5E-6689-512C9FA08222}" = CCC Help English
"{5DB849D6-9392-4FB7-9ABB-87ED433152E5}" = LG United Mobile Drivers
"{625031C9-E249-2A53-C282-C1E9872B211E}" = CCC Help Turkish
"{655E0B5A-7ADF-A052-587F-64F0E59B58E7}" = CCC Help Dutch
"{74437563-D720-0307-90FC-1C351B1041D7}" = Catalyst Control Center Localization All
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{783C086A-159E-4E45-B42C-F6E2C4FB14C0}" = ENBSeries Configurator for GTA San Andreas
"{789A4D10-821B-3FA5-52B0-F0FAEEDED9F4}" = CCC Help Czech
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7BA14A92-C229-5E00-3ADE-8D22F81B849E}" = CCC Help German
"{80A5B901-C7BD-D300-17BA-9E02F18EAB77}" = CCC Help Danish
"{82F505E6-5879-B30A-12B7-7795969D3BBB}" = CCC Help Polish
"{8476003F-6927-8393-C6F4-FAF47D61D00B}" = CCC Help Korean
"{89A2D79E-B3AD-A83A-795F-5645EFF922D3}" = CCC Help Greek
"{89C0F58F-9E5B-2B45-D9DF-7988A54BECA8}" = CCC Help Italian
"{8B91D776-792D-F02B-DE43-BF398549C729}" = CCC Help Spanish
"{8F272838-BDD6-B433-D650-25E231AEFA8A}" = Catalyst Control Center InstallProxy
"{983BE967-28E9-5C78-8851-638DAC4AF66E}" = CCC Help Swedish
"{A707240D-18D3-07F4-AE2E-6AE76C220192}" = CCC Help Japanese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B95AC87D-630B-603F-3F12-AA22B3BBA69C}" = CCC Help Chinese Traditional
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB1C554C-5343-9A69-1B8C-666AF192CA19}" = CCC Help Russian
"{F32D24DD-D787-10F9-D21E-BC3FAB3064CB}" = Catalyst Control Center Graphics Previews Common
"{F8D90583-7BB5-75A9-B23F-A353AD4674BC}" = CCC Help Thai
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"avast" = Avast
"blueconnect" = Blueconnect
"Google Chrome" = Google Chrome
"League of Legends 3.0.0" = League of Legends
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1292607441-2060179595-2062723199-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter-Strike 1.6: New Era" = Counter-Strike 1.6: New Era
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2014-05-26 09:30:52 | Computer Name = Dominik- | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-05-26 09:44:43 | Computer Name = Dominik- | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-05-26 11:46:32 | Computer Name = Dominik- | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-05-26 13:05:50 | Computer Name = Dominik- | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-05-27 03:04:05 | Computer Name = Dominik- | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-05-27 06:17:55 | Computer Name = Dominik- | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-05-27 07:20:06 | Computer Name = Dominik- | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-05-27 10:50:41 | Computer Name = Dominik- | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-05-27 11:23:18 | Computer Name = Dominik- | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-05-27 13:42:54 | Computer Name = Dominik- | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 2014-06-23 04:54:10 | Computer Name = Dominik- | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować 
następującej aktualizacji, ponieważ wystąpił błąd 0x800705b4: Aktualizacja zabezpieczeń
 systemu Windows 7 dla systemów opartych na procesorach x64 (KB2876284).
 
Error - 2014-06-23 04:54:10 | Computer Name = Dominik- | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować 
następującej aktualizacji, ponieważ wystąpił błąd 0x800705b4: Aktualizacja programu
 Microsoft .NET Framework 3.5.1 w systemach Windows 7 i Windows Server 2008 R2 z
 dodatkiem SP1 dla komputerów z procesorem x64 (KB2836943).
 
Error - 2014-06-23 05:00:20 | Computer Name = Dominik- | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego 
lub systemowego:   cdrom
 
Error - 2014-06-23 16:43:49 | Computer Name = Dominik- | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego 
lub systemowego:   cdrom
 
Error - 2014-06-23 17:58:46 | Computer Name = Dominik- | Source = DCOM | ID = 10016
Description = 
 
Error - 2014-06-24 06:17:08 | Computer Name = Dominik- | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego 
lub systemowego:   cdrom
 
Error - 2014-06-24 06:40:59 | Computer Name = Dominik- | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego 
lub systemowego:   cdrom
 
Error - 2014-06-24 06:44:07 | Computer Name = Dominik- | Source = Microsoft-Windows-HAL | ID = 12
Description = Oprogramowanie układowe platformy spowodowało uszkodzenie pamięci 
podczas poprzedniego przejścia do innego trybu zasilania systemu. Sprawdź dostępność
 zaktualizowanego oprogramowania układowego przeznaczonego do tego systemu.
 
Error - 2014-06-24 12:54:32 | Computer Name = Dominik- | Source = Service Control Manager | ID = 7034
Description = Usługa RzKLService niespodziewanie zakończyła pracę. Wystąpiło to 
razy: 1.
 
Error - 2014-06-25 08:01:43 | Computer Name = Dominik- | Source = Microsoft-Windows-HAL | ID = 12
Description = Oprogramowanie układowe platformy spowodowało uszkodzenie pamięci 
podczas poprzedniego przejścia do innego trybu zasilania systemu. Sprawdź dostępność
 zaktualizowanego oprogramowania układowego przeznaczonego do tego systemu.
 
 
< End of report >
 

10 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

Tarize Specjalista

Tarize

Opublikowano
Specjalista

Tarize

  • Autor
Opublikowano

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014

Ran by Dominik (administrator) on DOMINIK- on 25-06-2014 20:58:01
Running from C:\Users\Dominik\Pobrane
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) E:\Avast\AvastSvc.exe
(Huawei Technologies Co., Ltd.) C:\Users\Dominik\AppData\Roaming\blueconnect\ouc.exe
(AVAST Software) E:\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Huawei Technologies Co., Ltd.) E:\Blueconnect\DataCardMonitor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() E:\Blueconnect\blueconnect.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [AvastUI.exe] => E:\Avast\AvastUI.exe [3890208 2014-06-05] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DataCardMonitor] => E:\Blueconnect\DataCardMonitor.exe [253952 2014-05-12] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\Run: [HW_OPENEYE_OUC_blueconnect] => E:\Blueconnect\UpdateDog\ouc.exe [110592 2009-06-23] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: J - J:\Install.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {09f99816-892e-11e3-95df-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {14e35f4d-60e7-11e3-80db-001d7d9ca4de} - G:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {6884c8df-ab40-11e3-bb91-001d7d9ca4de} - J:\autorun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {759e0d54-c3b5-11e3-bb71-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {ac750219-9110-11e3-ad5f-001d7d9ca4de} - K:\setup.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {c6299175-5e6a-11e3-83d8-001d7d9ca4de} - K:\LGAutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {c9f23ac6-d9c3-11e3-9cbc-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {e36eaa9b-898f-11e3-a166-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {f1046056-8eb4-11e3-b3c2-001d7d9ca4de} - J:\Install.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.amaizingsearches.info/?pid=34&r=2014/04/23&hid=10619798421346959200&lg=EN&cc=PL&unqvl=51
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=34&r=2014/04/23&hid=10619798421346959200&lg=EN&cc=PL&unqvl=51
SearchScopes: HKCU - {8BDCC1E9-9E6A-4CDE-8ACD-C8026E7351B6} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms}
SearchScopes: HKCU - {CCC560C5-9C21-4E78-A525-AF30A4B6E625} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10809
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} -  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {1E8E2518-8C35-43B6-A669-E2B2842FB192} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKCU - No Name - {1E8E2518-8C35-43B6-A669-E2B2842FB192} -  No File
Tcpip\..\Interfaces\{025EB583-5A0F-4F9C-BD45-61B47965E763}: [NameServer]217.116.104.104 217.116.100.100
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - E:\Avast\WebRep\FF
FF Extension: avast! Online Security - E:\Avast\WebRep\FF [2013-07-19]
 
Chrome: 
=======
CHR Extension: (Dysk Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-20]
CHR Extension: (Brushed) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2014-06-20]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-20]
CHR Extension: (Szukaj w Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-20]
CHR Extension: (AdBlock) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-20]
CHR Extension: (Arcane Legends) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2014-06-20]
CHR Extension: (Google Wallet) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-20]
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-26]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 avast! Antivirus; E:\Avast\AvastSvc.exe [50344 2014-04-26] (AVAST Software)
 
==================== Drivers (Whitelisted) ====================
 
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-26] ()
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2010-03-31] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-03-31] (Huawei Technologies Co., Ltd.)
S3 rstescu; C:\Windows\system32\drivers\rstescu.sys [607256 2011-03-25] (Intel Corporation)
S3 rstescu1; C:\Windows\system32\drivers\rstescu1.sys [607256 2011-03-25] (Intel Corporation)
R0 rstfltr; C:\Windows\System32\drivers\rstfltr.sys [22552 2011-03-25] (Intel Corporation)
R1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64; C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys [61112 2014-06-17] (StdLib)
S3 cpuz136; \??\C:\Users\Dominik\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 wanatw; system32\DRIVERS\wanatw64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-25 20:29 - 2014-06-25 20:29 - 00000000 ____D () C:\Users\Dominik\AppData\Local\VirtualStore
2014-06-25 15:48 - 2014-06-25 20:58 - 00000000 ____D () C:\FRST
2014-06-25 13:17 - 2014-06-25 13:17 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2014-06-24 22:28 - 2014-06-25 20:29 - 00000224 _____ () C:\Windows\setupact.log
2014-06-24 22:28 - 2014-06-24 22:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-23 12:38 - 2014-06-23 12:38 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-22 21:24 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-22 21:24 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-22 21:24 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-22 12:08 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-06-22 12:08 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-06-21 12:06 - 2014-06-24 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-21 11:52 - 2014-06-24 18:54 - 00000000 ____D () C:\ProgramData\Razer
2014-06-20 22:03 - 2014-06-20 22:03 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Adobe
2014-06-20 16:34 - 2014-06-20 16:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 16:34 - 2014-06-20 16:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-20 14:49 - 2014-06-25 20:32 - 01517852 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 12:34 - 2014-06-20 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-20 12:33 - 2014-06-25 20:38 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-20 12:33 - 2014-06-25 20:29 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-20 12:33 - 2014-06-20 12:34 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Google
2014-06-20 12:33 - 2014-06-20 12:34 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-20 12:33 - 2014-06-20 12:33 - 00004046 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 12:33 - 2014-06-20 12:33 - 00003794 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 14:39 - 2014-06-17 16:37 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
2014-06-18 13:35 - 2014-06-18 13:37 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-15 10:57 - 2014-06-15 10:57 - 00000020 ___SH () C:\Users\Dominik\ntuser.ini
2014-06-09 21:00 - 2002-01-05 16:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-06-08 15:17 - 2014-06-20 14:18 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\uTorrent
2014-06-06 15:20 - 2014-06-06 15:20 - 00000000 ____D () C:\ProgramData\GG
2014-06-04 18:35 - 2014-06-05 15:11 - 00000000 ____D () C:\ProgramData\Skype
2014-06-04 17:38 - 2014-06-25 13:04 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-06-04 15:28 - 2014-06-24 19:15 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\TS3Client
2014-06-04 15:28 - 2014-06-04 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-04 15:28 - 2014-06-04 15:28 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-03 17:28 - 2014-06-03 23:04 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Riot Games
2014-06-02 17:56 - 2014-06-02 17:56 - 04949952 _____ () C:\Windows\SysWOW64\SpoonUninstall.exe
2014-06-02 17:56 - 2014-06-02 17:56 - 00015834 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp.dat
2014-06-02 17:56 - 2014-06-02 17:56 - 00013421 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp DSP Effects.dat
2014-06-02 17:36 - 2014-06-02 17:36 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\WinRAR
2014-06-01 06:40 - 2014-06-01 06:40 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 06:40 - 2014-06-01 06:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-30 20:32 - 2014-05-30 20:32 - 01267981 _____ () C:\ProgramData\Tibia_dat.bak
 
==================== One Month Modified Files and Folders =======
 
2014-06-25 20:58 - 2014-06-25 15:48 - 00000000 ____D () C:\FRST
2014-06-25 20:58 - 2013-07-19 15:34 - 00000000 ___RD () C:\Users\Dominik\Pobrane
2014-06-25 20:38 - 2014-06-20 12:33 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-25 20:36 - 2009-07-14 06:45 - 00030928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-25 20:36 - 2009-07-14 06:45 - 00030928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-25 20:32 - 2014-06-20 14:49 - 01517852 _____ () C:\Windows\WindowsUpdate.log
2014-06-25 20:29 - 2014-06-25 20:29 - 00000000 ____D () C:\Users\Dominik\AppData\Local\VirtualStore
2014-06-25 20:29 - 2014-06-24 22:28 - 00000224 _____ () C:\Windows\setupact.log
2014-06-25 20:29 - 2014-06-20 12:33 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-25 20:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-25 13:42 - 2014-02-14 18:47 - 00000348 _____ () C:\Windows\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001.job
2014-06-25 13:18 - 2013-07-19 15:34 - 00000000 ___RD () C:\Users\Dominik\Pulpit
2014-06-25 13:17 - 2014-06-25 13:17 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2014-06-25 13:10 - 2013-09-29 14:29 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-25 13:04 - 2014-06-04 17:38 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-06-24 23:33 - 2014-04-01 14:22 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{84F2BD2A-20E1-4F1F-A209-21F97261E163}
2014-06-24 22:28 - 2014-06-24 22:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-24 19:15 - 2014-06-04 15:28 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\TS3Client
2014-06-24 19:14 - 2013-07-19 15:34 - 00000000 ____D () C:\Users\Dominik
2014-06-24 19:10 - 2013-07-19 15:34 - 00000000 ___RD () C:\Users\Dominik\Dokumenty
2014-06-24 18:58 - 2014-06-21 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-24 18:54 - 2014-06-21 11:52 - 00000000 ____D () C:\ProgramData\Razer
2014-06-24 00:00 - 2013-07-20 01:25 - 00740520 _____ () C:\Windows\system32\perfh015.dat
2014-06-24 00:00 - 2013-07-20 01:25 - 00156070 _____ () C:\Windows\system32\perfc015.dat
2014-06-24 00:00 - 2009-07-14 07:13 - 01670862 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 12:38 - 2014-06-23 12:38 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-23 11:02 - 2013-07-19 16:43 - 00004124 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-20 22:03 - 2014-06-20 22:03 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Adobe
2014-06-20 19:52 - 2014-03-29 10:52 - 01642532 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-20 19:31 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-20 16:34 - 2014-06-20 16:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 16:34 - 2014-06-20 16:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-20 14:18 - 2014-06-08 15:17 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\uTorrent
2014-06-20 14:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-20 14:09 - 2014-04-05 12:10 - 00000000 ___RD () C:\Users\Dominik\Pulpit\Programy
2014-06-20 12:34 - 2014-06-20 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-20 12:34 - 2014-06-20 12:33 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Google
2014-06-20 12:34 - 2014-06-20 12:33 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-20 12:33 - 2014-06-20 12:33 - 00004046 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 12:33 - 2014-06-20 12:33 - 00003794 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 22:58 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-06-18 13:37 - 2014-06-18 13:35 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-17 16:37 - 2014-06-18 14:39 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
2014-06-15 10:57 - 2014-06-15 10:57 - 00000020 ___SH () C:\Users\Dominik\ntuser.ini
2014-06-08 16:09 - 2013-09-29 14:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-06 15:20 - 2014-06-06 15:20 - 00000000 ____D () C:\ProgramData\GG
2014-06-05 15:11 - 2014-06-04 18:35 - 00000000 ____D () C:\ProgramData\Skype
2014-06-04 15:28 - 2014-06-04 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-04 15:28 - 2014-06-04 15:28 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-03 23:04 - 2014-06-03 17:28 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Riot Games
2014-06-03 23:03 - 2014-03-16 01:18 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-06-02 17:56 - 2014-06-02 17:56 - 04949952 _____ () C:\Windows\SysWOW64\SpoonUninstall.exe
2014-06-02 17:56 - 2014-06-02 17:56 - 00015834 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp.dat
2014-06-02 17:56 - 2014-06-02 17:56 - 00013421 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp DSP Effects.dat
2014-06-02 17:36 - 2014-06-02 17:36 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\WinRAR
2014-06-01 06:40 - 2014-06-01 06:40 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 06:40 - 2014-06-01 06:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-31 23:14 - 2013-07-19 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-30 20:32 - 2014-05-30 20:32 - 01267981 _____ () C:\ProgramData\Tibia_dat.bak
2014-05-30 20:32 - 2014-01-29 23:55 - 97807385 _____ () C:\ProgramData\Tibia_spr.bak
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-05-10 19:46
 

==================== End Of Log ============================

 

 

Addition

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014

Ran by Dominik at 2014-06-25 20:59:06
Running from C:\Users\Dominik\Pobrane
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.31633 - BitTorrent Inc.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.20704 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{914F7627-B645-9895-F723-BAEAAC865E75}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70704.0230 - Advanced Micro Devices, Inc.) Hidden
Avast (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Blueconnect (HKLM-x32\...\blueconnect) (Version: 11.302.09.06.49 - Huawei Technologies Co.,Ltd)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0704.122.388 - Nazwa firmy) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0704.0121.388 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0704.122.388 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Counter-Strike 1.6: New Era (HKCU\...\Counter-Strike 1.6: New Era) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
ENBSeries Configurator for GTA San Andreas (HKLM-x32\...\{783C086A-159E-4E45-B42C-F6E2C4FB14C0}) (Version: 1.0.0 - Chaosis Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HWMonitor (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 PLK Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.31.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50709 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
WinRAR 5.0.1 (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
20-06-2014 20:32:01 Installed GTA San Andreas
22-06-2014 10:01:35 Installed GTA San Andreas
22-06-2014 10:56:40 Windows Update
22-06-2014 11:01:37 Windows Update
22-06-2014 19:35:17 Windows Update
23-06-2014 08:56:16 Windows Update
24-06-2014 16:54:56 Removed GTA San Andreas
 
==================== Hosts content: ==========================
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0C4AAD2C-994C-4B13-9D7F-25D06D1C494F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {36CD3BF6-49F9-4F6A-A849-EEF851932478} - System32\Tasks\{F207DD92-F0B7-4A1C-ACC8-C79D7DD8D220} => E:\HWMonitor\HWMonitor.exe [2014-05-05] (CPUID)
Task: {3DB5CA39-0619-4BF5-A348-F82BF950654E} - \bench-sys No Task File <==== ATTENTION
Task: {797A5E6E-6103-4C08-B791-49D31B054F56} - System32\Tasks\avast! Emergency Update => E:\Avast\AvastEmUpdate.exe [2014-04-26] (AVAST Software)
Task: {7EE735BB-DA4F-4493-843B-9656242DF0C6} - System32\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001 => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: {936A7750-B48D-4119-81FF-70F5332897FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-20] (Google Inc.)
Task: {DC042A40-B5AE-4294-A007-97BABB850BA6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-20] (Google Inc.)
Task: C:\Windows\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-07-04 01:16 - 2012-07-04 01:16 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-05-12 12:59 - 2014-05-12 12:59 - 00114688 _____ () E:\Blueconnect\blueconnect.exe
2014-06-25 14:25 - 2014-06-25 14:25 - 02783744 _____ () E:\Avast\defs\14062500\algo.dll
2014-01-11 23:28 - 2014-01-11 23:28 - 19336120 _____ () E:\Avast\libcef.dll
2014-06-20 12:34 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-20 12:34 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-20 12:34 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-20 12:34 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-20 12:34 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-05-12 12:59 - 2008-11-08 10:52 - 00014848 ____R () E:\Blueconnect\isaputrace.dll
2014-05-12 12:59 - 2009-04-21 17:11 - 00098304 _____ () E:\Blueconnect\DeviceMgrPlugin.dll
2014-05-12 12:59 - 2009-05-31 14:57 - 00139264 _____ () E:\Blueconnect\NetInfoPlugin.dll
2014-05-12 12:59 - 2009-04-21 17:12 - 00090112 _____ () E:\Blueconnect\DialUpPlugin.dll
2014-05-12 12:59 - 2009-04-21 17:11 - 00065536 _____ () E:\Blueconnect\ConfigFilePlugin.dll
2014-05-12 12:59 - 2009-07-14 18:20 - 00860160 _____ () E:\Blueconnect\NDISAPI.dll
2014-05-12 12:59 - 2009-03-10 20:08 - 00155648 ____R () E:\Blueconnect\DetectDev.dll
2014-05-12 12:59 - 2009-03-10 20:08 - 00561152 ____R () E:\Blueconnect\atcomm.dll
2014-05-12 12:59 - 2009-03-10 20:08 - 00061440 ____R () E:\Blueconnect\XCodec.dll
2014-05-12 12:59 - 2009-03-10 20:08 - 00061440 ____R () E:\Blueconnect\DeviceOperate.dll
2014-05-12 12:59 - 2009-01-09 11:31 - 00139264 _____ () E:\Blueconnect\LocaleMgrPlugin.dll
2014-05-12 12:59 - 2009-01-09 11:30 - 00032768 _____ () E:\Blueconnect\NotifyServicePlugin.dll
2014-05-12 12:59 - 2009-05-31 17:06 - 00217088 _____ () E:\Blueconnect\DeviceMgrUIPlugin.dll
2014-05-12 12:59 - 2008-11-08 10:52 - 00090112 ____R () E:\Blueconnect\FileManager.dll
2014-05-12 12:59 - 2009-05-31 15:07 - 00159744 _____ () E:\Blueconnect\SMSPlugin.dll
2014-05-12 12:59 - 2009-05-20 11:41 - 00061440 _____ () E:\Blueconnect\SpeedManagerPlugin.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT
AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Dominik\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Dominik\AppData\Roaming:NT2
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\Services: AOL ACS => 3
MSCONFIG\Services: wuauserv => 2
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/25/2014 08:29:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/25/2014 00:21:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 11:10:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 10:29:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 06:57:19 PM) (Source: MsiInstaller) (EventID: 11704) (User: Dominik-)
Description: Product: ENBSeries Configurator for GTA San Andreas -- Error 1704. An installation for Microsoft .NET Framework 4.5 is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?
 
Error: (06/24/2014 06:37:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 00:42:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 00:17:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 10:22:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 09:24:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (06/25/2014 02:01:43 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Oprogramowanie układowe platformy spowodowało uszkodzenie pamięci podczas poprzedniego przejścia do innego trybu zasilania systemu. Sprawdź dostępność zaktualizowanego oprogramowania układowego przeznaczonego do tego systemu.
 
Error: (06/24/2014 06:54:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa RzKLService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (06/24/2014 00:44:07 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Oprogramowanie układowe platformy spowodowało uszkodzenie pamięci podczas poprzedniego przejścia do innego trybu zasilania systemu. Sprawdź dostępność zaktualizowanego oprogramowania układowego przeznaczonego do tego systemu.
 
Error: (06/24/2014 00:40:59 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
cdrom
 
Error: (06/24/2014 00:17:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
cdrom
 
Error: (06/23/2014 11:58:46 PM) (Source: DCOM) (EventID: 10016) (User: Dominik-)
Description: domyślne ustawienia komputeraLokalnyAktywacja{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Dominik-DominikS-1-5-21-1292607441-2060179595-2062723199-1001LocalHost (użycie LRPC)
 
Error: (06/23/2014 10:43:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
cdrom
 
Error: (06/23/2014 11:00:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: 
cdrom
 
Error: (06/23/2014 10:54:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT)
Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x800705b4: Aktualizacja programu Microsoft .NET Framework 3.5.1 w systemach Windows 7 i Windows Server 2008 R2 z dodatkiem SP1 dla komputerów z procesorem x64 (KB2836943).
 
Error: (06/23/2014 10:54:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT)
Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x800705b4: Aktualizacja zabezpieczeń systemu Windows 7 dla systemów opartych na procesorach x64 (KB2876284).
 
 
Microsoft Office Sessions:
=========================
Error: (06/25/2014 08:29:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/25/2014 00:21:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 11:10:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 10:29:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 06:57:19 PM) (Source: MsiInstaller) (EventID: 11704) (User: Dominik-)
Description: Product: ENBSeries Configurator for GTA San Andreas -- Error 1704. An installation for Microsoft .NET Framework 4.5 is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (06/24/2014 06:37:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 00:42:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 00:17:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 10:22:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/24/2014 09:24:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 86%
Total physical RAM: 2046.49 MB
Available physical RAM: 267.54 MB
Total Pagefile: 4092.98 MB
Available Pagefile: 1836.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:97.65 GB) (Free:70 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Gry) (Fixed) (Total:97.65 GB) (Free:92.04 GB) NTFS
Drive e: (Programy) (Fixed) (Total:97.65 GB) (Free:97.02 GB) NTFS
Drive f: (Inne) (Fixed) (Total:75.13 GB) (Free:67.53 GB) NTFS
Drive g: (blueconnect) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
Drive i: (MICROSD) (Removable) (Total:3.7 GB) (Free:1.02 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 58403C30)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=368 GB) - (Type=OF Extended)
 
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 

==================== End Of Log ============================

 

 

Shortcut

 

Users shortcut scan result (x64) Version: 25-06-2014

Ran by Dominik at 2014-06-25 21:00:19
Running from C:\Users\Dominik\Pobrane
Boot Mode: Normal
==================== Shortcuts =============================
 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> E:\WinRar\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> E:\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> E:\HWMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Catalyst Control Center.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\blueconnect\blueconnect.lnk -> E:\Blueconnect\blueconnect.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\blueconnect\Uninstall.lnk -> E:\Blueconnect\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast! Free Antivirus.lnk -> E:\Avast\avastui.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{DEEC1E88-94A4-412C-B64A-1D772535AD58}\PlayTasks\0\Play.lnk -> D:\GTA San Andreas\Multi Theft Auto.exe (No File)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\Pulpit\Programy\Avast.lnk -> E:\Avast\avastui.exe (AVAST Software)
Shortcut: C:\Users\Dominik\Pulpit\Programy\blueconnect.lnk -> E:\Blueconnect\blueconnect.exe ()
Shortcut: C:\Users\Dominik\Pulpit\Programy\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Dominik\Pulpit\Programy\CPUID HWMonitor.lnk -> E:\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\Users\Dominik\Pulpit\Programy\Defraggler.lnk -> C:\Program Files\Defraggler\Defraggler64.exe (Piriform Ltd)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> E:\WinRar\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Dedicated Server.lnk -> D:\CS\hlds.exe (Valve)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Half-Life Singleplayer.lnk -> D:\CS\valve_sp.exe (Valve)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Half-Life.lnk -> D:\CS\hl.exe (Valve)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Uninstall.lnk -> D:\CS\uninst.exe ()
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe (No File)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\blueconnect.lnk -> E:\Blueconnect\blueconnect.exe ()
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CPUID HWMonitor.lnk -> E:\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GG.lnk -> C:\Users\Dominik\AppData\Local\GG\Application\ggapp.exe (No File)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Dominik\AppData\Local\Microsoft\Windows\GameExplorer\{A1CD3E57-E474-4F60-B2BC-6B92D9F98B1E}\PlayTasks\0\Zagraj.lnk -> D:\Counter Strike\hl.exe (No File)
 
 
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Pomoc.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Counter-Strike.lnk -> D:\CS\cstrike.exe (Valve) -> -console
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Counter-Strike.lnk -> D:\CS\cstrike.exe (Valve) -> -console
 
 
 
==================== End of log =============================
 

 

 

 

 

Mam nadzieje, że coś da się zdziałać.

Tarize Specjalista

Tarize

Opublikowano
Specjalista

Tarize

  • Autor
Opublikowano

Ten komunikacik napisałem w notatniku bo wiem, ze ma końcówkę "txt" bo tej opcji w folderach nie mogłem znaleźć która pokazuje .mp3 .exe .txt

 

Ale dalej wywala mnie z cs'a.

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

1. Stwórz plik fixlist.txt i wklej do niego

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.ama...&cc=PL&unqvl=51
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKCU - {8BDCC1E9-9E6A-4CDE-8ACD-C8026E7351B6} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKCU - {CCC560C5-9C21-4E78-A525-AF30A4B6E625} URL = http://search.yahoo....petb&type=10809
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 cpuz136; \??\C:\Users\Dominik\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 wanatw; system32\DRIVERS\wanatw64.sys [X]
R1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64; C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys [61112 2014-06-17] (StdLib)
2014-06-18 14:39 - 2014-06-17 16:37 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
Task: {3DB5CA39-0619-4BF5-A348-F82BF950654E} - \bench-sys No Task File <==== ATTENTION
Task: {7EE735BB-DA4F-4493-843B-9656242DF0C6} - System32\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001 => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION

 

zapisz, umieść obok FRST i w FRST kliknij "fix"

 

2. użyj tfc temp file cleaner http://www.bleepingcomputer.com/download/tfc/

 

3. dostarcz fixlog oraz nowy log FRST.

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

Dziwne, a nie powinien gdyż tfc nie jest narzędziem szkodliwym, czyści tylko pliki tymczasowe zwalniające pamięć na dysku.

 

Czy nadal występuje minimalizowanie się gier?

 

//Edit

 

Zrobiłeś tego fixa? w logu nie widzę żadnej zmiany :v

Tarize Specjalista

Tarize

Opublikowano
Specjalista

Tarize

  • Autor
Opublikowano

Jak użyłem Temp File Cleaner to mi wyskoczył bluescreen i taki raporcik był 

http://websearch.ama...&cc=PL&unqvl=51

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKCU - {8BDCC1E9-9E6A-4CDE-8ACD-C8026E7351B6} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKCU - {CCC560C5-9C21-4E78-A525-AF30A4B6E625} URL = http://search.yahoo....petb&type=10809
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 cpuz136; \??\C:\Users\Dominik\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 wanatw; system32\DRIVERS\wanatw64.sys [X]
R1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64; C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys [61112 2014-06-17] (StdLib)
2014-06-18 14:39 - 2014-06-17 16:37 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
Task: {3DB5CA39-0619-4BF5-A348-F82BF950654E} - \bench-sys No Task File <==== ATTENTION
Task: {7EE735BB-DA4F-4493-843B-9656242DF0C6} - System32\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001 => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
*****************
 
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8BDCC1E9-9E6A-4CDE-8ACD-C8026E7351B6}' => Key deleted successfully.
'HKCR\CLSID\{8BDCC1E9-9E6A-4CDE-8ACD-C8026E7351B6}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}' => Key deleted successfully.
'HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC560C5-9C21-4E78-A525-AF30A4B6E625}' => Key deleted successfully.
'HKCR\CLSID\{CCC560C5-9C21-4E78-A525-AF30A4B6E625}'=> Key not found.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
cpuz136 => Service deleted successfully.
EagleX64 => Service deleted successfully.
wanatw => Service deleted successfully.
{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64 => Service stopped successfully.
{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64 => Service deleted successfully.
C:\Windows\system32\Drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DB5CA39-0619-4BF5-A348-F82BF950654E}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DB5CA39-0619-4BF5-A348-F82BF950654E}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-sys' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EE735BB-DA4F-4493-843B-9656242DF0C6}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EE735BB-DA4F-4493-843B-9656242DF0C6}' => Key deleted successfully.
C:\Windows\System32\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bench-S-1-5-21-1292607441-2060179595-2062723199-1001' => Key deleted successfully.
C:\Windows\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001.job => Moved successfully.
 

==== End of Fixlog ====

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014

Ran by Dominik (administrator) on DOMINIK- on 25-06-2014 20:58:01
Running from C:\Users\Dominik\Pobrane
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) E:\Avast\AvastSvc.exe
(Huawei Technologies Co., Ltd.) C:\Users\Dominik\AppData\Roaming\blueconnect\ouc.exe
(AVAST Software) E:\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Huawei Technologies Co., Ltd.) E:\Blueconnect\DataCardMonitor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() E:\Blueconnect\blueconnect.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [AvastUI.exe] => E:\Avast\AvastUI.exe [3890208 2014-06-05] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DataCardMonitor] => E:\Blueconnect\DataCardMonitor.exe [253952 2014-05-12] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\Run: [HW_OPENEYE_OUC_blueconnect] => E:\Blueconnect\UpdateDog\ouc.exe [110592 2009-06-23] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: J - J:\Install.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {09f99816-892e-11e3-95df-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {14e35f4d-60e7-11e3-80db-001d7d9ca4de} - G:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {6884c8df-ab40-11e3-bb91-001d7d9ca4de} - J:\autorun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {759e0d54-c3b5-11e3-bb71-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {ac750219-9110-11e3-ad5f-001d7d9ca4de} - K:\setup.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {c6299175-5e6a-11e3-83d8-001d7d9ca4de} - K:\LGAutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {c9f23ac6-d9c3-11e3-9cbc-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {e36eaa9b-898f-11e3-a166-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {f1046056-8eb4-11e3-b3c2-001d7d9ca4de} - J:\Install.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.amaizingsearches.info/?pid=34&r=2014/04/23&hid=10619798421346959200&lg=EN&cc=PL&unqvl=51
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=34&r=2014/04/23&hid=10619798421346959200&lg=EN&cc=PL&unqvl=51
SearchScopes: HKCU - {8BDCC1E9-9E6A-4CDE-8ACD-C8026E7351B6} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms}
SearchScopes: HKCU - {CCC560C5-9C21-4E78-A525-AF30A4B6E625} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10809
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} -  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {1E8E2518-8C35-43B6-A669-E2B2842FB192} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKCU - No Name - {1E8E2518-8C35-43B6-A669-E2B2842FB192} -  No File
Tcpip\..\Interfaces\{025EB583-5A0F-4F9C-BD45-61B47965E763}: [NameServer]217.116.104.104 217.116.100.100
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - E:\Avast\WebRep\FF
FF Extension: avast! Online Security - E:\Avast\WebRep\FF [2013-07-19]
 
Chrome: 
=======
CHR Extension: (Dysk Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-20]
CHR Extension: (Brushed) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2014-06-20]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-20]
CHR Extension: (Szukaj w Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-20]
CHR Extension: (AdBlock) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-20]
CHR Extension: (Arcane Legends) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2014-06-20]
CHR Extension: (Google Wallet) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-20]
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-26]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 avast! Antivirus; E:\Avast\AvastSvc.exe [50344 2014-04-26] (AVAST Software)
 
==================== Drivers (Whitelisted) ====================
 
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-26] ()
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2010-03-31] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2010-03-31] (Huawei Technologies Co., Ltd.)
S3 rstescu; C:\Windows\system32\drivers\rstescu.sys [607256 2011-03-25] (Intel Corporation)
S3 rstescu1; C:\Windows\system32\drivers\rstescu1.sys [607256 2011-03-25] (Intel Corporation)
R0 rstfltr; C:\Windows\System32\drivers\rstfltr.sys [22552 2011-03-25] (Intel Corporation)
R1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64; C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys [61112 2014-06-17] (StdLib)
S3 cpuz136; \??\C:\Users\Dominik\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 wanatw; system32\DRIVERS\wanatw64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-25 20:29 - 2014-06-25 20:29 - 00000000 ____D () C:\Users\Dominik\AppData\Local\VirtualStore
2014-06-25 15:48 - 2014-06-25 20:58 - 00000000 ____D () C:\FRST
2014-06-25 13:17 - 2014-06-25 13:17 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2014-06-24 22:28 - 2014-06-25 20:29 - 00000224 _____ () C:\Windows\setupact.log
2014-06-24 22:28 - 2014-06-24 22:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-23 12:38 - 2014-06-23 12:38 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-22 21:24 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-22 21:24 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-22 21:24 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-22 12:08 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-06-22 12:08 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-06-21 12:06 - 2014-06-24 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-21 11:52 - 2014-06-24 18:54 - 00000000 ____D () C:\ProgramData\Razer
2014-06-20 22:03 - 2014-06-20 22:03 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Adobe
2014-06-20 16:34 - 2014-06-20 16:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 16:34 - 2014-06-20 16:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-20 14:49 - 2014-06-25 20:32 - 01517852 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 12:34 - 2014-06-20 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-20 12:33 - 2014-06-25 20:38 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-20 12:33 - 2014-06-25 20:29 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-20 12:33 - 2014-06-20 12:34 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Google
2014-06-20 12:33 - 2014-06-20 12:34 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-20 12:33 - 2014-06-20 12:33 - 00004046 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 12:33 - 2014-06-20 12:33 - 00003794 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 14:39 - 2014-06-17 16:37 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
2014-06-18 13:35 - 2014-06-18 13:37 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-15 10:57 - 2014-06-15 10:57 - 00000020 ___SH () C:\Users\Dominik\ntuser.ini
2014-06-09 21:00 - 2002-01-05 16:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-06-08 15:17 - 2014-06-20 14:18 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\uTorrent
2014-06-06 15:20 - 2014-06-06 15:20 - 00000000 ____D () C:\ProgramData\GG
2014-06-04 18:35 - 2014-06-05 15:11 - 00000000 ____D () C:\ProgramData\Skype
2014-06-04 17:38 - 2014-06-25 13:04 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-06-04 15:28 - 2014-06-24 19:15 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\TS3Client
2014-06-04 15:28 - 2014-06-04 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-04 15:28 - 2014-06-04 15:28 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-03 17:28 - 2014-06-03 23:04 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Riot Games
2014-06-02 17:56 - 2014-06-02 17:56 - 04949952 _____ () C:\Windows\SysWOW64\SpoonUninstall.exe
2014-06-02 17:56 - 2014-06-02 17:56 - 00015834 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp.dat
2014-06-02 17:56 - 2014-06-02 17:56 - 00013421 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp DSP Effects.dat
2014-06-02 17:36 - 2014-06-02 17:36 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\WinRAR
2014-06-01 06:40 - 2014-06-01 06:40 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 06:40 - 2014-06-01 06:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-30 20:32 - 2014-05-30 20:32 - 01267981 _____ () C:\ProgramData\Tibia_dat.bak
 
==================== One Month Modified Files and Folders =======
 
2014-06-25 20:58 - 2014-06-25 15:48 - 00000000 ____D () C:\FRST
2014-06-25 20:58 - 2013-07-19 15:34 - 00000000 ___RD () C:\Users\Dominik\Pobrane
2014-06-25 20:38 - 2014-06-20 12:33 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-25 20:36 - 2009-07-14 06:45 - 00030928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-25 20:36 - 2009-07-14 06:45 - 00030928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-25 20:32 - 2014-06-20 14:49 - 01517852 _____ () C:\Windows\WindowsUpdate.log
2014-06-25 20:29 - 2014-06-25 20:29 - 00000000 ____D () C:\Users\Dominik\AppData\Local\VirtualStore
2014-06-25 20:29 - 2014-06-24 22:28 - 00000224 _____ () C:\Windows\setupact.log
2014-06-25 20:29 - 2014-06-20 12:33 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-25 20:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-25 13:42 - 2014-02-14 18:47 - 00000348 _____ () C:\Windows\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001.job
2014-06-25 13:18 - 2013-07-19 15:34 - 00000000 ___RD () C:\Users\Dominik\Pulpit
2014-06-25 13:17 - 2014-06-25 13:17 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2014-06-25 13:10 - 2013-09-29 14:29 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-25 13:04 - 2014-06-04 17:38 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-06-24 23:33 - 2014-04-01 14:22 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{84F2BD2A-20E1-4F1F-A209-21F97261E163}
2014-06-24 22:28 - 2014-06-24 22:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-24 19:15 - 2014-06-04 15:28 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\TS3Client
2014-06-24 19:14 - 2013-07-19 15:34 - 00000000 ____D () C:\Users\Dominik
2014-06-24 19:10 - 2013-07-19 15:34 - 00000000 ___RD () C:\Users\Dominik\Dokumenty
2014-06-24 18:58 - 2014-06-21 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-24 18:54 - 2014-06-21 11:52 - 00000000 ____D () C:\ProgramData\Razer
2014-06-24 00:00 - 2013-07-20 01:25 - 00740520 _____ () C:\Windows\system32\perfh015.dat
2014-06-24 00:00 - 2013-07-20 01:25 - 00156070 _____ () C:\Windows\system32\perfc015.dat
2014-06-24 00:00 - 2009-07-14 07:13 - 01670862 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 12:38 - 2014-06-23 12:38 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-23 11:02 - 2013-07-19 16:43 - 00004124 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-20 22:03 - 2014-06-20 22:03 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Adobe
2014-06-20 19:52 - 2014-03-29 10:52 - 01642532 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-20 19:31 - 2009-07-14 07:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-20 16:34 - 2014-06-20 16:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-20 16:34 - 2014-06-20 16:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-20 14:18 - 2014-06-08 15:17 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\uTorrent
2014-06-20 14:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-20 14:09 - 2014-04-05 12:10 - 00000000 ___RD () C:\Users\Dominik\Pulpit\Programy
2014-06-20 12:34 - 2014-06-20 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-20 12:34 - 2014-06-20 12:33 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Google
2014-06-20 12:34 - 2014-06-20 12:33 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-20 12:33 - 2014-06-20 12:33 - 00004046 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 12:33 - 2014-06-20 12:33 - 00003794 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 22:58 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-06-18 13:37 - 2014-06-18 13:35 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-17 16:37 - 2014-06-18 14:39 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
2014-06-15 10:57 - 2014-06-15 10:57 - 00000020 ___SH () C:\Users\Dominik\ntuser.ini
2014-06-08 16:09 - 2013-09-29 14:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-06 15:20 - 2014-06-06 15:20 - 00000000 ____D () C:\ProgramData\GG
2014-06-05 15:11 - 2014-06-04 18:35 - 00000000 ____D () C:\ProgramData\Skype
2014-06-04 15:28 - 2014-06-04 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-04 15:28 - 2014-06-04 15:28 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-03 23:04 - 2014-06-03 17:28 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Riot Games
2014-06-03 23:03 - 2014-03-16 01:18 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-06-02 17:56 - 2014-06-02 17:56 - 04949952 _____ () C:\Windows\SysWOW64\SpoonUninstall.exe
2014-06-02 17:56 - 2014-06-02 17:56 - 00015834 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp.dat
2014-06-02 17:56 - 2014-06-02 17:56 - 00013421 _____ () C:\Windows\SysWOW64\SpoonUninstall-dBpoweramp DSP Effects.dat
2014-06-02 17:36 - 2014-06-02 17:36 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\WinRAR
2014-06-01 06:40 - 2014-06-01 06:40 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-01 06:40 - 2014-06-01 06:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-31 23:14 - 2013-07-19 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-30 20:32 - 2014-05-30 20:32 - 01267981 _____ () C:\ProgramData\Tibia_dat.bak
2014-05-30 20:32 - 2014-01-29 23:55 - 97807385 _____ () C:\ProgramData\Tibia_spr.bak
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-05-10 19:46
 

==================== End Of Log ============================

 

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

stwórz plik o nazwie fixlist.txt, wklej do niego

 

 

HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: J - J:\Install.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {09f99816-892e-11e3-95df-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {14e35f4d-60e7-11e3-80db-001d7d9ca4de} - G:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {6884c8df-ab40-11e3-bb91-001d7d9ca4de} - J:\autorun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {759e0d54-c3b5-11e3-bb71-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {ac750219-9110-11e3-ad5f-001d7d9ca4de} - K:\setup.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {c6299175-5e6a-11e3-83d8-001d7d9ca4de} - K:\LGAutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {c9f23ac6-d9c3-11e3-9cbc-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {e36eaa9b-898f-11e3-a166-001d7d9ca4de} - H:\AutoRun.exe
HKU\S-1-5-21-1292607441-2060179595-2062723199-1001\...\MountPoints2: {f1046056-8eb4-11e3-b3c2-001d7d9ca4de} - J:\Install.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.ama...&cc=PL&unqvl=51
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKCU - {8BDCC1E9-9E6A-4CDE-8ACD-C8026E7351B6} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.ama...&cc=PL&unqvl=51
SearchScopes: HKCU - {CCC560C5-9C21-4E78-A525-AF30A4B6E625} URL = http://search.yahoo....petb&type=10809
BHO-x32: No Name - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} -  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {1E8E2518-8C35-43B6-A669-E2B2842FB192} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKCU - No Name - {1E8E2518-8C35-43B6-A669-E2B2842FB192} -  No File
R1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64; C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys [61112 2014-06-17] (StdLib)
S3 cpuz136; \??\C:\Users\Dominik\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 wanatw; system32\DRIVERS\wanatw64.sys [X]
2014-06-18 14:39 - 2014-06-17 16:37 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
Task: {3DB5CA39-0619-4BF5-A348-F82BF950654E} - \bench-sys No Task File <==== ATTENTION
Task: {7EE735BB-DA4F-4493-843B-9656242DF0C6} - System32\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001 => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-S-1-5-21-1292607441-2060179595-2062723199-1001.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
 
zapisz, umieść obok FRST i kliknij "fix"

Zarchiwizowany

Ten temat przebywa obecnie w archiwum. Dodawanie nowych odpowiedzi zostało zablokowane.

Pytania
×
×
  • Dodaj nową pozycję...