Skocz do zawartości

  • 👋 Witaj na MPCForum!

    Przeglądasz forum jako gość, co oznacza, że wiele świetnych funkcji jest jeszcze przed Tobą! 😎

    • Pełny dostęp do działów i ukrytych treści
    • Możliwość pisania i odpowiadania w tematach
    • System prywatnych wiadomości
    • Zbieranie reputacji i rozwijanie swojego profilu
    • Członkostwo w jednej z największych społeczności graczy

    👉 Dołączenie zajmie Ci mniej niż minutę – a zyskasz znacznie więcej!

    Zarejestruj się teraz

Logi z OTL

Kowalsky™

Przez Kowalsky™
w Elektronika - Sprzęt

Rekomendowane odpowiedzi

Kowalsky™ Bywalec

Kowalsky™

Opublikowano
Bywalec

Kowalsky™

Opublikowano

Siem, sprawdzi mi ktoś logi z OTL? bo ostatnio coś net muli, nie wiem czy to wina kompa, czy dostawcy neta, thankss

 

OTL:

 

 

 

OTL logfile created on: 2013-03-17 19:46:53 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\JJ\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 46,50% Memory free
4,00 Gb Paging File | 2,68 Gb Available in Paging File | 67,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,37 Gb Total Space | 70,31 Gb Free Space | 70,05% Space Free | Partition Type: NTFS
Drive D: | 98,86 Gb Total Space | 83,55 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
Drive E: | 98,86 Gb Total Space | 86,81 Gb Free Space | 87,81% Space Free | Partition Type: NTFS
 
Computer Name: JJ-KOMPUTER | User Name: JJ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-03-17 19:38:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JJ\Downloads\OTL.exe
PRC - [2013-03-08 15:38:31 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-03-03 10:04:25 | 001,820,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
PRC - [2013-02-27 15:37:26 | 003,381,824 | ---- | M] (GG Network S.A.) -- C:\Users\JJ\AppData\Local\GG\Application\gghub.exe
PRC - [2013-02-09 19:36:42 | 000,154,176 | ---- | M] (GG Network S.A.) -- C:\Users\JJ\AppData\Local\GG\Application\ggapp.exe
PRC - [2013-01-03 12:42:57 | 001,259,448 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-01-03 09:38:31 | 000,865,208 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-11-23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 22:29:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
PRC - [2009-07-14 02:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2009-06-05 17:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2009-05-18 13:29:16 | 003,866,624 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SoundMAX.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-03-08 15:38:30 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-03-03 10:04:25 | 014,718,320 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_171.dll
MOD - [2013-02-09 19:36:42 | 001,945,600 | ---- | M] () -- C:\Users\JJ\AppData\Local\GG\Application\xulrunner\mozjs.dll
MOD - [2012-10-31 14:58:50 | 009,816,192 | ---- | M] () -- C:\Users\JJ\AppData\Local\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2012-01-08 14:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013-03-08 15:38:30 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-02-09 19:41:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013-01-03 12:42:57 | 001,259,448 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-12-19 09:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-12-16 18:37:24 | 005,124,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010-11-20 22:29:25 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010-11-20 22:29:25 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010-11-20 22:29:25 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-06-05 17:42:04 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\JJ\AppData\Local\Temp\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - [2013-02-09 19:56:22 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013-01-03 12:42:57 | 010,919,864 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012-11-09 15:33:32 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012-11-09 15:33:32 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012-11-09 15:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012-11-09 15:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012-11-09 15:33:30 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012-11-09 15:33:30 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012-10-17 13:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012-08-23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012-08-23 15:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012-08-23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011-12-15 20:29:42 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2010-11-01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2010-08-03 16:25:28 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tapoas.sys -- (tapoas)
DRV - [2009-07-14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2004-08-13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
 
 
[color=#E56717]========== Standard Registry (All) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
 
 
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
IE - HKU\S-1-5-21-2443643808-3435760982-3213442207-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-2443643808-3435760982-3213442207-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-2443643808-3435760982-3213442207-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2443643808-3435760982-3213442207-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2443643808-3435760982-3213442207-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2443643808-3435760982-3213442207-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2443643808-3435760982-3213442207-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 85.185.149.31:80
 
IE - HKU\S-1-5-21-2443643808-3435760982-3213442207-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledAddons: support%40real-hide-ip.com:1.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..network.proxy.backup.ftp: "213.232.193.70"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.socks: "213.232.193.70"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "213.232.193.70"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "213.232.193.70"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.http: "213.232.193.70"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "213.232.193.70"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "213.232.193.70"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DAP\daplinkchecker [2013-02-09 18:41:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-03-08 15:38:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013-02-24 11:02:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JJ\AppData\Roaming\mozilla\Extensions
[2013-02-24 11:02:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JJ\AppData\Roaming\mozilla\Extensions\net.openvpn.client
[2013-02-23 20:09:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JJ\AppData\Roaming\mozilla\Firefox\Profiles\xnaw3uei.default\extensions
[2013-02-23 20:09:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\JJ\AppData\Roaming\mozilla\Firefox\Profiles\xnaw3uei.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013-02-23 13:17:00 | 000,004,527 | ---- | M] () (No name found) -- C:\Users\JJ\AppData\Roaming\mozilla\firefox\profiles\xnaw3uei.default\extensions\[email protected]
[2013-03-08 15:38:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-03-08 15:38:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-03-08 15:38:31 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013-03-04 17:53:35 | 000,002,980 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2013-03-04 17:53:35 | 000,001,619 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2013-03-04 17:53:35 | 000,002,669 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2013-03-04 17:53:35 | 000,001,130 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2013-03-04 17:53:35 | 000,001,071 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2013-03-04 17:53:35 | 000,001,396 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2013-03-04 17:53:35 | 000,001,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min File not found
O4 - HKLM..\Run: [SoundMax] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-2443643808-3435760982-3213442207-1000..\Run: [GG] C:\Users\JJ\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-2443643808-3435760982-3213442207-1003..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2443643808-3435760982-3213442207-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D6AE855-E4C9-47B7-A6A0-8BF3AC353EAE}: NameServer = 194.204.159.1,194.204.152.34
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-03-17 12:07:08 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Local\IsolatedStorage
[2013-03-17 12:07:07 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\urlEBYt
[2013-03-16 13:07:46 | 000,000,000 | ---D | C] -- C:\Users\JJ\Documents\Nokia Suite
[2013-03-16 13:07:28 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Local\NokiaAccount
[2013-03-16 13:05:29 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Local\Nokia
[2013-03-16 13:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2013-03-16 13:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2013-03-16 13:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2013-03-16 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\Nokia
[2013-03-16 12:14:08 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\PC Suite
[2013-03-16 12:14:06 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2013-03-16 12:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2013-03-16 12:13:35 | 000,019,072 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2013-03-16 12:13:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013-03-16 12:13:12 | 000,075,264 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2013-03-16 12:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2013-03-16 12:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2013-03-10 17:18:09 | 000,483,328 | ---- | C] (Simon Tatham) -- C:\Users\JJ\Desktop\putty.exe
[2013-03-10 13:01:25 | 000,000,000 | ---D | C] -- C:\Users\JJ\Desktop\serwer
[2013-03-09 12:53:27 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\.minecraft
[2013-03-08 15:38:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-03-07 20:43:32 | 000,000,000 | ---D | C] -- C:\Users\JJ\Documents\VideoPad Projects
[2013-03-06 19:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013-03-05 15:58:33 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\wargaming.net
[2013-03-05 15:58:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2013-03-05 15:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes
[2013-03-04 17:53:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013-03-04 17:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013-02-26 21:26:56 | 000,000,000 | ---D | C] -- C:\Users\JJ\Documents\GTA San Andreas User Files
[2013-02-26 19:05:38 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2013-02-26 19:05:31 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013-02-26 18:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2013-02-24 20:25:07 | 005,124,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2013-02-24 20:23:53 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2013-02-24 20:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2013-02-24 12:43:42 | 000,000,000 | ---D | C] -- C:\Users\JJ\Documents\Bandicam
[2013-02-24 11:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\EPS
[2013-02-24 11:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\Didsoft
[2013-02-24 11:02:28 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\OpenVPN Technologies
[2013-02-24 11:02:28 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Local\OpenVPN Technologies
[2013-02-24 11:01:49 | 000,000,000 | ---D | C] -- C:\Program Files\OpenVPN Technologies
[2013-02-23 14:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CABAL Online (Europe)
[2013-02-23 13:41:28 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\EurekaLog
[2013-02-23 13:34:34 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\S.A.D
[2013-02-23 13:25:54 | 000,026,624 | ---- | C] (The OpenVPN Project) -- C:\Windows\System32\drivers\tap0901.sys
[2013-02-23 13:16:51 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\RealHideIP
[2013-02-23 13:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\RealHideIP
[2013-02-19 16:56:43 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2013-02-19 16:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs
[2013-02-19 16:56:30 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\NCH Software
[2013-02-19 16:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2013-02-19 16:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
[2013-02-19 16:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2013-02-19 16:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2013-02-17 12:50:32 | 000,000,000 | ---D | C] -- C:\Users\JJ\Desktop\sciagi
[2013-02-16 19:00:17 | 000,000,000 | ---D | C] -- C:\Users\JJ\AppData\Roaming\TS3Client
[2013-02-16 17:50:32 | 000,000,000 | ---D | C] -- C:\Users\JJ\dwhelper
[2013-02-15 20:16:26 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-03-17 19:41:19 | 000,020,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-17 19:41:19 | 000,020,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-17 19:34:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-03-17 19:33:56 | 1609,965,568 | -HS- | M] () -- C:\hiberfil.sys
[2013-03-17 16:23:38 | 001,998,616 | ---- | M] () -- C:\Users\JJ\Desktop\ccc.png
[2013-03-17 12:40:39 | 000,007,604 | ---- | M] () -- C:\Users\JJ\AppData\Local\Resmon.ResmonCfg
[2013-03-17 12:36:17 | 000,000,600 | ---- | M] () -- C:\Users\JJ\AppData\Local\PUTTY.RND
[2013-03-16 12:20:46 | 000,785,866 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-03-16 12:20:46 | 000,694,328 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-03-16 12:20:46 | 000,172,508 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-03-16 12:20:46 | 000,133,694 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-03-16 12:17:56 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2013-03-16 12:17:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2013-03-11 18:53:33 | 031,761,533 | ---- | M] () -- C:\Users\JJ\Desktop\Knife Party - _Bonfire_.flv
[2013-03-11 08:13:15 | 000,415,600 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-03-10 10:48:55 | 000,000,132 | ---- | M] () -- C:\Users\JJ\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2013-03-10 10:48:38 | 000,013,941 | ---- | M] () -- C:\Users\JJ\Desktop\drzewko.png
[2013-03-09 12:09:10 | 000,000,600 | ---- | M] () -- C:\Users\JJ\AppData\Roaming\winscp.rnd
[2013-03-07 21:39:05 | 000,007,436 | ---- | M] () -- C:\Users\JJ\Desktop\Untitled.vpj
[2013-03-07 21:16:15 | 014,958,895 | ---- | M] () -- C:\Users\JJ\Desktop\Skrillex _ The Doors - Breakn_ A Sweat (Zedd Remix).flv
[2013-03-07 21:11:13 | 006,247,699 | ---- | M] () -- C:\Users\JJ\Desktop\NERO - Promises (LipDub Olsikowa).flv
[2013-03-05 15:58:23 | 000,000,614 | ---- | M] () -- C:\Users\Public\Desktop\World of Warplanes.lnk
[2013-03-04 19:01:08 | 000,001,609 | ---- | M] () -- C:\Users\JJ\Documents\current.spg
[2013-03-03 10:04:25 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013-03-03 10:04:25 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013-02-26 19:05:38 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2013-02-26 18:29:33 | 000,000,659 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2013-02-23 14:10:58 | 000,000,613 | ---- | M] () -- C:\Users\JJ\Desktop\CABAL Online (Europe).lnk
[2013-02-22 14:56:53 | 154,563,482 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-02-19 16:56:41 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\WavePad Sound Editor.lnk
[2013-02-19 16:56:19 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\VideoPad Video Editor.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013-03-17 16:23:37 | 001,998,616 | ---- | C] () -- C:\Users\JJ\Desktop\ccc.png
[2013-03-17 12:04:16 | 000,113,306 | ---- | C] () -- C:\Users\JJ\Desktop\superbluet_vjcjsjta.jar
[2013-03-16 12:17:56 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2013-03-16 12:17:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2013-03-11 18:48:21 | 031,761,533 | ---- | C] () -- C:\Users\JJ\Desktop\Knife Party - _Bonfire_.flv
[2013-03-10 10:48:38 | 000,000,132 | ---- | C] () -- C:\Users\JJ\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2013-03-10 10:48:37 | 000,013,941 | ---- | C] () -- C:\Users\JJ\Desktop\drzewko.png
[2013-03-09 21:38:05 | 000,148,689 | ---- | C] () -- C:\Users\JJ\Desktop\MinecraftLauncher.jar
[2013-03-09 12:09:10 | 000,000,600 | ---- | C] () -- C:\Users\JJ\AppData\Roaming\winscp.rnd
[2013-03-07 21:11:51 | 014,958,895 | ---- | C] () -- C:\Users\JJ\Desktop\Skrillex _ The Doors - Breakn_ A Sweat (Zedd Remix).flv
[2013-03-07 21:09:31 | 006,247,699 | ---- | C] () -- C:\Users\JJ\Desktop\NERO - Promises (LipDub Olsikowa).flv
[2013-03-07 20:43:34 | 000,007,436 | ---- | C] () -- C:\Users\JJ\Desktop\Untitled.vpj
[2013-03-05 15:58:23 | 000,000,614 | ---- | C] () -- C:\Users\Public\Desktop\World of Warplanes.lnk
[2013-03-04 19:01:08 | 000,001,609 | ---- | C] () -- C:\Users\JJ\Documents\current.spg
[2013-02-26 18:29:33 | 000,000,659 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2013-02-24 20:23:53 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2013-02-23 14:10:58 | 000,000,613 | ---- | C] () -- C:\Users\JJ\Desktop\CABAL Online (Europe).lnk
[2013-02-19 16:56:41 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
[2013-02-19 16:56:41 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\WavePad Sound Editor.lnk
[2013-02-19 16:56:19 | 000,001,120 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
[2013-02-19 16:56:19 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\VideoPad Video Editor.lnk
[2013-02-17 11:26:50 | 000,000,600 | ---- | C] () -- C:\Users\JJ\AppData\Local\PUTTY.RND
[2013-02-10 21:58:07 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2013-02-09 20:48:32 | 000,007,604 | ---- | C] () -- C:\Users\JJ\AppData\Local\Resmon.ResmonCfg
[2013-02-09 18:41:39 | 000,109,256 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
[2013-02-09 18:41:39 | 000,090,824 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2013-02-09 18:25:43 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013-02-09 18:25:43 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013-02-09 18:25:43 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013-02-09 18:25:42 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012-11-19 08:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2012-11-19 08:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011-06-10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011-04-12 06:08:42 | 000,785,866 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2011-04-12 06:08:42 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2011-04-12 06:08:42 | 000,172,508 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2011-04-12 06:08:42 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:56E2E879

< End of report >

 

 

 

Extras

 

 

 

OTL Extras logfile created on: 2013-03-17 19:46:53 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\JJ\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 46,50% Memory free
4,00 Gb Paging File | 2,68 Gb Available in Paging File | 67,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,37 Gb Total Space | 70,31 Gb Free Space | 70,05% Space Free | Partition Type: NTFS
Drive D: | 98,86 Gb Total Space | 83,55 Gb Free Space | 84,52% Space Free | Partition Type: NTFS
Drive E: | 98,86 Gb Total Space | 86,81 Gb Free Space | 87,81% Space Free | Partition Type: NTFS
 
Computer Name: JJ-KOMPUTER | User Name: JJ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2443643808-3435760982-3213442207-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{352C24A5-1AC2-47FF-A1AD-7FDD348AA7F3}" = rport=445 | protocol=6 | dir=out | app=system |
"{54144ABB-CFCA-4A7D-8CEF-930E932C706C}" = rport=137 | protocol=17 | dir=out | app=system |
"{6294A410-C468-4D68-8B0A-391DD3174F23}" = lport=445 | protocol=6 | dir=in | app=system |
"{629FDD42-9F37-4B96-95CB-AA85D2CEA5F0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{66FBF407-E1E2-434D-AAA4-313802748AC3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{972A6455-F025-496B-8BEF-551A48FF4128}" = lport=138 | protocol=17 | dir=in | app=system |
"{A5ED8550-2E1B-47D9-A34E-3F106AC0EE3B}" = lport=139 | protocol=6 | dir=in | app=system |
"{A7E9B807-54C2-4318-B7FF-8E8F50CF2887}" = lport=137 | protocol=17 | dir=in | app=system |
"{A9D605C0-DA46-4C1F-9266-20CD1AC33185}" = rport=138 | protocol=17 | dir=out | app=system |
"{EC134F4A-126A-4355-B3E4-1D2A60BDC516}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F402655F-3888-4D10-9AED-5B368A4D97C3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F61818B4-D8D3-47B8-8C58-A1157D939529}" = rport=139 | protocol=6 | dir=out | app=system |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EB6AE7B-7893-43BB-9C8F-7A924837762F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A18C1FC-D99D-4E29-A148-0727C1081836}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2F87F039-1F44-456B-ADAB-1A49B7D6EB06}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{3320EB99-F7A0-42C1-99D5-8F73A6CF72AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{35E96BBF-5B3B-46DB-8096-7CF80DC0C097}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{4D8FF3E1-09F5-4D30-BB3B-CE85B9710766}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{81FE0EE3-C673-4FB1-8F1E-7805B3DA6681}" = protocol=1 | dir=in | [email protected],-28543 |
"{92D1FF6A-BAE3-4646-B723-87956CC1658B}" = protocol=58 | dir=in | [email protected],-28545 |
"{A0E9131C-4313-4FF2-9B85-3E438A6DCA9D}" = protocol=17 | dir=in | app=d:\gry\combat arms eu\nmservice.exe |
"{A41F26E0-73D4-4F88-93C1-81D4EE354EB0}" = protocol=1 | dir=out | [email protected],-28544 |
"{AD1A037F-CE78-4DEC-A1D7-F7877607585F}" = protocol=58 | dir=out | [email protected],-28546 |
"{C3288B9E-7B05-428F-8EC1-F88FE061590D}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{CAC23F2F-D234-4A75-9538-968CA8545D61}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EDE1F1FD-64E3-42E6-8265-B2378E64115D}" = protocol=6 | dir=in | app=d:\gry\combat arms eu\nmservice.exe |
"{F06F4A7E-EAB8-40D2-A252-3A0FEAEA8A5B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{3704B89C-7668-4472-BFB4-21A7E0AF2FE3}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{3CAB3913-5CAA-4E38-B303-B61B1F935A3C}D:\gry\pandoramt2\metin2mod_2011sf.exe" = protocol=6 | dir=in | app=d:\gry\pandoramt2\metin2mod_2011sf.exe |
"TCP Query User{3D31D54C-E1AC-44C7-8B5B-E2FFF7407C1A}D:\gry\pandoramt2\metin2.bin" = protocol=6 | dir=in | app=d:\gry\pandoramt2\metin2.bin |
"TCP Query User{51CFC285-77BD-4DB4-A343-9B02163809DA}E:\backup\gry\pandoramt2\metin2.bin" = protocol=6 | dir=in | app=e:\backup\gry\pandoramt2\metin2.bin |
"TCP Query User{703972DF-D988-46B4-B1BE-2D0F6DB408CD}D:\gry\wowp\wowplauncher.exe" = protocol=6 | dir=in | app=d:\gry\wowp\wowplauncher.exe |
"TCP Query User{CFFF3D97-1764-4EFE-96AB-87C2E9CCC545}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{088A66E5-B398-4735-9C90-44C64E5A5025}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{1B50EE1F-7EA9-4EEA-96FB-0BAB0D02ECE9}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{2503D5F9-5EAE-4D27-8328-1FB5547F95BC}D:\gry\pandoramt2\metin2.bin" = protocol=17 | dir=in | app=d:\gry\pandoramt2\metin2.bin |
"UDP Query User{37BEEF4F-5AB4-4FB2-AD82-F1D78202BA4C}E:\backup\gry\pandoramt2\metin2.bin" = protocol=17 | dir=in | app=e:\backup\gry\pandoramt2\metin2.bin |
"UDP Query User{8C6A348B-3136-48E6-A56E-04290E046785}D:\gry\pandoramt2\metin2mod_2011sf.exe" = protocol=17 | dir=in | app=d:\gry\pandoramt2\metin2mod_2011sf.exe |
"UDP Query User{A9ADA1B7-FF90-4247-959B-69D8830F1414}D:\gry\wowp\wowplauncher.exe" = protocol=17 | dir=in | app=d:\gry\wowp\wowplauncher.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1" = World of Warplanes
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java 6 Update 30
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2B04D44F-1D1B-4E0E-8431-D04F87C21045}" = Nero 7 Essentials
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Pomoc
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Polish
"{AE56BC41-9C99-42C6-A8E8-38699A703D62}" = HP Deskjet 1050 J410 series Podstawowe oprogramowanie urządzenia
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 307.74
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 307.74
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Pakiet sterowników systemu Windows - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CABAL Online (Europe)_is1" = CABAL Online Europe (Europe)
"Combat Arms EU" = Combat Arms EU
"DAEMON Tools Lite" = DAEMON Tools Lite
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.5.3
"FormatFactory" = FormatFactory 3.0.1
"Game Booster_is1" = Game Booster 3
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.3.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Mozilla Firefox 19.0.2 (x86 pl)" = Mozilla Firefox 19.0.2 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Registry Recycler_is1" = Registry Recycler
"screenSHU" = screenSHU - the fastest screen capture ever.
"Speccy" = Speccy
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VideoPad" = VideoPad Video Editor
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"WavePad" = WavePad Sound Editor
"WinRAR archiver" = WinRAR 4.01 (32-bitowy)
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-2443643808-3435760982-3213442207-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2013-03-15 10:01:06 | Computer Name = JJ-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-03-15 10:32:25 | Computer Name = JJ-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: Engine.exe, wersja: 0.0.0.0, sygnatura
 czasowa: 0x50f6644a  Nazwa modułu powodującego błąd: EHSvc.dll, wersja: 5.6.13.296,
 sygnatura czasowa: 0x50d7c308  Kod wyjątku: 0xc0000005  Przesunięcie błędu: 0x0005dc8c
Identyfikator
 procesu powodującego błąd: 0xf88  Godzina uruchomienia aplikacji powodującej błąd:
 0x01ce2189e4b97623  Ścieżka aplikacji powodującej błąd: D:\Gry\Combat Arms EU\Engine.exe
Ścieżka
 modułu powodującego błąd: D:\Gry\Combat Arms EU\HShield\EHSvc.dll  Identyfikator
raportu: 273f975a-8d7d-11e2-b6c4-001bfc63bfb2
 
Error - 2013-03-15 10:35:47 | Computer Name = JJ-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: Engine.exe, wersja: 0.0.0.0, sygnatura
 czasowa: 0x50f6644a  Nazwa modułu powodującego błąd: EHSvc.dll, wersja: 5.6.13.296,
 sygnatura czasowa: 0x50d7c308  Kod wyjątku: 0xc0000005  Przesunięcie błędu: 0x0005dc8c
Identyfikator
 procesu powodującego błąd: 0x9c4  Godzina uruchomienia aplikacji powodującej błąd:
 0x01ce2189f80eab4c  Ścieżka aplikacji powodującej błąd: D:\Gry\Combat Arms EU\Engine.exe
Ścieżka
 modułu powodującego błąd: D:\Gry\Combat Arms EU\HShield\EHSvc.dll  Identyfikator
raportu: 9fa4780b-8d7d-11e2-b6c4-001bfc63bfb2
 
Error - 2013-03-16 06:08:49 | Computer Name = JJ-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-03-16 07:30:55 | Computer Name = JJ-Komputer | Source = RasClient | ID = 20227
Description =
 
Error - 2013-03-16 15:06:37 | Computer Name = JJ-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-03-17 05:50:56 | Computer Name = JJ-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-03-17 07:39:05 | Computer Name = JJ-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-03-17 12:07:52 | Computer Name = JJ-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-03-17 14:35:47 | Computer Name = JJ-Komputer | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 2013-03-17 14:32:52 | Computer Name = JJ-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa System zdarzeń COM+ niespodziewanie zakończyła pracę. Wystąpiło
 to razy: 1. W przeciągu 1000 milisekund zostanie podjęta następująca czynność korekcyjna:
 Uruchom usługę ponownie.
 
Error - 2013-03-17 14:32:52 | Computer Name = JJ-Komputer | Source = Service Control Manager | ID = 7034
Description = Usługa Host dostawcy odnajdowania funkcji niespodziewanie zakończyła
 pracę. Wystąpiło to razy: 1.
 
Error - 2013-03-17 14:32:52 | Computer Name = JJ-Komputer | Source = Service Control Manager | ID = 7034
Description = Usługa Mapowanie z odnajdywaniem topologii warstwy łącza niespodziewanie
 zakończyła pracę. Wystąpiło to razy: 1.
 
Error - 2013-03-17 14:32:52 | Computer Name = JJ-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Usługa listy sieci niespodziewanie zakończyła pracę. Wystąpiło
 to razy: 1. W przeciągu 100 milisekund zostanie podjęta następująca czynność korekcyjna:
 Uruchom usługę ponownie.
 
Error - 2013-03-17 14:32:52 | Computer Name = JJ-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Usługa interfejsu magazynu sieciowego niespodziewanie zakończyła
 pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca
 czynność korekcyjna: Uruchom usługę ponownie.
 
Error - 2013-03-17 14:32:52 | Computer Name = JJ-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Usługa Protokół SSTP niespodziewanie zakończyła pracę. Wystąpiło
 to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność
 korekcyjna: Uruchom usługę ponownie.
 
Error - 2013-03-17 14:32:52 | Computer Name = JJ-Komputer | Source = Service Control Manager | ID = 7034
Description = Usługa Host usługi diagnostyki niespodziewanie zakończyła pracę. Wystąpiło
 to razy: 1.
 
Error - 2013-03-17 14:32:52 | Computer Name = JJ-Komputer | Source = Service Control Manager | ID = 7031
Description = Usługa Usługa autowykrywania serwera proxy w sieci Web WinHTTP niespodziewanie
 zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta
 następująca czynność korekcyjna: Uruchom usługę ponownie.
 
Error - 2013-03-17 14:32:52 | Computer Name = JJ-Komputer | Source = Service Control Manager | ID = 7032
Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom
 usługę ponownie) po nieoczekiwanym zakończeniu usługi Usługa listy sieci, ale ta
 akcja nie powiodła się przy następującym błędzie:   %%1056.
 
Error - 2013-03-17 14:34:10 | Computer Name = JJ-Komputer | Source = APPHOSTSVC | ID = 9010
Description =
 
 
< End of report >

 

 

Booa Bywalec

Booa

Opublikowano
Bywalec

Booa

Opublikowano

UWAGA - jeśli wolisz poczekać za bardziej doświadczonym użytkownikiem, poczekaj za Fr3shMak3rem, nic nie stoi temu na przeszkodzie. Niemniej, ja nic poważnego w logach nie widzę.

 

1. Kosmetyka. Jako skrypt wklej:

 

 
:OTL 
 
IE - HKU\S-1-5-21-2443643808-3435760982-3213442207-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2443643808-3435760982-3213442207-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-2443643808-3435760982-3213442207-1003..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
 
:Command
[emtytemp]

2. Pobierz AdwCleaner, użyj opcji Usuń.

3. Pobierz SecurityCheck, aktualizuj programy zaznaczone jako out of data.

Zarchiwizowany

Ten temat przebywa obecnie w archiwum. Dodawanie nowych odpowiedzi zostało zablokowane.

Tematy
×
×
  • Dodaj nową pozycję...