Aktualizacje na programosy.pl: Q-Dir PortableQ-DirZD Soft Screen RecorderEventSentryYandex.BrowserMozilla FirefoxGetFLVJ. River Media CenterWashAndGo  

  • Ogłoszenie:

Sidebar.exe i zamulenie systemu

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.
Wyślij odpowiedź

Sidebar.exe i zamulenie systemu

Postprzez lolek93 10 Lut 2013, 23:56

reklama
Cześć. Od niedawna gdy wyłączam system 7 wyskakuje, że program sidebar.exe działa i nie można zamknąć. Zauważyłem też ogólne spowolnienie w działaniu. Logi z OTL
Kod: Zaznacz wszystko
OTL logfile created on: 2013-02-10 22:23:54 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kuba\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,86 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 40,32% Memory free
7,71 Gb Paging File | 5,06 Gb Available in Paging File | 65,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 64,46 Gb Free Space | 21,63% Space Free | Partition Type: NTFS
Drive D: | 298,08 Gb Total Space | 1,46 Gb Free Space | 0,49% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013-02-10 22:22:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
PRC - [2013-01-24 14:39:33 | 003,381,824 | ---- | M] (GG Network S.A.) -- C:\Users\Kuba\AppData\Local\GG\Application\gghub.exe
PRC - [2013-01-24 14:39:32 | 000,154,176 | ---- | M] (GG Network S.A.) -- C:\Users\Kuba\AppData\Local\GG\Application\ggapp.exe
PRC - [2012-12-18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-12-09 13:13:04 | 000,969,104 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012-11-19 00:58:02 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-09-04 22:57:25 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2012-09-04 22:57:25 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe
PRC - [2011-09-02 08:14:56 | 003,343,360 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\GXStandard16in1.exe
PRC - [2011-07-01 03:51:14 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011-07-01 03:51:14 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011-07-01 03:51:12 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011-07-01 03:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011-04-29 23:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011-04-29 23:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011-03-02 16:20:58 | 000,224,256 | ---- | M] () -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
PRC - [2011-02-01 22:24:42 | 002,656,280 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011-02-01 22:24:40 | 000,326,168 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013-02-07 20:12:52 | 012,459,888 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll
MOD - [2013-01-26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
MOD - [2013-01-26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013-01-26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MOD - [2013-01-26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Google\Chrome\Application\24.0.1312.57\libegl.dll
MOD - [2013-01-26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Users\Kuba\AppData\Local\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2013-01-24 14:39:35 | 001,945,600 | ---- | M] () -- C:\Users\Kuba\AppData\Local\GG\Application\xulrunner\mozjs.dll
MOD - [2012-07-30 15:58:11 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8036b60a803443f3c61c48b4959f722d\IAStorUtil.ni.dll
MOD - [2012-07-30 15:58:11 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\d89ee849317b4d93ea78842dd78f79c0\IAStorCommon.ni.dll
MOD - [2012-07-30 15:43:40 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012-07-30 15:43:17 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-07-30 15:43:03 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-07-30 15:42:50 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-07-30 15:42:39 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-07-30 15:42:36 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-07-30 15:42:35 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-07-30 15:42:28 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012-05-20 19:11:57 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011-09-02 08:14:56 | 003,343,360 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\GXStandard16in1.exe
MOD - [2011-08-10 12:43:19 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\DLL\DLL_Wheel4D.dll
MOD - [2011-06-24 16:31:26 | 000,891,392 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\Data\GxStandard16in1\Forms\KeyboardLEDForm\KeyboardLEDForm.dll
MOD - [2011-06-22 09:54:22 | 002,328,064 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\Data\GxStandard16in1\Forms\ScreenCapture\ScreenCapture.dll
MOD - [2011-04-12 14:21:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2011-04-12 14:14:04 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\DLL\DLL_AnalyzeGesturesInRight.dll
MOD - [2011-04-06 15:06:05 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\DLL\DLL_PenSuit.dll
MOD - [2011-03-21 18:33:17 | 000,999,424 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\Data\GxStandard16in1\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
MOD - [2011-01-09 19:45:55 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\DLL\DLL_MouseDeviceManager.dll
MOD - [2010-12-02 16:56:52 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\Data\GxStandard16in1\Forms\OSD_Text\OSD_Text.dll
MOD - [2010-11-01 19:16:00 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\DLL\DLL_AnalyzeGesturesInOne.dll
MOD - [2010-09-20 13:18:57 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\DLL\DLL_ZoomControl.dll
MOD - [2010-09-20 13:18:54 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\GXStandard16-in-1\DLL\DLL_ScrollbarControl.dll
MOD - [2010-01-30 01:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:[b]64bit:[/b] - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-02-08 16:21:41 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-11-29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-19 00:58:02 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-11-04 23:35:43 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-09-04 22:57:25 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011-07-01 03:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011-04-29 23:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011-03-02 16:20:58 | 000,224,256 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe -- (DirMngr)
SRV - [2011-02-01 22:24:42 | 002,656,280 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011-02-01 22:24:40 | 000,326,168 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2012-10-10 17:30:40 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:[b]64bit:[/b] - [2012-10-02 23:21:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012-07-31 11:42:48 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2012-07-31 11:42:48 | 000,102,240 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2012-07-30 16:38:51 | 004,729,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2012-07-03 17:21:52 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2012-05-20 19:16:58 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-05-20 18:59:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2012-05-20 18:59:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-06-10 19:16:10 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2011-05-16 13:57:32 | 000,051,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:[b]64bit:[/b] - [2011-05-09 19:42:16 | 000,425,000 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2011-05-06 09:11:12 | 000,086,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:[b]64bit:[/b] - [2011-04-26 10:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-04-05 12:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2011-01-20 17:15:30 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:[b]64bit:[/b] - [2011-01-20 17:15:28 | 000,067,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-10-20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010-10-15 09:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010-04-19 16:04:44 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dadder.sys -- (DAdderFltr)
DRV:[b]64bit:[/b] - [2009-12-21 20:50:00 | 000,007,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vHidDev.sys -- (vhidmini)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2009-07-14 01:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011-06-02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1077709932-1292940282-1935873583-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
IE - HKU\S-1-5-21-1077709932-1292940282-1935873583-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1077709932-1292940282-1935873583-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1077709932-1292940282-1935873583-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kuba\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kuba\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-07 17:08:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-31 16:15:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012-07-30 17:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions
[2013-01-01 15:24:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\slql4cyv.default\extensions
[2013-01-01 15:24:12 | 000,019,633 | ---- | M] () (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\firefox\profiles\slql4cyv.default\extensions\p24ext@przelewy24.pl.xpi
[2012-12-31 16:15:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-11-29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-11-29 11:00:09 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-11-29 11:00:09 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-11-29 11:00:09 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-11-29 11:00:09 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-11-29 11:00:09 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-11-29 11:00:09 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome  ==========[/color]

CHR - homepage: http://www.onet.pl/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.onet.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kuba\AppData\Local\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kuba\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kuba\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: NPLastPass (Enabled) = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.15_0\nplastpass.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Kuba\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Angry Birds = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Szukaj w Google = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: AdBlock = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.58_0\
CHR - Extension: LastPass = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.15_0\
CHR - Extension: Checker Plus for Gmail\u2122 = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\11.1_0\
CHR - Extension: Gmail = C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1077709932-1292940282-1935873583-1000..\Run: [GG] C:\Users\Kuba\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1077709932-1292940282-1935873583-1000..\Run: [OscarEditor] C:\Program Files (x86)\GXStandard16-in-1\GXStandard16in1.exe ()
O4 - HKU\S-1-5-21-1077709932-1292940282-1935873583-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-1077709932-1292940282-1935873583-1002..\Run: [CONNMGRTRAY]  File not found
O4 - HKU\S-1-5-21-1077709932-1292940282-1935873583-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1077709932-1292940282-1935873583-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.135 217.113.224.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35C1F127-8BF4-4CD1-80EC-63020FB18EC5}: DhcpNameServer = 217.113.224.135 217.113.224.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2886AFA-1D4E-426D-96E0-938D5995A0CF}: DhcpNameServer = 217.113.224.135 217.113.224.36
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7444203c-da53-11e1-aeba-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7444203c-da53-11e1-aeba-806e6f6e6963}\Shell\AutoRun\command - "" = E:\DistinguishOS.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013-02-10 22:21:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
[2013-02-10 00:49:38 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\GNU
[2013-02-10 00:49:34 | 000,000,000 | ---D | C] -- C:\Users\Kuba\.kde
[2013-02-10 00:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
[2013-02-10 00:49:09 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\gnupg
[2013-02-10 00:49:01 | 000,000,000 | ---D | C] -- C:\ProgramData\GNU
[2013-02-10 00:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GNU
[2013-02-10 00:47:23 | 039,332,992 | ---- | C] (g10 Code GmbH) -- C:\Users\Kuba\Desktop\gpg4win-2.1.0.exe
[2013-02-03 02:39:31 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\atlas
[2013-02-03 01:20:27 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013-02-03 01:20:13 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-02-03 01:20:13 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-02-03 01:20:13 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-01-20 22:34:48 | 000,000,000 | --SD | C] -- C:\Users\Kuba\Documents\Moje źródła danych
[2013-01-15 21:09:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Tor Browser

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013-02-10 22:22:28 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-02-10 22:22:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
[2013-02-10 22:15:54 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-02-10 22:15:54 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-02-10 22:14:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1077709932-1292940282-1935873583-1000UA.job
[2013-02-10 22:08:32 | 000,000,021 | ---- | M] () -- C:\Windows\S.dirmngr
[2013-02-10 22:08:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-02-10 22:08:14 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
[2013-02-10 15:18:28 | 001,661,232 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-02-10 15:18:28 | 000,737,480 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-02-10 15:18:28 | 000,651,648 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-02-10 15:18:28 | 000,154,136 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-02-10 15:18:28 | 000,120,580 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-02-10 13:18:23 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1077709932-1292940282-1935873583-1000Core.job
[2013-02-10 00:49:15 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Kleopatra.lnk
[2013-02-10 00:48:24 | 039,332,992 | ---- | M] (g10 Code GmbH) -- C:\Users\Kuba\Desktop\gpg4win-2.1.0.exe
[2013-02-08 21:04:01 | 000,738,463 | ---- | M] () -- C:\Users\Kuba\Desktop\PiP+Skrypt.pdf
[2013-02-08 21:03:34 | 000,581,599 | ---- | M] () -- C:\Users\Kuba\Desktop\PiP-Zagadnienia.pdf
[2013-02-08 21:00:39 | 000,554,902 | ---- | M] () -- C:\Users\Kuba\Desktop\Panstwo i prawo.pdf
[2013-02-08 16:21:40 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-02-08 16:21:40 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-02-03 01:20:07 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013-02-03 01:20:05 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013-02-03 01:20:04 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013-02-03 01:20:04 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013-02-03 01:20:03 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013-02-03 01:20:03 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013-02-10 22:08:32 | 000,000,021 | ---- | C] () -- C:\Windows\S.dirmngr
[2013-02-10 00:49:15 | 000,002,027 | ---- | C] () -- C:\Users\Public\Desktop\Kleopatra.lnk
[2013-02-08 21:04:01 | 000,738,463 | ---- | C] () -- C:\Users\Kuba\Desktop\PiP+Skrypt.pdf
[2013-02-08 21:03:34 | 000,581,599 | ---- | C] () -- C:\Users\Kuba\Desktop\PiP-Zagadnienia.pdf
[2013-02-08 21:00:38 | 000,554,902 | ---- | C] () -- C:\Users\Kuba\Desktop\Panstwo i prawo.pdf
[2012-12-04 23:49:47 | 000,007,628 | ---- | C] () -- C:\Users\Kuba\AppData\Local\Resmon.ResmonCfg
[2012-11-18 23:33:06 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-11-18 23:33:04 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-08 22:03:23 | 000,005,604 | ---- | C] () -- C:\Users\Kuba\AppData\Local\recently-used.xbel
[2012-09-04 22:57:56 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe
[2012-09-04 22:57:55 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2012-09-03 13:05:45 | 001,637,498 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-07-30 16:16:50 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-07-30 16:16:49 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012-07-30 16:16:49 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012-07-30 16:16:49 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012-07-30 16:16:49 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-05-20 19:15:34 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-05-20 19:15:34 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2012-07-30 17:12:54 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BESTplayer
[2012-08-05 11:44:58 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2013-02-10 20:41:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\foobar2000
[2013-02-10 22:09:09 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GG
[2013-02-10 15:16:41 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\gnupg
[2012-09-03 17:56:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\NapiProjekt
[2012-08-11 00:10:47 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PotPlayerMini64
[2012-07-30 18:37:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Razer
[2013-02-10 22:35:43 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent

[color=#E56717]========== Purity Check ==========[/color]



< End of report >

Kod: Zaznacz wszystko
OTL Extras logfile created on: 2013-02-10 22:23:54 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kuba\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,86 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 40,32% Memory free
7,71 Gb Paging File | 5,06 Gb Available in Paging File | 65,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 64,46 Gb Free Space | 21,63% Space Free | Partition Type: NTFS
Drive D: | 298,08 Gb Total Space | 1,46 Gb Free Space | 0,49% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PotPlayer.Enqueue] -- "C:\Program Files\Daum\PotPlayer\PotPlayerMini64.exe" "%1" /Add ()
Directory [PotPlayer.Play] -- "C:\Program Files\Daum\PotPlayer\PotPlayerMini64.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PotPlayer.Enqueue] -- "C:\Program Files\Daum\PotPlayer\PotPlayerMini64.exe" "%1" /Add ()
Directory [PotPlayer.Play] -- "C:\Program Files\Daum\PotPlayer\PotPlayerMini64.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{51FE397A-2FC4-4D71-82CD-81A65F25EB53}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08203FDC-5FC2-4AD9-9392-CDE2747B6D78}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{0A54E9FE-651E-4FBD-940B-93C5FAD0AD90}" = protocol=6 | dir=in | app=c:\program files (x86)\fifa 13\game\fifa13.exe |
"{0F337147-4150-4CDE-A869-61DB23D39BA8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"{146EB110-94E4-42BF-927F-C70833ACC5CC}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe |
"{16ECE028-B579-4005-9DFD-6392B0F3D28C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{2A9C4B74-0AC3-4422-AC39-4C03328718B6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{42034E7F-7D7C-4362-BBB2-1057752B7CE4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{43B80D7C-A961-4E25-A5E7-A5381B475FFD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{574635A9-D700-42EE-9C50-BEFC7A7D7DCC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{625A250D-71B4-40B6-8CD1-6FBE5855475C}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{746B35AB-2C35-49DB-9E25-0EF842926004}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{823D9529-892A-4EF7-BE2E-00C8A6CAE529}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{91DDC8E5-2278-46B6-9053-2D330683FBDB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{9514DBE9-48D8-4AA4-9F43-B0AC34C9E9D0}" = protocol=17 | dir=in | app=c:\program files (x86)\fifa 13\game\fifa13.exe |
"{964EDEB3-1505-404C-A52F-7A0AE0B968D4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{971F7AB9-8C38-45C2-9CFE-043423B6DA49}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{97A043F6-DBB5-4148-9EC3-B95AE34D266C}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{97E384AA-2962-44E3-B03E-6A0CF250DD73}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9913E248-2948-4694-AA32-02D7FFEA86D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9BEEE6C0-A287-4561-8070-11C52F855F7F}" = protocol=58 | dir=in | app=system |
"{9CB36203-ED67-4A0C-B059-0945ECB99CAA}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{9D8F7224-B677-4256-903E-145111B16347}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{B07D1EC0-FF03-4CE5-B6F1-A016ADB31934}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{B650DA77-6622-408F-A4A1-BDF031A7B97C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{CAC6E4CA-C956-4FC1-B356-874ABDF86B29}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{CCD90562-7800-4AC5-AAF6-B9ACA89C4563}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2013\pes2013.exe |
"{D2535BCC-2009-4613-AE1F-2FE21EBF562B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D5C362CA-477E-4565-A7FD-1DD72F302280}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{E0161FFA-A32C-42A2-957E-D3FCEA41B0BC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{E040B4A3-8CB1-454C-872B-B190D6B2BCB2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"{EA7DAC7E-E21E-4F7C-90C6-0F2847A82E11}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{F3DAE99E-7509-431C-97DB-4E215FB62CED}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F48970BB-3E8D-46F5-81BA-A2C047F1F253}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{FDA85C41-17DC-4F4C-A1AE-3DC90A2CF9E9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"TCP Query User{19BF0D44-8580-466F-B735-24151EFFEC09}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{2C5C09DA-342E-4040-93F0-2A48D7730B72}C:\program files (x86)\torchlight ii\torchlight2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\torchlight ii\torchlight2.exe |
"TCP Query User{3C33009D-0CDF-4822-BF3A-B95813D6BD92}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"TCP Query User{549DF78D-267C-4F19-8FAF-56074A865012}C:\program files (x86)\ubisoft\heroes of might and magic iii - zlota edycja\heroes3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic iii - zlota edycja\heroes3.exe |
"TCP Query User{64C22C24-34DB-40AC-86BD-59D225DD7686}C:\program files (x86)\activision\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\prototype 2\prototype2.exe |
"TCP Query User{7AF51DCE-013F-40DC-978D-371E0629F8C6}C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty black ops ii\t6sp.exe |
"TCP Query User{9ABCD194-9242-4DC2-AE3C-173C7E47A261}C:\program files (x86)\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dishonored\binaries\win32\dishonored.exe |
"TCP Query User{A0504310-690A-4A38-B57E-AB57AE84C4A1}C:\program files (x86)\steam\steamapps\badwray\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\badwray\counter-strike source\hl2.exe |
"TCP Query User{A1C4C21D-B1FA-4078-A599-01D5E08F17EA}C:\program files (x86)\ea games\need for speed most wanted\nfs13.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\need for speed most wanted\nfs13.exe |
"TCP Query User{C3CD06EB-11B1-4BF3-AC41-B03113DDF38C}C:\program files (x86)\activision\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\prototype 2\prototype2.exe |
"TCP Query User{C791D0F5-B631-4063-B668-459CE03E91E3}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{0E86C3D5-AE66-4BAA-B123-A4F074BA9891}C:\program files (x86)\activision\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\prototype 2\prototype2.exe |
"UDP Query User{585E65BA-DDF3-45EA-9918-A2A3CDB7F17F}C:\program files (x86)\steam\steamapps\badwray\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\badwray\counter-strike source\hl2.exe |
"UDP Query User{66AA258F-4529-4C8B-95BD-449EC90494E2}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{85A75FA6-55B1-4BB5-BFBF-8FBEEED144F6}C:\program files (x86)\activision\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\prototype 2\prototype2.exe |
"UDP Query User{85D85DA5-506E-422E-813A-C0D4CD3017A6}C:\program files (x86)\ea games\need for speed most wanted\nfs13.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\need for speed most wanted\nfs13.exe |
"UDP Query User{94DBE5FD-2D27-41DF-920A-5A5B0F76B7B7}C:\program files (x86)\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{B38859E2-38CF-4A96-99E0-997B9247AF50}C:\program files (x86)\activision\call of duty black ops ii\t6sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty black ops ii\t6sp.exe |
"UDP Query User{ED50DDC8-167E-4427-BF23-85BA2055C6C2}C:\program files (x86)\torchlight ii\torchlight2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\torchlight ii\torchlight2.exe |
"UDP Query User{F77166FF-A0C7-4209-A70F-B4F1B81EAAB2}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{F85977E0-3321-4C94-8FA7-02A9419AF3FE}C:\program files (x86)\ubisoft\heroes of might and magic iii - zlota edycja\heroes3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic iii - zlota edycja\heroes3.exe |
"UDP Query User{FB0C2AF3-5D8F-4EA5-9647-242E60D3389F}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"Elantech" = ETDWare PS/2-X64 8.0.6.3_WHQL
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.20 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B743AA0-53B2-11D2-808A-00600895FB43}" = Heroes of Might and Magic III - Złota Edycja
"{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed III 1.01
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman - Krwawa Forsa
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Polish
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}" = Pro Evolution Soccer 2013
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5102A3B-0990-4E26-A289-5158D77F6455}" = GxStandard16-in-1
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Call of Duty Black Ops II_is1" = Call of Duty Black Ops II
"CanonMyPrinter" = Canon My Printer
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"Daum PotPlayer_is1" = Daum PotPlayer 1.5.33948.0 Public PL
"Diablo III" = Diablo III
"Dishonored (c) Bethesda Softworks_is1" = Dishonored (c) Bethesda Softworks version 1
"F1 2012_is1" = F1 2012
"foobar2000" = foobar2000 v1.1.13
"GPG4Win" = Gpg4win (2.1.0)
"Hitman Absolution_is1" = Hitman Absolution
"InstallShield_{F5102A3B-0990-4E26-A289-5158D77F6455}" = 16-in-1
"LastPass" = LastPass (uninstall only)
"LManager" = Launch Manager
"Mafia II_is1" = Mafia II
"Mozilla Firefox 17.0.1 (x86 pl)" = Mozilla Firefox 17.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt (2.1.0.2287)
"Need for Speed Most Wanted_is1" = Need for Speed Most Wanted
"Plus500" = Plus500
"Prototype 2_is1" = Prototype 2
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"Spec Ops The Line_is1" = Spec Ops The Line
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"Torchlight II (c) Runic Games_is1" = Torchlight II (c) Runic Games version 1
"Uplay" = Uplay
"uTorrent" = µTorrent

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1077709932-1292940282-1935873583-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2013-01-28 09:31:44 | Computer Name = Laptop | Source = WinMgmt | ID = 10
Description =

Error - 2013-01-29 08:02:56 | Computer Name = Laptop | Source = WinMgmt | ID = 10
Description =

Error - 2013-01-29 20:44:57 | Computer Name = Laptop | Source = Application Hang | ID = 1002
Description = Program sidebar.exe w wersji 6.1.7601.17514 zatrzymał interakcję z
systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji.    Identyfikator procesu: dac    Godzina rozpoczęcia: 01cdfe18755a3e32    Godzina zakończenia:
15    Ścieżka aplikacji: C:\Program Files\Windows Sidebar\sidebar.exe    Identyfikator
raportu: 43065151-6a76-11e2-a2c1-b870f4facd1e 

Error - 2013-01-30 07:55:56 | Computer Name = Laptop | Source = WinMgmt | ID = 10
Description =

Error - 2013-01-31 07:17:13 | Computer Name = Laptop | Source = WinMgmt | ID = 10
Description =

Error - 2013-01-31 13:22:37 | Computer Name = Laptop | Source = WinMgmt | ID = 10
Description =

Error - 2013-02-07 15:03:33 | Computer Name = Laptop | Source = WinMgmt | ID = 10
Description =

Error - 2013-02-09 19:49:45 | Computer Name = Laptop | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: gpgme-w32spawn.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x4d6e61bc  Nazwa modułu powodującego błąd: ntdll.dll, wersja:
6.1.7601.17725, sygnatura czasowa: 0x4ec49b8f  Kod wyjątku: 0x4000001f  Przesunięcie
błędu: 0x00039ec5  Identyfikator procesu powodującego błąd: 0x152c  Godzina uruchomienia
aplikacji powodującej błąd: 0x01ce072020ef3eea  Ścieżka aplikacji powodującej błąd:
C:\Program Files (x86)\GNU\GnuPG\gpgme-w32spawn.exe  Ścieżka modułu powodującego
błąd: C:\Windows\SysWOW64\ntdll.dll  Identyfikator raportu: 60e4e7a4-7313-11e2-abcb-b870f4facd1e

Error - 2013-02-09 19:49:45 | Computer Name = Laptop | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: gpgme-w32spawn.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x4d6e61bc  Nazwa modułu powodującego błąd: ntdll.dll, wersja:
6.1.7601.17725, sygnatura czasowa: 0x4ec49b8f  Kod wyjątku: 0x4000001f  Przesunięcie
błędu: 0x00039ec5  Identyfikator procesu powodującego błąd: 0x1528  Godzina uruchomienia
aplikacji powodującej błąd: 0x01ce07201f8c0037  Ścieżka aplikacji powodującej błąd:
C:\Program Files (x86)\GNU\GnuPG\gpgme-w32spawn.exe  Ścieżka modułu powodującego
błąd: C:\Windows\SysWOW64\ntdll.dll  Identyfikator raportu: 60e50eb5-7313-11e2-abcb-b870f4facd1e

Error - 2013-02-10 14:39:25 | Computer Name = Laptop | Source = WinMgmt | ID = 10
Description =

Error - 2013-02-10 17:09:33 | Computer Name = Laptop | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2013-01-16 21:08:41 | Computer Name = Laptop | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2.

Error - 2013-01-16 21:08:44 | Computer Name = Laptop | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2.

Error - 2013-01-16 21:08:45 | Computer Name = Laptop | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2.

Error - 2013-01-17 21:11:06 | Computer Name = Laptop | Source = DCOM | ID = 10010
Description =

Error - 2013-01-26 14:49:54 | Computer Name = Laptop | Source = HTTP | ID = 15005
Description =

Error - 2013-01-26 14:49:55 | Computer Name = Laptop | Source = HTTP | ID = 15005
Description =

Error - 2013-01-26 14:49:55 | Computer Name = Laptop | Source = HTTP | ID = 15005
Description =

Error - 2013-01-26 14:49:55 | Computer Name = Laptop | Source = HTTP | ID = 15005
Description =

Error - 2013-01-27 10:43:14 | Computer Name = Laptop | Source = DCOM | ID = 10010
Description =

Error - 2013-02-10 17:06:29 | Computer Name = Laptop | Source = DCOM | ID = 10010
Description =


< End of report >


Dzięki.
CPU: Intel Core i3-2330M 2.2GHz | RAM: 4GB DDR 3 | GPU: GEFORCE GT 540M 1GB | OS: Windows 8 | NET: TOYA 30 Mbit |
Awatar użytkownika
lolek93
~user
 
Posty: 434
Dołączenie: 06 Sty 2007, 21:35
Miejscowość: Zduńska Wola
Pochwały: 6


Góra

Sidebar.exe i zamulenie systemu

Postprzez ordynat 11 Lut 2013, 00:25

Kod: Zaznacz wszystko
[2013-02-10 22:08:32 | 000,000,021 | ---- | M] () -- C:\Windows\S.dirmngr

Sprawdź ten plik na --> JOTTI/ albo na VIRUSTOTAL

Poza tym nic podejrzanego.
Kosmetyka:
Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:
:OTL
O4 - HKU\S-1-5-21-1077709932-1292940282-1935873583-1002..\Run: [CONNMGRTRAY] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt.
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra

Sidebar.exe i zamulenie systemu

Postprzez lolek93 11 Lut 2013, 00:34

Na JOTTI czysto.

Dodano 11 Lut 2013 00:42:
Ok. Wklejam log po wykonaniu skryptu.

Kod: Zaznacz wszystko
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1077709932-1292940282-1935873583-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CONNMGRTRAY deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Kuba
->Temp folder emptied: 434876675 bytes
->Temporary Internet Files folder emptied: 53226743 bytes
->Java cache emptied: 4826954 bytes
->FireFox cache emptied: 74626194 bytes
->Google Chrome cache emptied: 443179694 bytes
->Flash cache emptied: 196492 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5028119 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50668 bytes
RecycleBin emptied: 797784 bytes

Total Files Cleaned = 970,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02102013_233634

Files\Folders moved on Reboot...
C:\Users\Kuba\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Kuba\AppData\Local\Temp\MMDUtl.log moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
CPU: Intel Core i3-2330M 2.2GHz | RAM: 4GB DDR 3 | GPU: GEFORCE GT 540M 1GB | OS: Windows 8 | NET: TOYA 30 Mbit |
Awatar użytkownika
lolek93
~user
 
Posty: 434
Dołączenie: 06 Sty 2007, 21:35
Miejscowość: Zduńska Wola
Pochwały: 6


Góra

Sidebar.exe i zamulenie systemu

Postprzez ordynat 11 Lut 2013, 00:52

Na JOTTI czysto.

Tak myślałem, ale wolałem się upewnić.
.

Autor postu otrzymał pochwałę
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866


Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 20 gości

Powered by phpBB © Group
Forum Programosy.pl