Wykryto wyłączony javascript

Aktualnie masz wyłączony javascript. Kilka funkcji może nie działać. Włącz ponownie javascript, aby korzystać z pełnej funkcjonalności.

Logi - Drobne ścinki w grze

Rozpoczęty przez taniepisanie , 23 01 2013 16:05

Temat jest zamknięty

7 odpowiedzi w tym temacie

#1 taniepisanie

Początkujący

10 postów

Napisano 23 01 2013 - 16:05

Sugerowano zebym zalozył temat w tym dziale,

Dla przypomnienia problem polega gownie na tym ze podczas grania w m&b online mam drobne ścięcia mimo 120fps i ping ~42 wiec to nie przez to.

Dodaje logi z OTL

OTL Extras logfile created on: 2013-01-23 13:37:55 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\qw\My Documents\Pobieranie
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 56,85% Memory free
3,85 Gb Paging File | 3,04 Gb Available in Paging File | 78,88% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 698,63 Gb Total Space | 471,48 Gb Free Space | 67,49% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 42,90 Gb Free Space | 4,61% Space Free | Partition Type: NTFS

Computer Name: QE-B60970DE1753 | User Name: qw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1935655697-1425521274-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1050:TCP" = 1050:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"E:\OperaTor\Opera\opera.exe" = E:\OperaTor\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Program Files\WebServ\mysql\bin\WebServ(mysqld).exe" = C:\Program Files\WebServ\mysql\bin\WebServ(mysqld).exe:*:Enabled:WebServ(mysqld) -- ()
"C:\Program Files\WebServ\apache2\bin\WebServ(apache).exe" = C:\Program Files\WebServ\apache2\bin\WebServ(apache).exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Documents and Settings\qw\Local Settings\Temp\7zS6C56\setup\HPZnui01.exe" = C:\Documents and Settings\qw\Local Settings\Temp\7zS6C56\setup\HPZnui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.524\Agent.exe" = C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.524\Agent.exe:*:Enabled:Blizzard Agent -- (Blizzard Entertainment)
"C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1363\Agent.exe" = C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1363\Agent.exe:*:Enabled:Battle.net Update Agent -- (Blizzard Entertainment)
"C:\server diablo test\v4emultor\Mooege\Diablo III\Diablo III.exe" = C:\server diablo test\v4emultor\Mooege\Diablo III\Diablo III.exe:*:Enabled:Diablo III Retail
"C:\Documents and Settings\qw\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\qw\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client
"C:\Documents and Settings\qw\Application Data\Ubisoft\MMDoC-PDCLive\Launcher\Launcher.exe" = C:\Documents and Settings\qw\Application Data\Ubisoft\MMDoC-PDCLive\Launcher\Launcher.exe:*:Enabled:Launcher
"C:\Documents and Settings\qw\Application Data\Ubisoft\MMDoC-PDCLive\GameData\Game.exe" = C:\Documents and Settings\qw\Application Data\Ubisoft\MMDoC-PDCLive\GameData\Game.exe:*:Enabled:Might & Magic : Duel of Champions
"C:\Documents and Settings\qw\Desktop\Praca i nauka\Hacking\Przegladarka w tunelu cebulowym\Opera\opera.exe" = C:\Documents and Settings\qw\Desktop\Praca i nauka\Hacking\Przegladarka w tunelu cebulowym\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Reality Pump\Iron Sky Invasion\IronSky_Launcher.exe" = C:\Program Files\Reality Pump\Iron Sky Invasion\IronSky_Launcher.exe:*:Enabled:Iron Sky Invasion -- ()
"C:\Program Files\Reality Pump\Iron Sky Invasion\game\IronSky.exe" = C:\Program Files\Reality Pump\Iron Sky Invasion\game\IronSky.exe:*:Enabled:Iron Sky Invasion -- ()
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\WINDOWS\system32\dmwu.exe" = C:\WINDOWS\system32\dmwu.exe:*:Enabled:dmwu -- ()
"C:\WINDOWS\system32\ARFC\wrtc.exe" = C:\WINDOWS\system32\ARFC\wrtc.exe:*:Enabled:wrtc -- ()
"C:\Documents and Settings\qw\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\qw\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0036B17C-2B0C-4D49-B50B-712F4B38B510}" = TP-LINK Wireless Client Utility
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 7.6.1
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1" = FTL version 1.03.1
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.10.3
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.1.2903
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK
"{2CCC5C78-20FF-478E-8B65-46B58CC5781B}" = AVG 2013
"{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}" = 3DMark05
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{731E713B-C13E-4527-B624-8A6DF2D33DAF}" = AVG 2013
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D3D561-D1FD-4d57-8395-20030467E0F9}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AAFF417A-BAB3-4F1E-A77D-C72B79EA19F6}_is1" = FLV MP3 Converter v3.5 build 1411
"{ACDE260A-602B-4cfb-A650-D0DBA6FFAD85}" = NetDeviceManager
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CECB9B3D-E681-4458-85F8-8D182941AF1D}" = Sound Blaster Audigy 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"«Total War™: SHOGUN 2»_is1" = «Total War™: SHOGUN 2»
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG" = AVG 2013
"AVG Secure Search" = AVG Security Toolbar
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"B521582C-6BE3-491D-BCC8-FFB8301298E9_is1" = Foxit Advanced PDF Editor 3
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.61.2
"Creative PD0620" = Creative WebCam Instant Driver (1.01.02.0729)
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.3.1
"East-Tec Eraser 2011_is1" = East-Tec Eraser 2011 Version 9.9
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.6.0.2
"Foxit Reader_is1" = Foxit Reader
"Free Download Manager_is1" = Free Download Manager 3.9
"Gainward" = EXPERTool
"ImgBurn" = ImgBurn
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"Iron Sky Invasion" = Iron Sky Invasion
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.8.0 (Basic)
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"mIRC" = mIRC
"MKVtoolnix" = MKVtoolnix 2.2.0
"Mount&Blade Warband" = Mount&Blade Warband
"Mozilla Firefox 18.0.1 (x86 pl)" = Mozilla Firefox 18.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt (2.0.0.2151)
"Opera 12.02.1578" = Opera 12.02
"Origin" = Origin
"Photo Resize Magic" = Photo Resize Magic 1.1
"ScreenshotCaptor_is1" = Screenshot Captor 3.08.01
"SubEdit-Player_is1" = SubEdit-Player
"SysInfo" = Creative System Information
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.4
"WebServ_is1" = WebServ 2.0
"Wincmd" = Windows Commander (Remove only)
"WinRAR archiver" = WinRAR 4.11 (32-bitowy)
"WNLT" = IB Updater Service
"Xbox_360_CC_Driver" = Xbox 360 Controller for Windows
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2012-12-08 22:55:19 | Computer Name = QE-B60970DE1753 | Source = MsiInstaller | ID = 11704
Description = Produkt: Akamai NetSession Interface - Błąd 1704. Instalacja Microsoft
.NET Framework 3.0 Service Pack 2 jest aktualnie wstrzymana. Aby kontynuować, musisz
cofnąć zmiany wprowadzone przez tę instalację. Czy chcesz cofnąć te zmiany?

Error - 2012-12-09 14:37:10 | Computer Name = QE-B60970DE1753 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 2012-12-10 18:28:13 | Computer Name = QE-B60970DE1753 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 2012-12-13 19:03:28 | Computer Name = QE-B60970DE1753 | Source = Application Error | ID = 1000
Description = Faulting application shogun2.exe, version 1.1.0.0, faulting module
shogun2.dll, version 1.0.0.0, fault address 0x011dda62.

Error - 2012-12-13 19:03:31 | Computer Name = QE-B60970DE1753 | Source = Application Error | ID = 1000
Description = Faulting application shogun2.exe, version 1.1.0.0, faulting module
shogun2.dll, version 1.0.0.0, fault address 0x011dda62.

Error - 2012-12-17 00:05:37 | Computer Name = QE-B60970DE1753 | Source = Application Hang | ID = 1002
Description = Hanging application Shogun2.exe, version 1.1.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2012-12-18 13:55:57 | Computer Name = QE-B60970DE1753 | Source = Application Hang | ID = 1002
Description = Hanging application Shogun2.exe, version 1.1.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2012-12-30 12:12:53 | Computer Name = QE-B60970DE1753 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module hpslpsvc32.dll, version 100.0.170.0, fault address 0x000509a5.

Error - 2012-12-30 15:02:42 | Computer Name = QE-B60970DE1753 | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module hpslpsvc32.dll, version 100.0.170.0, fault address 0x000509a5.

Error - 2013-01-01 22:36:13 | Computer Name = QE-B60970DE1753 | Source = Application Error | ID = 1000
Description = Faulting application mpc-hc.exe, version 1.5.1.2903, faulting module
mpc-hc.exe, version 1.5.1.2903, fault address 0x0028758b.

[ System Events ]
Error - 2013-01-21 09:26:12 | Computer Name = QE-B60970DE1753 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 2013-01-21 10:06:05 | Computer Name = QE-B60970DE1753 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 2013-01-21 10:06:05 | Computer Name = QE-B60970DE1753 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 2013-01-21 18:37:08 | Computer Name = QE-B60970DE1753 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 2013-01-22 12:19:04 | Computer Name = QE-B60970DE1753 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 2013-01-22 12:19:04 | Computer Name = QE-B60970DE1753 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 2013-01-22 17:17:17 | Computer Name = QE-B60970DE1753 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 2013-01-22 17:17:17 | Computer Name = QE-B60970DE1753 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 2013-01-23 08:17:44 | Computer Name = QE-B60970DE1753 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 2013-01-23 08:17:44 | Computer Name = QE-B60970DE1753 | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

< End of report >

Użytkownik Qauke edytował ten post 23 01 2013 - 17:36

Do góry

#2 pawel315

Uzależniony od forum

1 553 postów

Napisano 23 01 2013 - 16:47

No ok ale jak sam powiedziałeś "daje logi z OTL'a" a ja tylko jeden widzę otl tworzy dwa i ten drugi podaj

Do góry

#3 taniepisanie

Początkujący

10 postów

Napisano 23 01 2013 - 16:56

No cos pomyliłem

OTL logfile created on: 2013-01-23 13:37:55 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\qw\My Documents\Pobieranie
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 56,85% Memory free
3,85 Gb Paging File | 3,04 Gb Available in Paging File | 78,88% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 698,63 Gb Total Space | 471,48 Gb Free Space | 67,49% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 42,90 Gb Free Space | 4,61% Space Free | Partition Type: NTFS

Computer Name: QE-B60970DE1753 | User Name: qw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-01-23 01:13:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\qw\My Documents\Pobieranie\OTL.exe
PRC - [2013-01-19 05:14:09 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-12-29 11:31:25 | 001,260,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-12-26 01:25:54 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012-11-21 17:19:46 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012-10-30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012-10-22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012-10-22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012-10-02 16:20:26 | 001,008,496 | ---- | M] () -- C:\WINDOWS\system32\dmwu.exe
PRC - [2012-07-06 13:19:02 | 006,852,376 | ---- | M] (DonationCoder) -- C:\Program Files\ScreenshotCaptor\ScreenshotCaptor.exe
PRC - [2012-07-03 09:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2012-06-13 16:34:31 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-03-26 17:34:44 | 000,479,412 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD.) -- C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe
PRC - [2007-09-04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2007-02-12 10:03:08 | 000,364,629 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2003-09-17 09:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
PRC - [2003-06-18 00:00:00 | 000,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe

========== Modules (No Company Name) ==========

MOD - [2013-01-19 05:14:06 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-01-09 02:10:37 | 014,586,888 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
MOD - [2012-12-26 01:25:54 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
MOD - [2012-10-02 16:20:26 | 001,008,496 | ---- | M] () -- C:\WINDOWS\system32\dmwu.exe
MOD - [2012-10-02 16:18:42 | 000,028,160 | ---- | M] () -- C:\WINDOWS\system32\ImHttpComm.dll
MOD - [2012-06-13 16:35:23 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008-04-14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008-01-08 18:53:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2007-04-10 08:25:38 | 000,377,014 | ---- | M] () -- C:\WINDOWS\system32\wgapi.dll
MOD - [2007-04-10 08:09:10 | 000,094,208 | ---- | M] () -- C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\oemres.dll
MOD - [2007-01-31 03:56:56 | 000,032,768 | ---- | M] () -- C:\WINDOWS\TBPanelExt.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013-01-19 05:14:08 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-01-09 02:10:37 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-29 11:31:25 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-12-26 01:25:54 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012-11-21 17:19:46 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012-10-02 16:20:26 | 001,008,496 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\dmwu.exe -- (IBUpdaterService)
SRV - [2007-09-04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2007-02-12 10:03:08 | 000,364,629 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-12-26 01:25:54 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012-12-19 15:36:10 | 000,104,872 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2012-11-15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012-10-22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012-10-15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012-10-12 19:54:46 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2012-10-12 19:54:46 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2012-10-06 21:45:11 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012-10-02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012-09-21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012-09-21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012-09-21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012-09-14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012-08-20 15:48:44 | 000,015,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2012-08-20 15:48:44 | 000,010,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2012-06-13 16:45:09 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\NVATA.sys -- (NVATA)
DRV - [2012-06-13 16:45:08 | 000,013,616 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mvxxmm.sys -- (mvxxmm)
DRV - [2012-06-13 16:45:08 | 000,013,616 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mv61xxmm.sys -- (mv61xxmm)
DRV - [2012-06-13 16:45:08 | 000,005,632 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mv64xxmm.sys -- (mv64xxmm)
DRV - [2011-05-19 15:55:28 | 000,103,512 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (jraid)
DRV - [2010-04-09 01:30:10 | 000,168,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2007-09-04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2007-03-27 12:27:02 | 000,543,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007-03-16 03:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel)
DRV - [2007-03-16 03:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex)
DRV - [2006-11-15 01:00:18 | 000,055,840 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2004-07-29 13:14:22 | 000,091,577 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P0620Vid.sys -- (PD0620VID)
DRV - [2004-06-16 02:47:10 | 000,952,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2004-05-03 06:49:54 | 000,147,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2004-05-03 06:48:56 | 000,150,160 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2004-04-29 04:01:00 | 000,374,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2004-04-06 09:24:54 | 000,646,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2004-03-16 03:37:26 | 000,147,088 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2004-03-16 03:37:12 | 000,130,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004-03-16 03:36:54 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2004-03-16 03:36:44 | 000,178,736 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2004-03-15 10:25:06 | 000,337,056 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2003-03-05 08:07:46 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pfmodnt.sys -- (PfModNT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=WDC_WD7500AADS-00M2B0_WD-WCAV5092075420754&ts=1350068968
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=WDC_WD7500AADS-00M2B0_WD-WCAV5092075420754&ts=1350068968
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=WDC_WD7500AADS-00M2B0_WD-WCAV5092075420754&ts=1350068968
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb201?a=6R8RHIHH5p&i=26
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B9EBC514-72B9-47F4-9DAE-D60AF6A01845}&mid=45bf558eaf1a4e3d8e245027db0a7121-3a41c8e8fa46ae5eb97cf3ad6869d50e749bf013&lang=pl&ds=ax011&pr=&d=2012-12-26 01:26:14&v=13.2.0.4&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6R8RHIHH5p&i=26
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mystart.incredibar.com/mb201?a=6R8RHIHH5p&i=26"
FF - prefs.js..extensions.enabledAddons: %7BE6C1199F-E687-42da-8C24-E7770CC3AE66%7D:1.8.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.25
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/mb201/?loc=IB_DS&a=6R8RHIHH5p&&i=26&search="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\qw\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-12-27 01:00:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-19 05:14:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012-08-08 20:38:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\qw\Application Data\Mozilla\Extensions
[2013-01-18 17:11:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\qw\Application Data\Mozilla\Firefox\Profiles\xmd7q59c.default\extensions
[2013-01-11 14:25:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\qw\Application Data\Mozilla\Firefox\Profiles\xmd7q59c.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013-01-15 17:33:54 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\qw\Application Data\Mozilla\Firefox\Profiles\xmd7q59c.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012-08-08 22:23:53 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Documents and Settings\qw\Application Data\Mozilla\Firefox\Profiles\xmd7q59c.default\extensions\toolbar@ask.com
[2013-01-06 00:59:34 | 000,220,411 | ---- | M] () (No name found) -- C:\Documents and Settings\qw\Application Data\Mozilla\Firefox\Profiles\xmd7q59c.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012-11-23 14:20:54 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\qw\Application Data\Mozilla\Firefox\Profiles\xmd7q59c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012-11-21 17:15:54 | 000,014,714 | ---- | M] () (No name found) -- C:\Documents and Settings\qw\Application Data\Mozilla\Firefox\Profiles\xmd7q59c.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
[2013-01-18 14:20:02 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\qw\Application Data\Mozilla\Firefox\Profiles\xmd7q59c.default\searchplugins\MyStart Search.xml
[2013-01-19 05:13:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-01-19 05:14:09 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-09-16 15:14:24 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-12-27 01:00:42 | 000,003,571 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-09-16 15:14:24 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-09-16 15:14:24 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-09-16 15:14:24 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-10-12 20:09:29 | 000,000,402 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
[2012-09-16 15:14:24 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-09-16 15:14:24 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2012-12-02 00:44:24 | 000,000,843 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 192.168.1.103 us.actual.battle.net
O1 - Hosts: 192.168.1.103 eu.actual.battle.net
O1 - Hosts: 192.168.1.103 enGB.nydus.battle.net
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [TWCU] C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe (TP-LINK TECHNOLOGIES CO., LTD.)
O4 - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003..\Run: [Facebook Update] C:\Documents and Settings\qw\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1935655697-1425521274-1801674531-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Pobierz plik wideo w FDM - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w FDM - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w FDM - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone pliki w FDM - C:\Program Files\Free Download Manager\dlselected.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1353414888734 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.21.99.95 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F625CC99-57B8-448F-8209-4CBCC57C1040}: DhcpNameServer = 62.21.99.95 192.168.1.1
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Documents and Settings\All Users\Application Data\AVG\AWL2012\WinStyler\tu_logonui.exe) - C:\Documents and Settings\All Users\Application Data\AVG\AWL2012\WinStyler\tu_logonui.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-08-07 23:03:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013-01-23 13:31:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\OLDER
[2013-01-23 13:31:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\MyJunk
[2013-01-23 01:52:19 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2013-01-23 01:52:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CrystalDiskInfo
[2013-01-19 11:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Start Menu\Programs\project64 1.6
[2013-01-19 11:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Project64 1.6
[2013-01-19 05:13:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-01-18 22:58:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\Temp
[2013-01-18 22:57:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\Facebook
[2013-01-18 22:55:52 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2013-01-18 22:55:48 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2013-01-18 22:55:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2013-01-18 22:55:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2013-01-18 22:55:46 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2013-01-18 22:55:45 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2013-01-18 22:55:43 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2013-01-18 22:55:41 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2013-01-18 22:55:39 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2013-01-18 22:55:30 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2013-01-18 22:55:30 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2013-01-18 22:55:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2013-01-18 22:55:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2013-01-18 22:55:30 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2013-01-18 22:55:30 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2013-01-18 22:55:30 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2013-01-18 22:55:30 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2013-01-18 22:55:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013-01-18 22:55:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2013-01-18 22:55:15 | 000,126,976 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\P0620Vfw.dll
[2013-01-18 22:55:15 | 000,091,577 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\P0620Vid.sys
[2013-01-18 22:55:15 | 000,081,920 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\CtDrvIns.exe
[2013-01-18 22:55:15 | 000,077,824 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\P0620Ext.ax
[2013-01-18 22:55:15 | 000,069,632 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\p0620sti.dll
[2013-01-18 22:55:15 | 000,065,536 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\CtCamMgr.dll
[2013-01-18 22:55:15 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\P0620Hwx.dll
[2013-01-18 22:55:15 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\P0620Pin.dll
[2013-01-18 22:55:15 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\P0620Ext.crl
[2013-01-18 22:55:15 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\P0620Pin.crl
[2013-01-18 22:55:15 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\P0620Srv.exe
[2013-01-18 22:55:15 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\P0620Cfg.exe
[2013-01-18 22:55:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\CtDrvInstall
[2013-01-18 22:55:12 | 000,000,000 | ---D | C] -- C:\WCamInst
[2013-01-18 16:02:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\se
[2013-01-18 14:48:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Start Menu\Programs\TechPowerUp GPU-Z
[2013-01-18 14:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\GPU-Z
[2013-01-18 14:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Geeks3D
[2013-01-18 14:47:35 | 000,000,000 | ---D | C] -- C:\Program Files\Geeks3D
[2013-01-18 14:20:59 | 000,632,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2013-01-18 14:20:59 | 000,554,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2013-01-18 14:20:59 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcm80.dll
[2013-01-18 14:20:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ARFC
[2013-01-18 14:20:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WNLT
[2013-01-18 13:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2013-01-18 13:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2013-01-18 13:25:02 | 000,144,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2013-01-18 13:25:01 | 015,635,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2013-01-18 13:25:01 | 000,108,984 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2013-01-18 13:25:00 | 000,054,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2013-01-15 14:33:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Ruru Kinouchi- Next Daughter
[2013-01-15 14:19:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\Origin
[2013-01-15 14:19:13 | 000,000,000 | ---D | C] -- C:\Program Files\Origin Games
[2013-01-15 14:19:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\Origin
[2013-01-15 14:16:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Origin
[2013-01-15 14:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Origin
[2013-01-15 14:16:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2013-01-15 14:15:50 | 000,000,000 | ---D | C] -- C:\Program Files\Origin
[2013-01-15 14:15:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\Fairlight
[2013-01-14 17:21:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\new best ss
[2013-01-13 13:14:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\kwadrat
[2013-01-13 13:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\mysliwiec
[2013-01-11 14:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\DonationCoder
[2013-01-11 14:33:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ScreenshotCaptor
[2013-01-11 14:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\ScreenshotCaptor
[2013-01-11 14:33:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DonationCoder
[2013-01-11 14:32:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013-01-10 17:17:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Reality Pump
[2013-01-10 17:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\Reality Pump
[2013-01-10 03:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\My Documents\My Games
[2013-01-10 03:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\rld-irsk
[2013-01-10 03:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FTL Faster Than Light
[2013-01-10 03:45:46 | 000,000,000 | ---D | C] -- C:\Program Files\FTL
[2013-01-10 03:41:07 | 148,196,197 | ---- | C] (Subset Games ) -- C:\Documents and Settings\qw\ftl_faster_than_light_1.03.1.exe
[2013-01-10 03:29:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Medal.of.Honor.Warfighter-FLT
[2013-01-10 03:08:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013-01-10 02:37:12 | 000,005,632 | ---- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\Entech64.sys
[2013-01-10 02:37:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Futuremark
[2013-01-10 02:36:51 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark
[2013-01-10 02:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Futuremark
[2013-01-09 22:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\NVIDIA Corporation
[2013-01-09 22:38:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\NVIDIA Corporation
[2013-01-09 22:38:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NVIDIA Corporation
[2013-01-09 22:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA nTune Performance Application
[2013-01-09 21:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\zadania
[2013-01-09 02:10:27 | 016,369,160 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013-01-07 04:27:52 | 002,288,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TUKernel.exe
[2013-01-07 04:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\AVG
[2013-01-07 04:08:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013-01-07 03:23:23 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013-01-07 02:53:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\AVG2013
[2013-01-07 02:52:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\TuneUp Software
[2013-01-07 02:51:32 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013-01-07 02:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013-01-07 02:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013-01-07 02:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\MFAData
[2013-01-07 02:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013-01-07 02:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\Avg2013
[2013-01-05 00:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\Zadania na sobote
[2013-01-03 14:07:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\QuickScan
[2013-01-02 03:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\tor
[2013-01-02 02:03:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\rachunkowosc finansowa na sobote
[2013-01-02 01:52:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Foxit Software
[2013-01-02 01:52:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Advanced PDF Editor
[2013-01-02 01:52:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\Foxit Advanced PDF Editor
[2013-01-02 01:52:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\Foxit Advanced PDF Editor
[2013-01-02 01:52:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Foxit Advanced PDF Editor
[2013-01-02 01:52:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Aspell
[2013-01-02 01:52:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\Aspell
[2013-01-02 01:45:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Foxit Advanced PDF Editor v3.00 Incl Crack [h33t][iahq76]
[2013-01-02 01:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\ACD Systems
[2013-01-02 01:27:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\ACD Systems
[2013-01-02 01:26:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ACD Systems
[2013-01-02 01:21:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\ACDSee Pro v6.0 build 169 (32bit) Including Crack [h33t][iahq76]
[2013-01-01 21:52:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013-01-01 04:35:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Dad Does Dau Mix 0909
[2013-01-01 02:31:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\The Devil's Double 2011 720p DTS multisub HighCode-PublicHD
[2012-12-30 04:07:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\Slowniki teczowe tablice
[2012-12-29 00:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\Nmap
[2012-12-27 04:06:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Start Menu\Programs\Camtech
[2012-12-27 04:06:47 | 000,000,000 | ---D | C] -- C:\Program Files\Camtech
[2012-12-27 03:39:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sprytne Katalogowanie
[2012-12-27 03:39:44 | 000,000,000 | ---D | C] -- C:\Program Files\Sprytne Katalogowanie
[2012-12-27 03:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\Free Monitor for Google
[2012-12-27 01:28:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Desktop\War of the Roses [Steam-Rip] - GameWorks
[2012-12-27 01:00:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012-12-26 01:57:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\SENukeX
[2012-12-26 01:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\SENukeXUpdateConfig
[2012-12-26 01:57:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\Deployment
[2012-12-26 01:52:00 | 000,000,000 | ---D | C] -- C:\Program Files\SEnuke
[2012-12-26 01:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\Teleport Pro
[2012-12-26 01:26:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Local Settings\Application Data\AVG Secure Search
[2012-12-26 01:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012-12-26 01:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\AVG Secure Search
[2012-12-26 01:26:11 | 000,026,984 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012-12-26 01:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012-12-26 01:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012-12-26 01:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\geany
[2012-12-25 18:15:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MiniTool Partition Wizard Home Edition 7.6.1
[2012-12-25 18:15:55 | 000,000,000 | ---D | C] -- C:\Program Files\MiniTool Partition Wizard Home Edition 7.6.1
[2012-12-25 05:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\qw\Application Data\FileZilla
[2012-12-25 05:25:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2012-12-25 05:25:38 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2012-12-25 03:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2012-12-08 15:53:10 | 066,759,488 | ---- | C] (DVDVideoSoft Ltd. ) -- C:\Documents and Settings\qw\FreeStudio.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-01-23 13:32:35 | 000,128,953 | ---- | M] () -- C:\Documents and Settings\qw\Desktop\hdd1.jpg
[2013-01-23 13:32:19 | 000,128,790 | ---- | M] () -- C:\Documents and Settings\qw\Desktop\hdd2.jpg
[2013-01-23 13:17:46 | 004,933,048 | ---- | M] () -- C:\WINDOWS\{00000001-00000000-00000008-00001102-00000008-10011102}.CDF
[2013-01-23 13:17:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-01-23 04:41:12 | 000,030,624 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000008-00001102-00000008-10011102}.rfx
[2013-01-23 04:41:12 | 000,030,624 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-00000008-00001102-00000008-10011102}.rfx
[2013-01-23 04:41:12 | 000,029,772 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-00000008-00001102-00000008-10011102}.rfx
[2013-01-23 04:41:12 | 000,029,772 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-00000008-00001102-00000008-10011102}.rfx
[2013-01-23 04:41:12 | 000,002,796 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000008-00001102-00000008-10011102}.rfx
[2013-01-23 04:41:12 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2013-01-23 04:41:12 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2013-01-23 04:09:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-01-23 02:17:01 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1935655697-1425521274-1801674531-1003UA.job
[2013-01-23 01:52:20 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\qw\Desktop\CrystalDiskInfo.lnk
[2013-01-22 23:17:00 | 000,000,964 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1935655697-1425521274-1801674531-1003Core.job
[2013-01-20 17:00:17 | 000,229,156 | ---- | M] () -- C:\Documents and Settings\qw\Desktop\564369_362496563785910_483001006_n.jpg
[2013-01-20 15:53:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-01-18 23:27:54 | 000,175,616 | ---- | M] () -- C:\Documents and Settings\qw\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-01-18 18:41:49 | 000,025,933 | ---- | M] () -- C:\Documents and Settings\qw\Desktop\AWDFLASH118.zip
[2013-01-18 14:47:41 | 000,000,960 | ---- | M] () -- C:\Documents and Settings\qw\Application Data\Microsoft\Internet Explorer\Quick Launch\FurMark.lnk
[2013-01-18 14:47:41 | 000,000,942 | ---- | M] () -- C:\Documents and Settings\qw\Desktop\FurMark.lnk
[2013-01-18 14:21:10 | 000,000,448 | ---- | M] () -- C:\user.js
[2013-01-18 13:24:38 | 001,074,560 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-01-18 13:24:38 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-01-18 13:24:33 | 001,074,560 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-01-18 13:24:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013-01-18 13:17:16 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013-01-16 03:39:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013-01-16 00:43:39 | 043,402,971 | ---- | M] () -- C:\Documents and Settings\qw\Desktop\adam_bytof_-_hipnagogia_letnia_noc_2004.mp3
[2013-01-15 17:18:00 | 000,000,389 | RHS- | M] () -- C:\boot.ini
[2013-01-15 14:16:07 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Origin.lnk
[2013-01-11 14:34:03 | 000,000,058 | ---- | M] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2013-01-11 14:34:03 | 000,000,058 | ---- | M] () -- C:\Documents and Settings\qw\Local Settings\Application Data\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2013-01-11 14:33:59 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\qw\Desktop\Screenshot Captor.lnk
[2013-01-11 14:32:12 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013-01-10 17:17:59 | 000,000,940 | ---- | M] () -- C:\Documents and Settings\qw\Desktop\Iron Sky Invasion.lnk
[2013-01-10 05:17:17 | 000,492,614 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-01-10 05:17:17 | 000,083,262 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-01-10 04:52:23 | 000,000,558 | ---- | M] () -- C:\WINDOWS\DFC.INI
[2013-01-10 03:46:05 | 000,000,634 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FTL.lnk
[2013-01-10 03:44:55 | 148,196,197 | ---- | M] (Subset Games ) -- C:\Documents and Settings\qw\ftl_faster_than_light_1.03.1.exe
[2013-01-10 03:04:46 | 000,000,103 | ---- | M] () -- C:\WINDOWS\pro.INI
[2013-01-10 02:38:03 | 000,001,693 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\3DMark05.lnk
[2013-01-09 02:10:37 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-01-09 02:10:37 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-01-09 02:10:27 | 016,369,160 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013-01-07 04:27:52 | 002,288,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\TUKernel.exe
[2013-01-06 06:33:28 | 006,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013-01-03 02:21:19 | 247,830,501 | ---- | M] () -- C:\Documents and Settings\qw\prnfle874x.mp4
[2013-01-02 01:52:11 | 000,001,055 | ---- | M] () -- C:\Documents and Settings\qw\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Advanced PDF Editor.lnk
[2013-01-02 01:52:11 | 000,001,037 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Advanced PDF Editor.lnk
[2013-01-02 01:26:01 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012-12-30 17:00:38 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2012-12-29 11:31:25 | 019,570,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2012-12-29 11:31:25 | 017,551,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2012-12-29 11:31:25 | 010,686,200 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2012-12-29 11:31:25 | 007,716,864 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2012-12-29 11:31:25 | 006,066,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll
[2012-12-29 11:31:25 | 004,154,752 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2012-12-29 11:31:25 | 002,725,304 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2012-12-29 11:31:25 | 002,448,384 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2012-12-29 11:31:25 | 002,284,064 | ---- | M] () -- C:\WINDOWS\System32\nvdata.data
[2012-12-29 11:31:25 | 001,985,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2012-12-29 11:31:25 | 001,017,272 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2012-12-29 11:31:25 | 000,889,784 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco32.dll
[2012-12-29 11:31:25 | 000,016,032 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2012-12-29 09:07:06 | 000,054,272 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2012-12-29 09:07:02 | 015,635,896 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2012-12-29 09:07:02 | 000,108,984 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2012-12-29 09:07:01 | 000,144,312 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2012-12-29 01:27:23 | 000,000,897 | ---- | M] () -- C:\Documents and Settings\qw\Local Settings\Application Data\recently-used.xbel
[2012-12-26 02:11:03 | 009,879,129 | ---- | M] () -- C:\Documents and Settings\qw\WYSIWYG.Web.Builder 8.5.1+keyG[DJiNN] by Senzati.rar
[2012-12-26 01:25:54 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012-12-25 21:03:40 | 000,609,204 | ---- | M] () -- C:\Copy of Screenshot9999.png
[2012-12-25 21:03:40 | 000,609,204 | ---- | M] () -- C:\Copy (2) of Screenshot9999.png
[2012-12-25 20:54:35 | 000,720,778 | ---- | M] () -- C:\Copy of Screenshot777.png
[2012-12-25 20:54:35 | 000,720,778 | ---- | M] () -- C:\Copy (2) of Screenshot777.png
[2012-12-25 20:41:00 | 000,618,565 | ---- | M] () -- C:\Copy of Screenshot666.png
[2012-12-25 20:41:00 | 000,618,565 | ---- | M] () -- C:\Copy (2) of Screenshot666.png
[2012-12-25 18:15:58 | 000,000,971 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MiniTool Partition Wizard Home Edition.lnk
[2012-12-25 17:00:20 | 000,136,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-25 05:25:40 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\qw\Desktop\FileZilla.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-01-23 13:32:35 | 000,128,953 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\hdd1.jpg
[2013-01-23 13:32:19 | 000,128,790 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\hdd2.jpg
[2013-01-23 01:52:20 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\CrystalDiskInfo.lnk
[2013-01-20 17:00:16 | 000,229,156 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\564369_362496563785910_483001006_n.jpg
[2013-01-19 12:08:48 | 067,108,864 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\Pokemon_Stadium_2_(U)_[!].rom
[2013-01-19 11:56:50 | 033,554,432 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\Pokemon Stadium.z64
[2013-01-18 22:58:00 | 000,000,986 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1935655697-1425521274-1801674531-1003UA.job
[2013-01-18 22:58:00 | 000,000,964 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1935655697-1425521274-1801674531-1003Core.job
[2013-01-18 22:55:15 | 000,004,749 | ---- | C] () -- C:\WINDOWS\PD0620.uns
[2013-01-18 18:41:58 | 000,048,165 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\AWDFLASH.EXE
[2013-01-18 18:41:48 | 000,025,933 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\AWDFLASH118.zip
[2013-01-18 14:47:41 | 000,000,960 | ---- | C] () -- C:\Documents and Settings\qw\Application Data\Microsoft\Internet Explorer\Quick Launch\FurMark.lnk
[2013-01-18 14:47:41 | 000,000,942 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\FurMark.lnk
[2013-01-18 14:21:09 | 000,000,448 | ---- | C] () -- C:\user.js
[2013-01-18 14:20:58 | 001,008,496 | ---- | C] () -- C:\WINDOWS\System32\dmwu.exe
[2013-01-18 14:20:58 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ImHttpComm.dll
[2013-01-18 13:24:33 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013-01-18 13:24:33 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013-01-18 13:24:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013-01-18 13:24:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013-01-18 13:17:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013-01-16 00:28:29 | 043,402,971 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\adam_bytof_-_hipnagogia_letnia_noc_2004.mp3
[2013-01-15 14:16:07 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Origin.lnk
[2013-01-11 14:34:03 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2013-01-11 14:34:03 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\qw\Local Settings\Application Data\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2013-01-11 14:33:59 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\Screenshot Captor.lnk
[2013-01-10 17:17:59 | 000,000,940 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\Iron Sky Invasion.lnk
[2013-01-10 03:46:05 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FTL.lnk
[2013-01-10 03:04:46 | 000,000,103 | ---- | C] () -- C:\WINDOWS\pro.INI
[2013-01-10 02:38:03 | 000,001,693 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\3DMark05.lnk
[2013-01-10 02:37:12 | 000,006,173 | ---- | C] () -- C:\WINDOWS\System32\drivers\Entech.vxd
[2013-01-10 02:37:12 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2013-01-07 02:52:14 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013-01-03 01:55:31 | 247,830,501 | ---- | C] () -- C:\Documents and Settings\qw\prnfle874x.mp4
[2013-01-02 01:52:11 | 000,001,055 | ---- | C] () -- C:\Documents and Settings\qw\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Advanced PDF Editor.lnk
[2013-01-02 01:52:11 | 000,001,043 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Advanced PDF Editor.lnk
[2013-01-02 01:52:11 | 000,001,037 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Foxit Advanced PDF Editor.lnk
[2012-12-30 17:00:38 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2012-12-29 01:27:23 | 000,000,897 | ---- | C] () -- C:\Documents and Settings\qw\Local Settings\Application Data\recently-used.xbel
[2012-12-26 04:50:08 | 000,125,418 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012-12-26 04:50:08 | 000,125,418 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1935655697-1425521274-1801674531-1003-0.dat
[2012-12-26 02:03:20 | 009,879,129 | ---- | C] () -- C:\Documents and Settings\qw\WYSIWYG.Web.Builder 8.5.1+keyG[DJiNN] by Senzati.rar
[2012-12-25 23:50:29 | 000,720,778 | ---- | C] () -- C:\Copy (2) of Screenshot777.png
[2012-12-25 23:50:29 | 000,623,867 | ---- | C] () -- C:\Copy (2) of Screenshot-1.png
[2012-12-25 23:50:29 | 000,618,565 | ---- | C] () -- C:\Copy (2) of Screenshot666.png
[2012-12-25 23:50:29 | 000,609,204 | ---- | C] () -- C:\Copy (2) of Screenshot9999.png
[2012-12-25 23:50:29 | 000,607,842 | ---- | C] () -- C:\Copy (2) of Screenshot.png
[2012-12-25 23:50:28 | 000,720,778 | ---- | C] () -- C:\Copy of Screenshot777.png
[2012-12-25 23:50:28 | 000,618,565 | ---- | C] () -- C:\Copy of Screenshot666.png
[2012-12-25 23:50:28 | 000,609,204 | ---- | C] () -- C:\Copy of Screenshot9999.png
[2012-12-25 23:50:28 | 000,607,842 | ---- | C] () -- C:\Copy of Screenshot.png
[2012-12-25 23:50:28 | 000,595,438 | ---- | C] () -- C:\Copy of Screenshot-2.png
[2012-12-25 18:16:06 | 002,872,000 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2012-12-25 18:16:06 | 000,015,576 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2012-12-25 18:16:05 | 000,010,200 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2012-12-25 18:15:58 | 000,000,971 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MiniTool Partition Wizard Home Edition.lnk
[2012-12-25 05:25:40 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\qw\Desktop\FileZilla.lnk
[2012-12-10 01:09:40 | 000,033,664 | ---- | C] () -- C:\Documents and Settings\qw\Californication.S05E04.720p.HDTV.x264-AVS.srt
[2012-12-09 03:34:00 | 684,361,327 | ---- | C] () -- C:\Documents and Settings\qw\Californication.S05E04.720p.HDTV.x264-AVS.mkv
[2012-12-06 02:07:27 | 002,284,064 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012-11-30 15:48:22 | 000,000,696 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2012-11-03 21:20:32 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012-11-03 20:04:04 | 000,144,633 | ---- | C] () -- C:\WINDOWS\hpoins21.dat
[2012-11-03 20:04:04 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat
[2012-10-12 19:54:46 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2012-10-12 19:54:46 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2012-10-07 22:40:39 | 000,045,936 | ---- | C] () -- C:\WINDOWS\php.ini
[2012-10-07 22:40:39 | 000,000,486 | ---- | C] () -- C:\WINDOWS\my.ini
[2012-08-08 20:42:02 | 000,377,014 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2012-08-08 10:29:09 | 000,175,616 | ---- | C] () -- C:\Documents and Settings\qw\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-08 10:28:46 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012-08-08 10:22:45 | 000,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2012-08-08 10:19:06 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2012-08-08 10:19:05 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2012-08-08 10:18:20 | 000,048,864 | ---- | C] () -- C:\WINDOWS\System32\e10kxwdm.ini
[2012-08-08 10:18:20 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2012-08-08 10:18:11 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2012-08-08 10:18:11 | 000,264,724 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2012-08-08 10:18:11 | 000,231,821 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2012-08-08 10:18:10 | 000,140,643 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2012-08-08 10:18:10 | 000,132,415 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2012-08-08 10:18:10 | 000,113,221 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2012-08-08 10:18:10 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2012-08-08 10:18:09 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2012-08-08 10:18:09 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[2012-08-08 10:18:09 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2012-08-08 10:18:08 | 000,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2012-08-08 10:18:08 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2012-08-08 10:18:01 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2012-08-08 10:16:40 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2012-08-08 10:12:46 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2012-08-08 10:12:45 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2012-08-08 10:12:45 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2012-08-08 10:12:45 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2012-08-08 10:12:45 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2012-08-08 10:12:45 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2012-08-08 10:12:45 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2012-08-08 10:12:44 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2012-08-08 10:12:44 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2012-08-08 10:11:57 | 000,032,768 | ---- | C] () -- C:\WINDOWS\TBPanelExt.dll
[2012-08-08 10:11:57 | 000,026,624 | ---- | C] () -- C:\WINDOWS\TBZoom.exe
[2012-08-08 10:11:57 | 000,012,285 | ---- | C] () -- C:\WINDOWS\Cadx3.ini
[2012-08-08 10:11:57 | 000,006,942 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2012-08-08 10:11:57 | 000,005,120 | ---- | C] () -- C:\WINDOWS\TBManage.dll
[2012-08-08 00:52:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012-08-08 00:51:33 | 000,136,464 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-08-07 23:05:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012-08-07 23:00:49 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012-06-13 16:36:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-06-13 16:36:12 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\FontReg.exe

========== ZeroAccess Check ==========

[2012-12-08 15:58:29 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012-06-13 16:35:29 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2012-06-13 16:34:32 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013-01-07 04:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG
[2012-12-26 03:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2013-01-07 02:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2012-11-30 16:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Battle.net
[2013-01-11 14:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DonationCoder
[2013-01-15 14:16:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2013-01-02 01:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Foxit Advanced PDF Editor
[2013-01-23 13:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013-01-15 14:19:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin
[2012-12-09 19:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2012-12-27 03:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sprytne Katalogowanie
[2013-01-17 03:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012-08-08 20:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TP-LINK
[2013-01-07 03:23:23 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013-01-11 14:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\TuneUp Software
[2013-01-02 01:52:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Foxit Software
[2013-01-02 01:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\ACD Systems
[2012-08-22 03:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\aMule
[2013-01-07 04:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\AVG
[2012-12-26 01:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\AVG Secure Search
[2013-01-07 02:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\AVG2013
[2012-12-08 20:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\avidemux
[2012-10-22 00:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\BESTplayer
[2013-01-11 14:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\DonationCoder
[2012-08-20 09:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\EAST Technologies
[2012-12-30 17:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\FileZilla
[2013-01-02 01:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\Foxit Advanced PDF Editor
[2012-11-02 17:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\Foxit Software
[2012-11-03 16:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\Free Download Manager
[2012-12-26 01:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\geany
[2012-12-23 22:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\ImgBurn
[2012-08-08 21:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\Mount&Blade Warband
[2012-09-15 18:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\Mount&Blade With Fire and Sword
[2012-09-08 16:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\NapiProjekt
[2012-10-11 23:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\Opera
[2013-01-15 14:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\Origin
[2013-01-11 16:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\QuickScan
[2012-12-12 12:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\The Creative Assembly
[2013-01-07 02:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\TuneUp Software
[2012-12-09 03:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\Ubisoft
[2013-01-23 13:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\uTorrent
[2012-12-08 16:24:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\qw\Application Data\WinAVI
[2012-12-09 04:15:50 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\qw\Application Data\wyUpdate AU
[2013-01-11 14:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser\Application Data\TuneUp Software

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:احتضان
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C97C8631

< End of report >

Do góry

#4 pawel315

Uzależniony od forum

1 553 postów

Napisano 23 01 2013 - 17:28

Odinstaluj:

ESET Online Scanner v3
 AVG Security Toolbar

Uruchom OTL w okienku Własne opcje skanowania/skrypt wklej:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?u...4&ts=1350068968
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?u...4&ts=1350068968
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?u...4&ts=1350068968
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MyStart by IncrediBar.com
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = {searchTerms} - Ask.com Search
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = Search 01:26:14&v=13.2.0.4&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8RHIHH5p&i=26
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "http://mystart.incre...R8RHIHH5p&i=26"
FF - prefs.js..keyword.URL: "http://mystart.incre...&&i=26&search="
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKU\S-1-5-21-1935655697-1425521274-1801674531-1003..\Run: [Facebook Update] C:\Documents and Settings\qw\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

:Commands
[emptytemp]

Kliknij Wykonaj skrypt daj log z usuwania.
1. Następnie:

Znasz to: ?

C:\Documents and Settings\All Users\Application Data\AVG\AWL2012\WinStyler\tu_logonui.exe

Podaj log z GMER'a

Do góry

#5 taniepisanie

Początkujący

10 postów

Napisano 23 01 2013 - 19:03

Zrobiłem jak napisałeś

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1935655697-1425521274-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1935655697-1425521274-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_USERS\S-1-5-21-1935655697-1425521274-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_USERS\S-1-5-21-1935655697-1425521274-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
Prefs.js: "MyStart Search" removed from browser.search.defaultenginename
Prefs.js: "v9" removed from browser.search.order.1
Prefs.js: "MyStart Search" removed from browser.search.selectedEngine
Prefs.js: "http://mystart.incre...R8RHIHH5p&i=26" removed from browser.startup.homepage
Prefs.js: "http://mystart.incre...&&i=26&search=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1935655697-1425521274-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
C:\Documents and Settings\qw\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 34456 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: qw
->Temp folder emptied: 185604219 bytes
->Temporary Internet Files folder emptied: 24809695 bytes
->FireFox cache emptied: 191128878 bytes
->Opera cache emptied: 52790389 bytes
->Flash cache emptied: 65812 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15483645 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 240994914 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 128761 bytes

Total Files Cleaned = 678,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 01232013_172833

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...