OTL logfile created on: 2013-03-25 22:25:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\NTT\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,25 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 61,18% Memory free
6,49 Gb Paging File | 5,04 Gb Available in Paging File | 77,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 797,15 Gb Free Space | 85,58% Space Free | Partition Type: NTFS
Computer Name: NTT-KOMPUTER | User Name: NTT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013-03-25 22:24:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NTT\Desktop\OTL.exe
PRC - [2013-03-13 15:44:26 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013-03-08 16:29:00 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-01-25 11:45:37 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013-01-25 11:45:37 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2013-01-25 04:35:08 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-12-21 13:08:56 | 001,333,424 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2012-12-21 13:08:48 | 005,074,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-11-23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009-03-31 08:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2013-03-13 15:44:25 | 014,717,144 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013-03-08 16:29:00 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-01-09 18:13:02 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013-01-09 16:31:47 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013-01-09 16:31:15 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - [2013-03-15 17:29:10 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-03-13 15:44:30 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-03-08 16:29:00 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-01-28 23:24:26 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-01-25 04:35:08 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-12-21 13:08:56 | 001,333,424 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-01-04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-10-01 00:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010-05-24 14:37:37 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-03-31 08:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\netr73.sys -- (netr73)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LMouKE.Sys -- (LMouKE)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TBPANEL.SYS -- (Cardex)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (avpb3ju4)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\NTT\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2013-01-28 23:24:21 | 008,941,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013-01-10 09:25:22 | 000,150,080 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2013-01-10 09:25:20 | 000,171,680 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2013-01-10 09:25:20 | 000,122,240 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013-01-10 09:25:20 | 000,047,568 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2013-01-10 09:25:20 | 000,046,056 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2012-08-23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012-08-23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011-11-01 10:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011-11-01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011-11-01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011-11-01 10:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011-10-01 00:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftvolwin7.sys -- (Sftvol)
DRV - [2011-10-01 00:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftredirwin7.sys -- (Sftredir)
DRV - [2011-10-01 00:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftplaywin7.sys -- (Sftplay)
DRV - [2011-10-01 00:30:36 | 000,581,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftfswin7.sys -- (Sftfs)
DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-06-30 19:49:25 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010-04-20 19:54:18 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-04-20 19:54:17 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-01-05 19:20:10 | 001,500,160 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-03-31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-03-18 15:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-07-18 11:32:14 | 000,154,784 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\V0260Vid.sys -- (V0260VID)
DRV - [2006-11-02 08:57:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=umail3&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1QzuyByE0E0AtA0AzytAzztA0DzztCyC0B0DtN0D0Tzu0StAyCtAtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1410646346
IE - HKLM\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=d324e88b-8e46-11e1-a632-00226861b42d&q={searchTerms}
IE - HKLM\..\SearchScopes\{5ACF719F-9B4F-14B3-08A0-15557D2638CE}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=d324e88b-8e46-11e1-a632-00226861b42d
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=umail3&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1QzuyByE0E0AtA0AzytAzztA0DzztCyC0B0DtN0D0Tzu0StAyCtAtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1410646346
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=4618F677-E783-49E9-9C74-3D4D5737172B&apn_sauid=4ABF4678-298F-45D9-B689-F210F8FE94E0
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\SearchScopes\{5ACF719F-9B4F-14B3-08A0-15557D2638CE}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=d324e88b-8e46-11e1-a632-00226861b42d&q={searchTerms}
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\SearchScopes\{CF4B8F72-DD01-4226-91B9-6ECFFFCE7197}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=119999&tt=090212_ctrl&babsrc=SP_ss&mntrId=721916bd00000000000072ea3a9383d8
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "chrome://superstart/content/index.html"
FF - prefs.js..extensions.enabledAddons: superstart%40enjoyfreeware.org:5.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-01-29 01:39:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-03-08 16:29:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-03-08 16:29:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-01-29 01:39:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-03-09 15:34:08 | 000,000,000 | ---D | M]
[2013-01-02 16:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NTT\AppData\Roaming\mozilla\Extensions
[2013-03-12 17:34:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NTT\AppData\Roaming\mozilla\Firefox\Profiles\7io5tjmw.default\extensions
[2013-03-12 17:34:38 | 000,000,000 | ---D | M] (Super Start) -- C:\Users\NTT\AppData\Roaming\mozilla\Firefox\Profiles\7io5tjmw.default\extensions\superstart@enjoyfreeware.org
[2013-02-22 22:40:50 | 000,779,952 | ---- | M] () (No name found) -- C:\Users\NTT\AppData\Roaming\mozilla\firefox\profiles\7io5tjmw.default\extensions\Australis@SoapyHamHocks.xpi
[2013-01-02 17:31:36 | 002,966,066 | ---- | M] () (No name found) -- C:\Users\NTT\AppData\Roaming\mozilla\firefox\profiles\7io5tjmw.default\extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi
[2013-01-16 16:53:14 | 000,002,308 | ---- | M] () -- C:\Users\NTT\AppData\Roaming\mozilla\firefox\profiles\7io5tjmw.default\searchplugins\askcom.xml
[2013-01-30 16:37:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-03-08 16:29:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013-02-27 20:53:32 | 000,002,980 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2013-02-27 20:53:32 | 000,001,619 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2013-02-27 20:53:32 | 000,001,130 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2013-02-27 20:53:32 | 000,001,071 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2013-02-27 20:53:32 | 000,001,396 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2013-02-27 20:53:32 | 000,001,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=4618F677-E783-49E9-9C74-3D4D5737172B&apn_ptnrs=U3&apn_sauid=4ABF4678-298F-45D9-B689-F210F8FE94E0&apn_dtid=OSJ000YYPL&q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
CHR - homepage: chrome://superstart/content/index.html
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Dysk Google = C:\Users\NTT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\NTT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\NTT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Classic = C:\Users\NTT\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn\1.1_0\
CHR - Extension: Gmail = C:\Users\NTT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation)
O4 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000..\Run: [GG] C:\Users\NTT\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FFFBDD3-715A-4BA8-9AF9-33CD10F6BF9D}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{5789a319-8478-11df-b0fa-00226861b42d}\Shell - "" = AutoRun
O33 - MountPoints2\{5789a319-8478-11df-b0fa-00226861b42d}\Shell\AutoRun\command - "" = I:\UbiAutorun.exe
O33 - MountPoints2\{ab914d6e-bc8b-11de-8682-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ab914d6e-bc8b-11de-8682-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autostart.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013-03-25 22:24:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\NTT\Desktop\OTL.exe
[2013-03-16 22:47:23 | 000,000,000 | ---D | C] -- C:\Users\NTT\Documents\Euro Truck Simulator 2
[2013-03-16 22:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2013-03-16 17:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2013-03-15 18:17:06 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013-03-15 18:17:06 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013-03-15 18:17:06 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013-03-13 15:19:31 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013-03-13 15:19:29 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013-03-13 15:19:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013-03-13 15:19:29 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013-03-13 15:19:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013-03-12 21:02:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2013-03-12 21:02:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013-03-12 21:02:10 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2013-03-12 21:02:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013-03-12 21:02:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2013-03-12 21:02:08 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2013-03-12 21:02:08 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2013-03-12 21:02:08 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013-03-12 21:02:08 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2013-03-12 21:02:08 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2013-03-12 21:02:08 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2013-03-12 21:02:08 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2013-03-12 21:02:08 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013-03-12 21:02:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2013-03-12 21:02:08 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2013-03-12 21:00:27 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013-03-09 15:38:09 | 000,000,000 | ---D | C] -- C:\Users\NTT\AppData\Roaming\ESET
[2013-03-09 15:38:09 | 000,000,000 | ---D | C] -- C:\Users\NTT\AppData\Local\ESET
[2013-03-09 15:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013-03-09 15:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013-03-09 15:33:59 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013-03-06 21:39:56 | 000,000,000 | ---D | C] -- C:\multiAVCHD
[2013-03-06 20:33:32 | 000,000,000 | ---D | C] -- C:\Users\NTT\AppData\Roaming\Corel
[2013-03-06 20:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\SmartSound Software
[2013-03-06 20:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2013-03-06 20:31:23 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013-03-06 20:30:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2013-03-06 20:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X4
[2013-03-06 20:28:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2013-03-06 20:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2013-03-06 20:27:30 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2013-03-04 23:18:20 | 000,000,000 | ---D | C] -- C:\Users\NTT\Desktop\Avatar
[2013-02-26 22:55:54 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2013-02-26 22:55:51 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013-02-26 22:55:50 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013-02-26 22:55:50 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013-02-26 22:55:50 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013-02-26 22:55:49 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013-02-26 22:55:48 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2013-02-26 22:55:48 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013-02-26 22:55:48 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013-02-26 22:55:48 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013-02-26 22:55:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013-02-26 22:55:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013-02-26 22:55:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013-02-26 22:55:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013-02-26 22:55:47 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013-02-26 22:55:47 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013-02-26 22:55:47 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013-02-26 22:55:47 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013-02-26 22:55:47 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013-02-26 22:55:47 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013-02-26 22:55:47 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013-02-26 22:55:47 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013-02-26 22:55:47 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013-02-26 22:55:47 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013-02-26 22:55:46 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[19 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013-03-25 22:24:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NTT\Desktop\OTL.exe
[2013-03-25 22:20:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-03-25 21:43:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-03-25 21:29:29 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-03-25 19:39:28 | 000,016,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-25 19:39:28 | 000,016,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-25 19:32:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-03-25 19:31:59 | 2615,812,096 | -HS- | M] () -- C:\hiberfil.sys
[2013-03-25 15:15:38 | 000,738,174 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2013-03-25 15:15:38 | 000,652,382 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-03-25 15:15:38 | 000,154,604 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2013-03-25 15:15:38 | 000,121,056 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-03-24 13:36:13 | 000,027,136 | ---- | M] () -- C:\Users\NTT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-19 15:47:53 | 009,326,913 | ---- | M] () -- C:\Users\NTT\Desktop\Szad Akrobata - Sprawdzam.mp3
[2013-03-17 22:44:01 | 000,224,211 | ---- | M] () -- C:\Users\NTT\Desktop\safe_image.php.jpg
[2013-03-15 18:17:01 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013-03-15 18:16:59 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013-03-15 18:16:58 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2013-03-15 18:16:58 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013-03-15 18:16:58 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013-03-15 18:16:58 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013-03-14 18:42:16 | 001,547,445 | ---- | M] () -- C:\Users\NTT\Desktop\league_of_legends___xin_zhao_build_by_elderwraith-d4mnr5w.png
[2013-03-13 22:04:08 | 000,376,411 | ---- | M] () -- C:\Users\NTT\Desktop\mastap-1.png
[2013-03-13 15:44:27 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013-03-13 15:44:27 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013-03-11 16:53:30 | 010,458,528 | ---- | M] () -- C:\Users\NTT\Desktop\Szad Akrobata-Umieram na wyobraźnię.mp3
[2013-02-28 14:37:20 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013-02-28 14:37:08 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013-02-28 14:37:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013-02-28 14:37:03 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013-02-28 12:38:43 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[19 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013-03-19 15:47:40 | 009,326,913 | ---- | C] () -- C:\Users\NTT\Desktop\Szad Akrobata - Sprawdzam.mp3
[2013-03-17 22:44:00 | 000,224,211 | ---- | C] () -- C:\Users\NTT\Desktop\safe_image.php.jpg
[2013-03-14 18:42:14 | 001,547,445 | ---- | C] () -- C:\Users\NTT\Desktop\league_of_legends___xin_zhao_build_by_elderwraith-d4mnr5w.png
[2013-03-13 22:04:06 | 000,376,411 | ---- | C] () -- C:\Users\NTT\Desktop\mastap-1.png
[2013-03-11 16:52:57 | 010,458,528 | ---- | C] () -- C:\Users\NTT\Desktop\Szad Akrobata-Umieram na wyobraźnię.mp3
[2012-02-23 17:36:28 | 000,007,597 | ---- | C] () -- C:\Users\NTT\AppData\Local\Resmon.ResmonCfg
[2011-12-26 12:32:53 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011-08-20 20:55:59 | 000,314,368 | ---- | C] () -- C:\Windows\KSGDeInstall.exe
[2011-03-30 14:03:55 | 000,058,713 | ---- | C] () -- C:\Users\NTT\AppData\Roaming\SQLite3.dll
[2011-03-26 22:56:24 | 000,027,136 | ---- | C] () -- C:\Users\NTT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-26 00:46:05 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-10-12 15:34:03 | 000,000,640 | RHS- | C] () -- C:\Users\NTT\ntuser.pol
[2010-02-09 20:22:04 | 000,027,978 | ---- | C] () -- C:\Users\NTT\AppData\Roaming\OFMissionEditorConfig.xml
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== LOP Check ==========[/color]
[2011-06-06 10:09:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Ulead Systems
[2013-03-15 14:01:56 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\ESET
[2012-10-09 17:17:14 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Gearbox Software
[2013-03-25 19:32:19 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\GG
[2010-10-25 16:00:43 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Groove Games
[2011-10-30 15:38:29 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\IrfanView
[2013-01-23 10:53:08 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\LolClient
[2012-06-02 16:56:07 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\LolClient2
[2012-06-01 15:02:45 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Mp3tag
[2012-02-07 20:20:50 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\PC Suite
[2012-06-29 17:16:04 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\SoftGrid Client
[2013-03-07 14:21:58 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\TS3Client
[2012-10-09 14:09:51 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Ubisoft
[2011-02-22 09:16:13 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Ulead Systems
[2012-02-18 15:44:28 | 000,000,000 | -HSD | M] -- C:\Users\NTT\AppData\Roaming\.#
[2012-11-05 17:49:48 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\.minecraft
[2011-12-26 12:32:30 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Babylon
[2010-01-24 16:26:51 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\CD-LabelPrint
[2010-06-09 16:00:27 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\ChomikBox
[2013-03-25 21:29:40 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\DAEMON Tools Lite
[2013-02-22 18:58:56 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\DAEMON Tools Pro
[2011-08-16 08:22:12 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\enchant
[2013-03-09 15:38:09 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\ESET
[2012-12-29 22:41:43 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Funmoods
[2010-08-27 21:20:27 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Gadu-Gadu 10
[2012-07-22 17:32:55 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Gearbox Software
[2012-01-24 23:49:47 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\GetRightToGo
[2013-03-25 19:34:06 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\GG
[2010-11-18 07:51:35 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Groove Games
[2011-12-11 12:34:05 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\IObit
[2012-12-23 16:46:36 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\ipla
[2012-12-25 21:07:21 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\IrfanView
[2010-12-27 16:23:36 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Leadertech
[2012-07-21 09:44:54 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\LolClient
[2012-06-02 13:56:46 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\LolClient2
[2010-04-08 14:23:08 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\maxup
[2012-01-29 01:41:05 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Nokia
[2010-03-15 15:41:01 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Nowe Gadu-Gadu
[2010-03-15 15:42:53 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\OpenFM
[2013-01-29 22:21:28 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Origin
[2012-01-29 01:42:26 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\PC Suite
[2011-12-25 13:27:56 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\PunkBuster
[2010-12-14 15:14:21 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\RDRM
[2011-12-23 18:04:47 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Rovio
[2010-09-04 21:04:11 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Samsung
[2012-06-19 22:08:23 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\SoftGrid Client
[2012-02-16 22:49:22 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\SumatraPDF
[2012-11-27 16:37:19 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Theta
[2011-02-26 18:08:55 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Tific
[2012-07-20 12:56:44 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\TP
[2013-02-22 18:58:52 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\TS3Client
[2012-12-25 20:49:00 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Ubisoft
[2013-03-06 20:40:38 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\Ulead Systems
[2013-03-25 21:29:40 | 000,000,000 | ---D | M] -- C:\Users\NTT\AppData\Roaming\uTorrent
[2011-03-31 06:31:23 | 000,000,000 | RHSD | M] -- C:\Users\NTT\AppData\Roaming\Winlog
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 968 bytes -> C:\ProgramData\TEMP:24721E3C
@Alternate Data Stream - 507 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:64217CD0
< End of report >
Logi - Przeglądarka nie otwiera live streamów
Rozpoczęty przez
Koreczek
, 25 03 2013 23:43
-
Temat jest zamknięty
12 odpowiedzi w tym temacie
#1
Koreczek
-
-
- 13 postów
Początkujący
Napisano 25 03 2013 - 23:43
Witam zostałem poproszony o wrzucenie logów w tym temacie http://www.forum.twe...mow-t53877.html
#2
bipiw
-
-
- 1 180 postów
Zaawansowany użytkownik
Napisano 26 03 2013 - 00:02
OTL tworzy dwa pliki. Jeszcze nie podałeś pliku Extras.txt
Użytkownik bipiw edytował ten post 26 03 2013 - 00:02
#3
Koreczek
-
-
- 13 postów
Początkujący
Napisano 26 03 2013 - 22:39
OTL Extras logfile created on: 2013-03-25 22:25:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\NTT\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,25 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 61,18% Memory free
6,49 Gb Paging File | 5,04 Gb Available in Paging File | 77,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 797,15 Gb Free Space | 85,58% Space Free | Partition Type: NTFS
Computer Name: NTT-KOMPUTER | User Name: NTT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-2634517574-3199787167-2824581415-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
"UacDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"FirstRunDisabled" = 0
"UacDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013934CE-9A6F-4081-896B-6F0713A456FA}" = rport=139 | protocol=6 | dir=out | app=system |
"{09337154-B2FB-4C5E-A5C9-E596F08ADF58}" = lport=139 | protocol=6 | dir=in | app=system |
"{0CD0D4B4-4984-4ED0-95B3-9BD469D738CB}" = lport=137 | protocol=17 | dir=in | app=system |
"{13A0DBD4-89F1-41B1-AD41-94D466B009E6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2BD02165-A176-4BFC-9FE8-C67AAF2FD272}" = rport=138 | protocol=17 | dir=out | app=system |
"{2D26BA9D-29BD-47D9-BFDE-A4AE379C3051}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{2F43FE8B-7D14-4C0D-994A-1ABCB493C54A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7E08F79B-3687-440C-94DB-FC8717F90660}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8822FC00-7BA2-48F6-87EB-3CE054CC43F8}" = lport=445 | protocol=6 | dir=in | app=system |
"{8A09479D-BF92-4FF6-81DC-529536804D62}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A323D02-AC29-470E-8DF4-608B0641DAE1}" = lport=138 | protocol=17 | dir=in | app=system |
"{A7E63E5A-D957-482B-AAEA-4B965FDA4B2D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8398E3A-99DE-4E4F-BEBE-CED96D04F491}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D7A30BCB-AA58-40D3-9D06-E55E158E1851}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D7EA29A6-0818-45F6-A645-086319565248}" = rport=137 | protocol=17 | dir=out | app=system |
"{E3C1A346-DC1D-4075-9797-BC7757C3F9C1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C96E673-BCC0-4AA6-9C2D-970DAE44DE02}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{47278D73-30EF-4275-88D8-4364C1D144D6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A631C7E3-6895-44C3-972D-E85B93383251}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C2735B7B-F12C-4D12-8CFA-DA5D2BC70188}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{0E8F4E66-5FF1-4198-AB39-75BC2BB818BC}C:\program files\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"TCP Query User{1C74242D-18E5-49B9-981D-B91AB9C3F336}C:\program files\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"TCP Query User{32FC27EC-5AB0-455B-B577-C401EF99F00D}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{57BC2965-6719-4E8C-814E-60637AD4C642}C:\program files\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"TCP Query User{7240F886-EBC0-41CB-9F9B-24BA64B0E318}C:\program files\cdp.pl\farming simulator 2013\farmingsimulator2013game.exe" = protocol=6 | dir=in | app=c:\program files\cdp.pl\farming simulator 2013\farmingsimulator2013game.exe |
"TCP Query User{733854F6-556D-4445-B910-0E08CF7BAC54}C:\gry\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\gry\counter-strike 1.6\hl.exe |
"TCP Query User{AC0AE313-4F2D-4A0F-99F9-EC8BA29AAD54}C:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"TCP Query User{AD80D935-4738-4ACF-BC60-F5E053EB84BA}C:\gry\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\gry\counter-strike 1.6\hl.exe |
"TCP Query User{AFEA26CD-3DFC-4F71-B36D-5A27A2077213}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{BC915FEC-994D-4DE2-845A-CA64F3F766C5}C:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"TCP Query User{C622F8C9-B7D6-4167-AA2C-A4E7A0AB6E82}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"TCP Query User{D28A35B9-3FE5-4FFC-83C8-7D114C77E12B}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"TCP Query User{DC240078-B40C-4449-8BA9-D268447FA031}C:\program files\assassins creed iii\ac3sp.exe" = protocol=6 | dir=in | app=c:\program files\assassins creed iii\ac3sp.exe |
"UDP Query User{1F29D980-79BF-418E-B1AD-7808E158DCDB}C:\program files\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
"UDP Query User{3CBA2BD4-3832-468C-A6D0-81C85F1A5C05}C:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"UDP Query User{40B00859-1F55-477B-9BF9-E8BFFD702371}C:\gry\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\gry\counter-strike 1.6\hl.exe |
"UDP Query User{44C31077-F946-45FF-885C-8B5E23981CC9}C:\program files\assassins creed iii\ac3sp.exe" = protocol=17 | dir=in | app=c:\program files\assassins creed iii\ac3sp.exe |
"UDP Query User{4E6BC3ED-79CD-4483-8952-B5106B086659}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"UDP Query User{5B1D9723-E98C-4BC5-85AB-DF0D36D5EA99}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{7B326841-5CFF-40F4-A289-6F173AE50F09}C:\gry\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\gry\counter-strike 1.6\hl.exe |
"UDP Query User{8087D93B-62F1-4E69-9ED4-8E3C6544E9F7}C:\program files\cdp.pl\farming simulator 2013\farmingsimulator2013game.exe" = protocol=17 | dir=in | app=c:\program files\cdp.pl\farming simulator 2013\farmingsimulator2013game.exe |
"UDP Query User{8B9D74DD-3C68-40A4-AFFB-CEF5E7B255BA}C:\program files\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"UDP Query User{B80A04D5-4E15-471A-9D81-31A7E8F8A6C2}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"UDP Query User{D771F580-9CE2-4806-9D5C-DA289390B07D}C:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"UDP Query User{DE6180EC-411D-4F85-8C17-E09FD446C1D5}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{FC5AEBDE-DF24-489B-B5AE-C4C6C94DC956}C:\program files\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty black ops\blackops.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}" = TP-LINK Wireless Client Utility
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{52644103-70EE-47F6-9BBB-AA4514B59615}_is1" = Farming Simulator 2013
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7E1E67F6-8EBE-4309-8595-7C41C9965C6B}" = ESET Smart Security
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-006D-0415-0000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0062-0415-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - Polski
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{95120000-003F-0415-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Polish
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 313.96
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 313.96
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 313.96
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 313.96
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B5560986-7A6A-4CCA-A808-853D2CED3796}" = Outspark Sharp Launcher
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Browsers Protector" = Browsers Protector
"Canon Setup Utility 2.0" = Canon Setup Utility 2.0
"CANONBJ_Deinstall_CNMCP78.DLL" = Canon iP4200
"CCleaner" = CCleaner
"Counter-Strike 1.6" = Counter-Strike 1.6
"Creative VF0260" = Creative Live! Cam Vista IM Driver (1.11.02.00)
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"FormatFactory" = FormatFactory 2.60
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 19.0.2 (x86 pl)" = Mozilla Firefox 19.0.2 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero8Lite_is1" = Nero 8 Lite 8.3.6.0
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"PoPWW_is1" = Prince of Persia: Dusza Wojownika
"PROR" = Microsoft Office Professional 2007
"RocketDock_is1" = RocketDock 1.3.5
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = Archiwizator WinRAR
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-2634517574-3199787167-2824581415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 2013-03-16 17:15:26 | Computer Name = NTT-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: eurotrucks2.exe, wersja: 1.3.0.43627,
sygnatura czasowa: 0x510ec5ce Nazwa modułu powodującego błąd: eurotrucks2.exe, wersja:
1.3.0.43627, sygnatura czasowa: 0x510ec5ce Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x0029ab88 Identyfikator procesu powodującego błąd: 0x1028 Godzina uruchomienia aplikacji
powodującej błąd: 0x01ce228b4db2d440 Ścieżka aplikacji powodującej błąd: C:\Program
Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Ścieżka modułu powodującego
błąd: C:\Program Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Identyfikator
raportu: 9ed08dd2-8e7e-11e2-ba5a-00226861b42d
Error - 2013-03-16 17:16:01 | Computer Name = NTT-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: eurotrucks2.exe, wersja: 1.3.0.43627,
sygnatura czasowa: 0x510ec5ce Nazwa modułu powodującego błąd: eurotrucks2.exe, wersja:
1.3.0.43627, sygnatura czasowa: 0x510ec5ce Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x0029ab88 Identyfikator procesu powodującego błąd: 0x17c0 Godzina uruchomienia aplikacji
powodującej błąd: 0x01ce228b683e7f01 Ścieżka aplikacji powodującej błąd: C:\Program
Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Ścieżka modułu powodującego
błąd: C:\Program Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Identyfikator
raportu: b3785963-8e7e-11e2-ba5a-00226861b42d
Error - 2013-03-16 17:21:38 | Computer Name = NTT-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: eurotrucks2.exe, wersja: 1.3.0.43627,
sygnatura czasowa: 0x510ec5ce Nazwa modułu powodującego błąd: eurotrucks2.exe, wersja:
1.3.0.43627, sygnatura czasowa: 0x510ec5ce Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x0029ab88 Identyfikator procesu powodującego błąd: 0x17a0 Godzina uruchomienia aplikacji
powodującej błąd: 0x01ce228c19466695 Ścieżka aplikacji powodującej błąd: C:\Program
Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Ścieżka modułu powodującego
błąd: C:\Program Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Identyfikator
raportu: 7c77d26b-8e7f-11e2-ba5a-00226861b42d
Error - 2013-03-16 17:26:38 | Computer Name = NTT-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: eurotrucks2.exe, wersja: 1.3.0.43627,
sygnatura czasowa: 0x510ec5ce Nazwa modułu powodującego błąd: eurotrucks2.exe, wersja:
1.3.0.43627, sygnatura czasowa: 0x510ec5ce Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x0029ab88 Identyfikator procesu powodującego błąd: 0x1144 Godzina uruchomienia aplikacji
powodującej błąd: 0x01ce228c9989630f Ścieżka aplikacji powodującej błąd: C:\Program
Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Ścieżka modułu powodującego
błąd: C:\Program Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Identyfikator
raportu: 2f4e8757-8e80-11e2-ba5a-00226861b42d
Error - 2013-03-16 17:39:28 | Computer Name = NTT-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: eurotrucks2.exe, wersja: 1.3.0.43627,
sygnatura czasowa: 0x510ec5ce Nazwa modułu powodującego błąd: eurotrucks2.exe, wersja:
1.3.0.43627, sygnatura czasowa: 0x510ec5ce Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x0029ab88 Identyfikator procesu powodującego błąd: 0x1600 Godzina uruchomienia aplikacji
powodującej błąd: 0x01ce228eab6eb1a7 Ścieżka aplikacji powodującej błąd: C:\Program
Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Ścieżka modułu powodującego
błąd: C:\Program Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Identyfikator
raportu: fa84b48b-8e81-11e2-ba5a-00226861b42d
Error - 2013-03-16 17:43:36 | Computer Name = NTT-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: eurotrucks2.exe, wersja: 1.1.41799.0,
sygnatura czasowa: 0x507bc2f2 Nazwa modułu powodującego błąd: eurotrucks2.exe, wersja:
1.1.41799.0, sygnatura czasowa: 0x507bc2f2 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x0017ea1e Identyfikator procesu powodującego błąd: 0x15cc Godzina uruchomienia aplikacji
powodującej błąd: 0x01ce228f4eae25f7 Ścieżka aplikacji powodującej błąd: C:\Program
Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Ścieżka modułu powodującego
błąd: C:\Program Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Identyfikator
raportu: 8e0e8d0b-8e82-11e2-ba5a-00226861b42d
Error - 2013-03-16 17:43:59 | Computer Name = NTT-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: eurotrucks2.exe, wersja: 1.1.41799.0,
sygnatura czasowa: 0x507bc2f2 Nazwa modułu powodującego błąd: eurotrucks2.exe, wersja:
1.1.41799.0, sygnatura czasowa: 0x507bc2f2 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x0017ea1e Identyfikator procesu powodującego błąd: 0x15fc Godzina uruchomienia aplikacji
powodującej błąd: 0x01ce228f5d586f13 Ścieżka aplikacji powodującej błąd: C:\Program
Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Ścieżka modułu powodującego
błąd: C:\Program Files\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Identyfikator
raportu: 9c0da00b-8e82-11e2-ba5a-00226861b42d
Error - 2013-03-16 17:53:57 | Computer Name = NTT-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: eurotrucks2.exe, wersja: 1.3.0.43627,
sygnatura czasowa: 0x510ec5ce Nazwa modułu powodującego błąd: eurotrucks2.exe, wersja:
1.3.0.43627, sygnatura czasowa: 0x510ec5ce Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x0029ab88 Identyfikator procesu powodującego błąd: 0x978 Godzina uruchomienia aplikacji
powodującej błąd: 0x01ce229086fd8df2 Ścieżka aplikacji powodującej błąd: C:\Gry\Euro
Truck Simulator 2\bin\win_x86\eurotrucks2.exe Ścieżka modułu powodującego błąd:
C:\Gry\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Identyfikator raportu:
0031dfa8-8e84-11e2-ba5a-00226861b42d
Error - 2013-03-17 09:58:44 | Computer Name = NTT-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: eurotrucks2.exe, wersja: 1.3.0.43627,
sygnatura czasowa: 0x510ec5ce Nazwa modułu powodującego błąd: eurotrucks2.exe, wersja:
1.3.0.43627, sygnatura czasowa: 0x510ec5ce Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x0029ab88 Identyfikator procesu powodującego błąd: 0xa60 Godzina uruchomienia aplikacji
powodującej błąd: 0x01ce230e68ec4855 Ścieżka aplikacji powodującej błąd: C:\Gry\Euro
Truck Simulator 2\bin\win_x86\eurotrucks2.exe Ścieżka modułu powodującego błąd:
C:\Gry\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe Identyfikator raportu:
c76cc426-8f0a-11e2-bdf1-00226861b42d
Error - 2013-03-24 17:14:03 | Computer Name = NTT-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: firefox.exe, wersja: 19.0.2.4814,
sygnatura czasowa: 0x5138a1d3 Nazwa modułu powodującego błąd: xul.dll, wersja: 19.0.2.4814,
sygnatura czasowa: 0x5138a0ed Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00172818
Identyfikator
procesu powodującego błąd: 0x179c Godzina uruchomienia aplikacji powodującej błąd:
0x01ce28d32ca61ab8 Ścieżka aplikacji powodującej błąd: C:\Program Files\Mozilla
Firefox\firefox.exe Ścieżka modułu powodującego błąd: C:\Program Files\Mozilla Firefox\xul.dll
Identyfikator
raportu: c0c2b7fd-94c7-11e2-be15-00226861b42d
[ Media Center Events ]
Error - 2012-04-03 01:49:12 | Computer Name = NTT-Komputer | Source = MCUpdate | ID = 0
Description = 07:49:07 - Błąd podczas nawiązywania połączenia z Internetem. 07:49:07
- Nie można skontaktować się z serwerem..
Error - 2012-04-13 08:07:52 | Computer Name = NTT-Komputer | Source = MCUpdate | ID = 0
Description = 14:07:48 - Błąd podczas nawiązywania połączenia z Internetem. 14:07:48
- Nie można skontaktować się z serwerem..
Error - 2012-04-13 09:08:12 | Computer Name = NTT-Komputer | Source = MCUpdate | ID = 0
Description = 15:08:11 - Błąd podczas nawiązywania połączenia z Internetem. 15:08:11
- Nie można skontaktować się z serwerem..
Error - 2012-05-25 08:16:24 | Computer Name = NTT-Komputer | Source = MCUpdate | ID = 0
Description = 14:16:15 - Błąd podczas nawiązywania połączenia z Internetem. 14:16:15
- Nie można skontaktować się z serwerem..
Error - 2012-05-25 09:17:18 | Computer Name = NTT-Komputer | Source = MCUpdate | ID = 0
Description = 15:17:08 - Błąd podczas nawiązywania połączenia z Internetem. 15:17:08
- Nie można skontaktować się z serwerem..
Error - 2012-05-30 08:01:17 | Computer Name = NTT-Komputer | Source = MCUpdate | ID = 0
Description = 14:01:11 - Błąd podczas nawiązywania połączenia z Internetem. 14:01:11
- Nie można skontaktować się z serwerem..
Error - 2012-06-13 11:27:27 | Computer Name = NTT-Komputer | Source = MCUpdate | ID = 0
Description = 17:27:26 - Błąd podczas nawiązywania połączenia z Internetem. 17:27:26
- Nie można skontaktować się z serwerem..
Error - 2012-06-13 11:27:40 | Computer Name = NTT-Komputer | Source = MCUpdate | ID = 0
Description = 17:27:33 - Błąd podczas nawiązywania połączenia z Internetem. 17:27:33
- Nie można skontaktować się z serwerem..
Error - 2012-07-10 13:03:13 | Computer Name = NTT-Komputer | Source = MCUpdate | ID = 0
Description = 19:02:49 - Nie można pobrać pakietu MCEClientUX (Błąd: Upłynął limit
czasu operacji)
Error - 2012-07-10 13:03:49 | Computer Name = NTT-Komputer | Source = MCUpdate | ID = 0
Description = 19:03:39 - Nie można pobrać pakietu Broadband (Błąd: Połączenie podstawowe
zostało zakończone: Nie można ustanowić relacji zaufania dla bezpiecznego kanału
SSL/TLS.)
[ System Events ]
Error - 2013-03-25 14:33:22 | Computer Name = NTT-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie;
wystąpił następujący błąd: %%-2140993535
Error - 2013-03-25 14:33:22 | Computer Name = NTT-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania
nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535
Error - 2013-03-25 14:33:32 | Computer Name = NTT-Komputer | Source = PNRPSvc | ID = 102
Description =
Error - 2013-03-25 14:33:32 | Computer Name = NTT-Komputer | Source = PNRPSvc | ID = 102
Description =
Error - 2013-03-25 14:33:32 | Computer Name = NTT-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie;
wystąpił następujący błąd: %%-2140993535
Error - 2013-03-25 14:33:32 | Computer Name = NTT-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania
nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535
Error - 2013-03-25 14:33:32 | Computer Name = NTT-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie;
wystąpił następujący błąd: %%-2140993535
Error - 2013-03-25 14:33:32 | Computer Name = NTT-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania
nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535
Error - 2013-03-25 14:34:18 | Computer Name = NTT-Komputer | Source = Service Control Manager | ID = 7038
Description = Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser
za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby
upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w
programie Microsoft Management Console (MMC).
Error - 2013-03-25 14:34:18 | Computer Name = NTT-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego
błędu: %%1069
< End of report >
Jeżeli znajdzie się ktoś kto by pomógł to byłbym bardzo wdzięczny.
Użytkownik Koreczek edytował ten post 26 03 2013 - 22:40
#4
bipiw
-
-
- 1 180 postów
Zaawansowany użytkownik
Napisano 27 03 2013 - 00:09
Odinstaluj:
2. Przaskanuj komputer AdwCleaner (opcja Delete) i wrzuć log.
2. Przeskanuj komputer MalwareBytes Anti-Malware.
3. Napisz czy problem został rozwiązany.
Ask.toolbar Superstart Babylon Toolbar uTorrent ToolbarUruchom OTL w okienku Własne opcje skanowania/skrypt wklej:
:OTL
O3 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000..\Run: [] File not found
@Alternate Data Stream - 968 bytes -> C:\ProgramData\TEMP:24721E3C
@Alternate Data Stream - 507 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:64217CD0
:Files
C:\ProgramData\ezsidmv.dat
C:\Users\NTT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
:commands
[emptytemp]
1. Kliknij Wykonaj skrypt daj log z usuwania .2. Przaskanuj komputer AdwCleaner (opcja Delete) i wrzuć log.
2. Przeskanuj komputer MalwareBytes Anti-Malware.
3. Napisz czy problem został rozwiązany.
Użytkownik bipiw edytował ten post 27 03 2013 - 00:14
#5
Koreczek
-
-
- 13 postów
Początkujący
Napisano 27 03 2013 - 17:23
Log z OTL
Log z AdwCleaner
Niestety nic się nie zmieniło :/
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2634517574-3199787167-2824581415-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2634517574-3199787167-2824581415-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
ADS C:\ProgramData\TEMP:24721E3C deleted successfully.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
ADS C:\ProgramData\TEMP:64217CD0 deleted successfully.
========== FILES ==========
C:\ProgramData\ezsidmv.dat moved successfully.
C:\Users\NTT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 495246 bytes
->Temporary Internet Files folder emptied: 51979372 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 58183 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Kamil
->Temp folder emptied: 107499848 bytes
->Temporary Internet Files folder emptied: 3609451 bytes
->Java cache emptied: 23685 bytes
->FireFox cache emptied: 437525983 bytes
->Google Chrome cache emptied: 5050736 bytes
->Flash cache emptied: 5831714 bytes
User: NTT
->Temp folder emptied: 4411773 bytes
->Temporary Internet Files folder emptied: 1937758 bytes
->Java cache emptied: 711731083 bytes
->FireFox cache emptied: 395413996 bytes
->Google Chrome cache emptied: 8345434 bytes
->Flash cache emptied: 1810 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 530124 bytes
RecycleBin emptied: 13937228 bytes
Total Files Cleaned = 1 668,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 03272013_155000
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Log z AdwCleaner
# AdwCleaner v2.115 - Log utworzony 27/03/2013 o 15:59:10
# Aktualizacja 17/03/2013 przez Xplode
# System operacyjny : Windows 7 Home Premium Service Pack 1 (32 bits)
# Użytkownik : NTT - NTT-KOMPUTER
# Tryb uruchomienia : Normalny
# Ścieżka : C:\Users\NTT\Desktop\AdwCleaner.exe
# Opcja [Usuń]
***** [Usługi] *****
***** [Pliki / Foldery] *****
Folder Usunięto : C:\ProgramData\Ask
Folder Usunięto : C:\ProgramData\Babylon
Folder Usunięto : C:\ProgramData\boost_interprocess
Folder Usunięto : C:\Users\Administrator\AppData\Local\Conduit
Folder Usunięto : C:\Users\Administrator\AppData\LocalLow\Conduit
Folder Usunięto : C:\Users\Administrator\AppData\LocalLow\ConduitEngine
Folder Usunięto : C:\Users\Administrator\AppData\LocalLow\facemoods.com
Folder Usunięto : C:\Users\Kamil\AppData\LocalLow\Conduit
Folder Usunięto : C:\Users\Kamil\AppData\LocalLow\facemoods.com
Folder Usunięto : C:\Users\NTT\AppData\Local\Babylon
Folder Usunięto : C:\Users\NTT\AppData\LocalLow\BabylonToolbar
Folder Usunięto : C:\Users\NTT\AppData\LocalLow\Conduit
Folder Usunięto : C:\Users\NTT\AppData\LocalLow\ConduitEngine
Folder Usunięto : C:\Users\NTT\AppData\LocalLow\facemoods.com
Folder Usunięto : C:\Users\NTT\AppData\Roaming\Babylon
Folder Usunięto : C:\Users\NTT\AppData\Roaming\Funmoods
Plik Usunięto : C:\user.js
Plik Usunięto : C:\Users\NTT\AppData\Roaming\Mozilla\Firefox\Profiles\7io5tjmw.default\searchplugins\Askcom.xml
***** [Rejestr] *****
Klucz Usunięto : HKCU\Software\AppDataLow\Software\Conduit
Klucz Usunięto : HKCU\Software\AppDataLow\Software\conduitEngine
Klucz Usunięto : HKCU\Software\Complitly
Klucz Usunięto : HKCU\Software\Conduit
Klucz Usunięto : HKCU\Software\InstallCore
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klucz Usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Klucz Usunięto : HKCU\Software\Softonic
Klucz Usunięto : HKCU\Software\UpdateStar
Klucz Usunięto : HKLM\Software\Babylon
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klucz Usunięto : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klucz Usunięto : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\Conduit.Engine
Klucz Usunięto : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Klucz Usunięto : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Prod.cap
Klucz Usunięto : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Klucz Usunięto : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Klucz Usunięto : HKLM\Software\Conduit
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klucz Usunięto : HKLM\SOFTWARE\Software
Wartość Usunięto : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Przeglądarki Internetowe] *****
-\\ Internet Explorer v8.0.7601.17514
Podmieniono : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://startsear.ch/?aff=1&cf=d324e88b-8e46-11e1-a632-00226861b42d --> hxxp://www.google.com
Podmieniono : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=umail3&s={searchTerms}&f=4 --> hxxp://www.google.com
-\\ Mozilla Firefox v19.0.2 (pl)
Plik : C:\Users\NTT\AppData\Roaming\Mozilla\Firefox\Profiles\7io5tjmw.default\prefs.js
Usunięto : user_pref("browser.search.order.1", "Ask.com");
Plik : C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\a3i6nopy.default\prefs.js
[OK] Plik w porządku.
-\\ Google Chrome v25.0.1364.172
Plik : C:\Users\NTT\AppData\Local\Google\Chrome\User Data\Default\Preferences
Usunięto [l.35] : icon_url = "hxxp://www.ask.com/favicon.ico",
Usunięto [l.38] : keyword = "ask.com",
Usunięto [l.41] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=46[...]
Usunięto [l.42] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]
Plik : C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Plik w porządku.
*************************
AdwCleaner[S1].txt - [7848 octets] - [27/03/2013 15:59:10]
########## EOF - C:\AdwCleaner[S1].txt - [7908 octets] ##########
Niestety nic się nie zmieniło :/
#6
pawel315
-
-
- 1 553 postów
Uzależniony od forum
Napisano 27 03 2013 - 18:15
Opisz sytuacje jeszcze raz i daj nowy komplet logów z OTL'a
#7
Koreczek
-
-
- 13 postów
Początkujący
Napisano 27 03 2013 - 19:01
Mam problem z przeglądarką mianowicie nie mogę grać w gry przegladarkowe również po wejściu na stronę twitch.tv nie mogę oglądać live-ów, zamiast okna z filmem wyświetla się tylko żółty ekranik a chat bez przerwy się ładuje:http://zapodaj.net/2...4cb330.jpg.html
Wcześniej wszystko było ok.
Zauważyłem że na forum tylko jedna osoba miała identyczny problem :http://www.forum.twe...mow-t49818.html
Wykonałem już te czynności i nie przyniosło to efektu :/
OTL:http://wklej.to/hupQb
Extras:http://wklej.to/bosi1
Wcześniej wszystko było ok.
Zauważyłem że na forum tylko jedna osoba miała identyczny problem :http://www.forum.twe...mow-t49818.html
Odinstaluj:
Ask.toolbar Superstart Babylon Toolbar uTorrent ToolbarUruchom OTL w okienku Własne opcje skanowania/skrypt wklej::OTL O3 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000..\Run: [] File not found @Alternate Data Stream - 968 bytes -> C:\ProgramData\TEMP:24721E3C @Alternate Data Stream - 507 bytes -> C:\ProgramData\TEMP:05EE1EEF @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:64217CD0 :Files C:\ProgramData\ezsidmv.dat C:\Users\NTT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini :commands [emptytemp]1. Kliknij Wykonaj skrypt daj log z usuwania .
2. Przaskanuj komputer AdwCleaner (opcja Delete) i wrzuć log.
2. Przeskanuj komputer MalwareBytes Anti-Malware.
3. Napisz czy problem został rozwiązany.
Wykonałem już te czynności i nie przyniosło to efektu :/
OTL:http://wklej.to/hupQb
Extras:http://wklej.to/bosi1
#8
pawel315
-
-
- 1 553 postów
Uzależniony od forum
Napisano 27 03 2013 - 19:09
Dorzuć log z Autoruns -> /Optymalizacja-autostartu-czyli-program-Autoruns-t51856/
#10
pawel315
-
-
- 1 553 postów
Uzależniony od forum
Napisano 27 03 2013 - 19:30
Witaj.
Odinstaluj:
Następnie:
Odinstaluj:
Google Update Helper Browsers ProtectorUruchom OTL w okienku Własne opcje skanowania/skrypt wklej:
:OTL
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1QzuyByE0E0AtA0AzytAzztA0DzztCyC0B0DtN0D0Tzu0StAyCtAtN1L2XzutBtFtBtFtCtFyEtDyB&cr=1410646346
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\SearchScopes\{5ACF719F-9B4F-14B3-08A0-15557D2638CE}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=d324e88b-8e46-11e1-a632-00226861b42d&q={searchTerms}
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\SearchScopes\{CF4B8F72-DD01-4226-91B9-6ECFFFCE7197}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=119999&tt=090212_ctrl&babsrc=SP_ss&mntrId=721916bd00000000000072ea3a9383d8
:Commands
[emptytemp]
Kliknij Wykonaj skrypt daj log z usuwania.Następnie:
- Prześlij na jakimś hostingu plik preferences od google jest w tej lokalizacji -> C:\Users\NTT\\AppData\Local\Google\Chrome\User Data\Default\Preferences
- W Autoruns odznacz w kluczu :
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"
"rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
"Adobe ARM"
"QuickTime Task"
"SunJavaUpdateSched"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"
"Malwarebytes Anti-Malware"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"
"GG"
"Steam"
"Task Scheduler"
Wszystko
#11
Koreczek
-
-
- 13 postów
Początkujący
Napisano 27 03 2013 - 22:37
plik preferences: http://hostuje.net/file.php?id=95da424bbae963aadea0a4bbb6957273
log z usuwania: http://wklej.to/wrbwf
Niestety nadal mam tą samą sytuację
log z usuwania: http://wklej.to/wrbwf
Niestety nadal mam tą samą sytuację
#12
bipiw
-
-
- 1 180 postów
Zaawansowany użytkownik
Napisano 27 03 2013 - 23:14
Wypatrzyłem jeszcze takie dwa:
IE - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
O3 - HKU\S-1-5-21-2634517574-3199787167-2824581415-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
#13
Koreczek
-
-
- 13 postów
Początkujący
Napisano 28 03 2013 - 17:01
Kurcze nadal bez zmian.
Mógłby ktoś zerknąć na ten temat :/OTL-Sprawdzenie-logow-t50415/ zauważyłem że ten sam problem został rozwiązany.
Mógłby ktoś zerknąć na ten temat :/OTL-Sprawdzenie-logow-t50415/ zauważyłem że ten sam problem został rozwiązany.
Użytkownicy przeglądający ten temat: 0
0 użytkowników, 0 gości, 0 anonimowych
