Witam, mam problem poniewaz przy przegladaniu stron www czy przy grach online wyskakuje mi blue screen,czasem nie wyskoczy wogole a czasem potrafi z kilka razy w ciagu dnia sie pojawic.
sprawdzilem plik DMP przez bluescreenview i Debugging Tools for Windows (x86):
BlueScreenView:
A problem has been detected and Windows has been shut down to prevent damage
to your computer.
The problem seems to be caused by the following file: halmacpi.dll
If this is the first time you've seen this stop error screen,
restart your computer. If this screen appears again, follow
these steps:
Check to make sure any new hardware or software is properly installed.
If this is a new installation, ask your hardware or software manufacturer
for any Windows updates you might need.
If problems continue, disable or remove any newly installed hardware
or software. Disable BIOS memory options such as caching or shadowing.
If you need to use safe mode to remove or disable components, restart
your computer, press F8 to select Advanced Startup Options, and then
select Safe Mode.
Technical Information:
*** STOP: 0x00000124 (0x00000000, 0x860c8024, 0xb6000000, 0x00000181)
*** halmacpi.dll - Address 0x82e28fcd base at 0x82e1a000 DateStamp 0x4ce788d2
a tu przez Debugging Tools for Windows (x86):
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\092412-16848-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17514.x86fre.win7sp1_rtm.101119-1850
Machine Name:
Kernel base = 0x82a52000 PsLoadedModuleList = 0x82b9c850
Debug session time: Mon Sep 24 09:52:43.538 2012 (UTC + 2:00)
System Uptime: 0 days 0:05:54.612
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Loading Kernel Symbols
...............................................................
................................................................
............................
Loading User Symbols
Loading unloaded module list
..........
Dodam ze przez 4 lata uzywalem win 7 i niedawno zaczal wyskakiwac mi ten problem, postanowilem zrobic formata, wgralem tez win7 tylko ze tym razem ultimate i dalej to samo jak mozecie pomoc bylbym wdzieczny
PS:Robilem skanowanie systemu poprzez wiersz polecen i nie wykrylo mi zadnego bledu.
BSOD WIN7 ultimate
-
seba86mu
- Posty: 9744
- Rejestracja: 13 lis 2008, 18:07
- Lokalizacja: Sosnowiec
BSOD WIN7 ultimate
Zainstaluj program => Dostępne tylko dla zarejestrowanych użytkowników, którym dokonasz odczytu plików DMP.
Po otwarciu progam automatycznie zlokalizuje pliki DMP. Zaznacz kolejno pliki w sekcji Dump File i wybierz:
File => Save Selected Items
Wklej tutaj raporty.
Możesz również wkleić screen ekranu głównego programu.
Podaj odczyty temperatur z programu => Dostępne tylko dla zarejestrowanych użytkowników (screen okna programu)
Po otwarciu progam automatycznie zlokalizuje pliki DMP. Zaznacz kolejno pliki w sekcji Dump File i wybierz:
File => Save Selected Items
Wklej tutaj raporty.
Możesz również wkleić screen ekranu głównego programu.
Podaj odczyty temperatur z programu => Dostępne tylko dla zarejestrowanych użytkowników (screen okna programu)
-
dawjek
- Posty: 38
- Rejestracja: 24 wrz 2012, 10:52
BSOD WIN7 ultimate
Dostępne tylko dla zarejestrowanych użytkowników zrzut z blueScreenView
Dostępne tylko dla zarejestrowanych użytkowników zrzut z temperatura
Dostępne tylko dla zarejestrowanych użytkowników zrzut z BlueScreenView
Dostępne tylko dla zarejestrowanych użytkowników zrzut z temperatura
Dostępne tylko dla zarejestrowanych użytkowników zrzut z BlueScreenView
Ostatnio zmieniony 24 wrz 2012, 21:51 przez dawjek, łącznie zmieniany 2 razy.
-
seba86mu
- Posty: 9744
- Rejestracja: 13 lis 2008, 18:07
- Lokalizacja: Sosnowiec
BSOD WIN7 ultimate
Popraw linki do obrazków.
-
dawjek
- Posty: 38
- Rejestracja: 24 wrz 2012, 10:52
BSOD WIN7 ultimate
ok dalem linki, po otwarciu powinien pojawic sie obrazek
-
seba86mu
- Posty: 9744
- Rejestracja: 13 lis 2008, 18:07
- Lokalizacja: Sosnowiec
BSOD WIN7 ultimate
Procesor grzeje się do w spoczynku prawie do 70'C.
W obciążeniu zapewne przekracza 85'C.
Jak korzystasz z laptopa ? Na płaskiej stabilnej powierzchni ?
Jeżeli użytkujesz laptopa bez żadnej podkładki bezpośrednio na kolanach, łóżku, kołdrze, kocu, blokujesz otwory wentylacyjne oraz wylot gorącego powietrza, przez co temperatura podzespołów może wzrastać do wartości powodujących problemy.
Dodatkowo do wnętrza zasysane są mikrowłókna z materiałów, które tworzą kołtuny na radiatorze i wentylatorze, co zakłóca rozpraszanie ciepła.
Jak długo posiadasz tego laptopa ? Był kiedykolwiek czyszczony w środku ?
W obciążeniu zapewne przekracza 85'C.
Jak korzystasz z laptopa ? Na płaskiej stabilnej powierzchni ?
Jeżeli użytkujesz laptopa bez żadnej podkładki bezpośrednio na kolanach, łóżku, kołdrze, kocu, blokujesz otwory wentylacyjne oraz wylot gorącego powietrza, przez co temperatura podzespołów może wzrastać do wartości powodujących problemy.
Dodatkowo do wnętrza zasysane są mikrowłókna z materiałów, które tworzą kołtuny na radiatorze i wentylatorze, co zakłóca rozpraszanie ciepła.
Jak długo posiadasz tego laptopa ? Był kiedykolwiek czyszczony w środku ?
-
dawjek
- Posty: 38
- Rejestracja: 24 wrz 2012, 10:52
BSOD WIN7 ultimate
laptopa mam ponad 4 lata, mam go na podstawce z dodatkowymi wentylatorami, a screen zrobilem odrazu po wyjsciu z gry.
Kiedys owszem temperatura dochodzila do 80C ale laptop nie wywalal mi blue screen'a,
Kiedys owszem temperatura dochodzila do 80C ale laptop nie wywalal mi blue screen'a,
-
seba86mu
- Posty: 9744
- Rejestracja: 13 lis 2008, 18:07
- Lokalizacja: Sosnowiec
BSOD WIN7 ultimate
Jakiego posiadasz antywirusa ?
Zmień na próbę na innego, oczywiście wcześniej odinstaluj obecnego.
Zaktualizuj sterowniki do karty sieciowej.
Jeżeli nie wiesz jak napisz jaki to laptop (producent, dokładny model z naklejki na spodzie obudowy).
Jeżeli nie pomoże wykonaj test pamięci RAM programem Memtest86 => http://www.hotfix.pl/instrukcja-obslugi ... m-a204.htm
Pokaż odczyt SMART z programu => Dostępne tylko dla zarejestrowanych użytkowników => zakładka Health
Odczyt SMART wklej w tamtym temacie jako kolejny post => sprzet-komputerowy/analiza-smart-s-m-a-r-t-dysku-twardego-t30-3135.html#p113943
Zmień na próbę na innego, oczywiście wcześniej odinstaluj obecnego.
Zaktualizuj sterowniki do karty sieciowej.
Jeżeli nie wiesz jak napisz jaki to laptop (producent, dokładny model z naklejki na spodzie obudowy).
Jeżeli nie pomoże wykonaj test pamięci RAM programem Memtest86 => http://www.hotfix.pl/instrukcja-obslugi ... m-a204.htm
Pokaż odczyt SMART z programu => Dostępne tylko dla zarejestrowanych użytkowników => zakładka Health
Odczyt SMART wklej w tamtym temacie jako kolejny post => sprzet-komputerowy/analiza-smart-s-m-a-r-t-dysku-twardego-t30-3135.html#p113943
-
dawjek
- Posty: 38
- Rejestracja: 24 wrz 2012, 10:52
BSOD WIN7 ultimate
antywirusa jeszcze nie instalowalem
laptop to HP pavilion dv6 -1225ew sterowniki sciagalem ze strony HP, nie wiem czy to ma znaczenie ale przed formatem kompa sciagnalem sterowniki ze strony hp dalem je na 2 partycje,po instalacji nowego windowsa przy nie ktorych sterownikach wywalalo blad, poczym jeszcze raz sciagnalem sterowniki i zainstalowaly sie normalnie
laptop to HP pavilion dv6 -1225ew sterowniki sciagalem ze strony HP, nie wiem czy to ma znaczenie ale przed formatem kompa sciagnalem sterowniki ze strony hp dalem je na 2 partycje,po instalacji nowego windowsa przy nie ktorych sterownikach wywalalo blad, poczym jeszcze raz sciagnalem sterowniki i zainstalowaly sie normalnie
-
seba86mu
- Posty: 9744
- Rejestracja: 13 lis 2008, 18:07
- Lokalizacja: Sosnowiec
BSOD WIN7 ultimate
dawjek pisze:mam problem poniewaz przy przegladaniu stron www czy przy grach online wyskakuje mi blue screen
dawjek pisze:antywirusa jeszcze nie instalowalem
W takim wypadku może od razu podaj dodatkowo logi z:
=> OTL (OTL.txt i Extras.txt) => http://www.hotfix.pl/obsluga-programu-otl-a143.htm
=> TDSSKiller => http://www.hotfix.pl/instrukcja-obslugi ... r-a341.htm
Logi wklej na Dostępne tylko dla zarejestrowanych użytkowników
-
dawjek
- Posty: 38
- Rejestracja: 24 wrz 2012, 10:52
-
kominekl
- Posty: 5855
- Rejestracja: 27 lis 2011, 14:25
- Kontaktowanie:
BSOD WIN7 ultimate
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"AVG Secure Search" = AVG Security Toolbar
"NirSoft BlueScreenView" = NirSoft BlueScreenView
Odinstaluj to oprogramowanie.
Error - 2012-09-25 03:42:34 | Computer Name = Jeka | Source = atapi | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort0.
Wejdź w Menedżer Urządzeń -> Kontrolery IDE ATA/ATAPI -> Podstawowy kanał IDE -> Ustawienia zaawansowane -> Sprawdź, jak jest ustawiony Bieżący tryb transferu. To samo robisz dla Pomocniczego kanału IDE.
Logi.
Uruchom OTL -> w oknie Własne opcje skanowania/skrypt wklej:
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dostępne tylko dla zarejestrowanych użytkowników{FF50469F-84F1-4380-81B0-7D4C1940FE5D}&mid=8175792d2f2947d090a8d16d38696258-bdb0aa1c3e20f45b25a553faacabc532720f9e7b&lang=pl&ds=xn011&pr=sa&d=2012-09-07 20:33:08&v=12.2.0.5&sap=hp
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&locale=en_US&apn_ptnrs=6G&apn_dtid=YYYYYYYYPL&apn_uid=e9473f58-f7b1-4e99-bd4e-f0de4c06cbef&apn_sauid=9C9AB536-6B9F-439D-BE32-3F5DBE8EB946
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{FF50469F-84F1-4380-81B0-7D4C1940FE5D}&mid=8175792d2f2947d090a8d16d38696258-bdb0aa1c3e20f45b25a553faacabc532720f9e7b&lang=pl&ds=xn011&pr=sa&d=2012-09-07 20:33:08&v=12.2.0.5&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?l=dis&o=102876&gct=hp"
FF - prefs.js..extensions.enabledAddons: support@free-hideip.com:1.0
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&crg=3.1030000.103000&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michał\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michał\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
[2012-09-09 21:55:29 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\86vymkvd.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2012-09-22 09:52:26 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\86vymkvd.default\extensions\toolbar@ask.com
[2012-09-22 09:53:07 | 000,004,548 | ---- | M] () (No name found) -- C:\Users\Michał\AppData\Roaming\mozilla\firefox\profiles\86vymkvd.default\extensions\support@free-hideip.com.xpi
[2012-09-25 08:42:52 | 000,169,792 | ---- | M] () (No name found) -- C:\Users\Michał\AppData\Roaming\mozilla\firefox\profiles\86vymkvd.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012-09-22 09:52:26 | 000,002,325 | ---- | M] () -- C:\Users\Michał\AppData\Roaming\mozilla\firefox\profiles\86vymkvd.default\searchplugins\askcom.xml
[2012-09-24 16:57:55 | 000,003,915 | ---- | M] () -- C:\Users\Michał\AppData\Roaming\mozilla\firefox\profiles\86vymkvd.default\searchplugins\sweetim.xml
[2012-09-07 23:19:48 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-09-07 20:33:03 | 000,003,751 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
CHR - Extension: AVG Secure Search = C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0\
CHR - Extension: SweetIM for Facebook = C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: AVG Secure Search = C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0\
CHR - Extension: SweetIM for Facebook = C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
O4 - HKLM..\Run: [] File not found
:Files
C:\Users\Michał\AppData\Local\Google\Update
C:\Program Files\SweetIM
C:\ProgramData\SweetIM
C:\Program Files\Ask.com
C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
C:\Windows\tasks\*.*
C:\Program Files\AVG Secure Search
C:\Program Files\Common Files\AVG Secure Search
C:\Windows\System32\drivers\avgtpx86.sys
C:\ProgramData\AVG Secure Search
C:\Users\Michał\AppData\Local\AVG Secure Search
:Reg
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
:Commands
[emptyflash]
[clearallrestorepoints]
[emptytemp]
Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podaj log z ADWCleaner (z opcji Delete) -> Dostępne tylko dla zarejestrowanych użytkowników + nowe logi z OTL + log z Autoruns -> http://www.hotfix.pl/optymalizacja-auto ... s-a128.htm.
Kiedy komputery staną się twoim jedynym życiem, jedynym totemem odstraszającym klątwę nudy, wtedy prędzej czy później granica między tymi dwoma wymiarami zniknie i postacie z Błękitnej Pustki zaczną pojawiać się w Realu. Czasem są twoimi przyjaciółmi. A czasem nie.
-
dawjek
- Posty: 38
- Rejestracja: 24 wrz 2012, 10:52
BSOD WIN7 ultimate
1.OTL
2.ADWCleaner
3. Nowy OTL
Dostępne tylko dla zarejestrowanych użytkowników
4.AutoRuns
Dostępne tylko dla zarejestrowanych użytkowników
-- 26 wrz 2012, 12:25 --
Mam tylko standardowy podwójny kontroler PCI IDE, a nigdzie nie mogę znaleźć jaki jest tryb transferu.
Kod: Zaznacz cały
All processes killed
========== OTL ==========
Service VGPU stopped successfully!
Service VGPU deleted successfully!
File System32\drivers\rdvgkmd.sys not found.
Service USBCCID stopped successfully!
Service USBCCID deleted successfully!
File system32\DRIVERS\RtsUCcid.sys not found.
Service RtsUIR stopped successfully!
Service RtsUIR deleted successfully!
File system32\DRIVERS\Rts516xIR.sys not found.
Service RSUSBSTOR stopped successfully!
Service RSUSBSTOR deleted successfully!
File System32\Drivers\RtsUStor.sys not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-1513761820-598730477-152485941-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll not found.
HKEY_USERS\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
HKU\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: "http://www.ask.com/?l=dis&o=102876&gct=hp" removed from browser.startup.homepage
Prefs.js: support@free-hideip.com:1.0 removed from extensions.enabledAddons
Prefs.js: "http://search.sweetim.com/search.asp?src=2&crg=3.1030000.103000&q=" removed from keyword.URL
Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from sweetim.toolbar.previous.keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Users\Michał\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Users\Michał\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll not found.
C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\86vymkvd.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins folder moved successfully.
C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\86vymkvd.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} folder moved successfully.
Folder C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\86vymkvd.default\extensions\toolbar@ask.com\ not found.
C:\Users\Michał\AppData\Roaming\mozilla\firefox\profiles\86vymkvd.default\extensions\support@free-hideip.com.xpi moved successfully.
File C:\Users\Michał\AppData\Roaming\mozilla\firefox\profiles\86vymkvd.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi not found.
File C:\Users\Michał\AppData\Roaming\mozilla\firefox\profiles\86vymkvd.default\searchplugins\askcom.xml not found.
File C:\Users\Michał\AppData\Roaming\mozilla\firefox\profiles\86vymkvd.default\searchplugins\sweetim.xml not found.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
File C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml not found.
File C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0 not found.
File C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0 not found.
C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0 folder moved successfully.
File C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0 not found.
File C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0 not found.
File C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
========== FILES ==========
C:\Users\Michał\AppData\Local\Google\Update\Install folder moved successfully.
C:\Users\Michał\AppData\Local\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\21.0.1180.89 folder moved successfully.
C:\Users\Michał\AppData\Local\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96} folder moved successfully.
C:\Users\Michał\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.123 folder moved successfully.
C:\Users\Michał\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D} folder moved successfully.
C:\Users\Michał\AppData\Local\Google\Update\Download folder moved successfully.
C:\Users\Michał\AppData\Local\Google\Update\1.3.21.123 folder moved successfully.
C:\Users\Michał\AppData\Local\Google\Update\1.3.21.111 folder moved successfully.
C:\Users\Michał\AppData\Local\Google\Update folder moved successfully.
File\Folder C:\Program Files\SweetIM not found.
File\Folder C:\ProgramData\SweetIM not found.
File\Folder C:\Program Files\Ask.com not found.
C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86 folder moved successfully.
C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86 folder moved successfully.
C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} folder moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1513761820-598730477-152485941-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1513761820-598730477-152485941-1000UA.job moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
File move failed. C:\Windows\tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
File\Folder C:\Program Files\AVG Secure Search not found.
File\Folder C:\Program Files\Common Files\AVG Secure Search not found.
File\Folder C:\Windows\System32\drivers\avgtpx86.sys not found.
File\Folder C:\ProgramData\AVG Secure Search not found.
File\Folder C:\Users\Michał\AppData\Local\AVG Secure Search not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\ not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Michał
->Flash cache emptied: 9287 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Michał
->Temp folder emptied: 388081005 bytes
->Temporary Internet Files folder emptied: 66985066 bytes
->FireFox cache emptied: 61864054 bytes
->Google Chrome cache emptied: 196823259 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 12114 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3948124 bytes
RecycleBin emptied: 3994162 bytes
Total Files Cleaned = 688,00 mb
OTL by OldTimer - Version 3.2.68.0 log created on 09252012_235710
Files\Folders moved on Reboot...
File move failed. C:\Windows\tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
2.ADWCleaner
Kod: Zaznacz cały
# AdwCleaner v2.003 - Logfile created 09/26/2012 at 00:04:02
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Michał - JEKA
# Boot Mode : Normal
# Running from : C:\Users\Michał\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.7601.17514
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
-\\ Mozilla Firefox v15.0 (pl)
Profile name : default
File : C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\86vymkvd.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v21.0.1180.89
File : C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [11649 octets] - [25/09/2012 23:02:44]
AdwCleaner[S2].txt - [1466 octets] - [25/09/2012 23:30:53]
AdwCleaner[S3].txt - [1090 octets] - [26/09/2012 00:04:02]
########## EOF - C:\AdwCleaner[S3].txt - [1150 octets] ##########
3. Nowy OTL
Dostępne tylko dla zarejestrowanych użytkowników
4.AutoRuns
Dostępne tylko dla zarejestrowanych użytkowników
-- 26 wrz 2012, 12:25 --
Wejdź w Menedżer Urządzeń -> Kontrolery IDE ATA/ATAPI -> Podstawowy kanał IDE -> Ustawienia zaawansowane -> Sprawdź, jak jest ustawiony Bieżący tryb transferu. To samo robisz dla Pomocniczego kanału IDE.
Mam tylko standardowy podwójny kontroler PCI IDE, a nigdzie nie mogę znaleźć jaki jest tryb transferu.
-
kominekl
- Posty: 5855
- Rejestracja: 27 lis 2011, 14:25
- Kontaktowanie:
BSOD WIN7 ultimate
Autoruns.
W Autoruns odznacz, a następnie usuń (co się będzie dało):
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Adobe ARM
Adobe Reader Speed Launcher
APSDaemon
iTunesHelper
QlbCtrl.exe
ROC_roc_ssl_v12
StartCCC
SysTrayApp
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Wszystko.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Wszystko.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
Wszystko.
HKLM\Software\Microsoft\Internet Explorer\Extensions
Wszystko.
Task Scheduler
Wszystko.
HKLM\System\CurrentControlSet\Services
AESTFilters
AMD External Events Utility
Apple Mobile Device
Com4QLBEx
iPod Service
LightScribeService
MozillaMaintenance
Skype C2C Service
SkypeUpdate
WinDefend
WMPNetworkSvc
ADWCleaner.
Uninstall.
Logi.
Uruchom OTL -> w oknie Własne opcje skanowania/skrypt wklej:
:OTL
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKU\S-1-5-21-1513761820-598730477-152485941-1000..\Run: [ChomikBox] C:\Program Files\ChomikBox\chomikbox.exe File not found
O4 - HKU\S-1-5-21-1513761820-598730477-152485941-1000..\Run: [Google Update] "C:\Users\Michał\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} Dostępne tylko dla zarejestrowanych użytkowników (GMNRev Class)
:Files
C:\Users\Michał\AppData\Roaming\driveridentifier
C:\Users\Michał\Desktop\TDSSKiller.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
C:\Users\Michał\AppData\Local\Temp
C:\Windows\tasks\*.*
:Commands
[emptyflash]
[clearallrestorepoints]
[emptytemp]
Klikasz Wykonaj skrypt. Dajesz log z usuwania. Następnie podajesz nowe logi z OTL.
Kiedy komputery staną się twoim jedynym życiem, jedynym totemem odstraszającym klątwę nudy, wtedy prędzej czy później granica między tymi dwoma wymiarami zniknie i postacie z Błękitnej Pustki zaczną pojawiać się w Realu. Czasem są twoimi przyjaciółmi. A czasem nie.
-
dawjek
- Posty: 38
- Rejestracja: 24 wrz 2012, 10:52
BSOD WIN7 ultimate
1. OTL Log z usuwania
2.OTL
Kod: Zaznacz cały
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ROC_roc_ssl_v12 not found.
Registry value HKEY_USERS\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ChomikBox not found.
Registry value HKEY_USERS\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update not found.
Starting removal of ActiveX control {73ECB3AA-4717-450C-A2AB-D00DAD9EE203}
C:\Windows\Downloaded Program Files\Setup.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73ECB3AA-4717-450C-A2AB-D00DAD9EE203}\ not found.
========== FILES ==========
C:\Users\Michał\AppData\Roaming\driveridentifier folder moved successfully.
C:\Users\Michał\Desktop\TDSSKiller.exe moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier folder moved successfully.
C:\Users\Michał\AppData\Local\Temp\WPDNSE folder moved successfully.
C:\Users\Michał\AppData\Local\Temp\UCDebugger folder moved successfully.
C:\Users\Michał\AppData\Local\Temp\Rar$ML0.542 folder moved successfully.
C:\Users\Michał\AppData\Local\Temp\plugtmp folder moved successfully.
C:\Users\Michał\AppData\Local\Temp\Low folder moved successfully.
C:\Users\Michał\AppData\Local\Temp\CRX_75DAF8CB7768 folder moved successfully.
C:\Users\Michał\AppData\Local\Temp\acro_rd_dir folder moved successfully.
C:\Users\Michał\AppData\Local\Temp folder moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
File move failed. C:\Windows\tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Michał
->Flash cache emptied: 894 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Michał
->Temporary Internet Files folder emptied: 2442816 bytes
->FireFox cache emptied: 56598672 bytes
->Google Chrome cache emptied: 158882457 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 31922 bytes
RecycleBin emptied: 799749 bytes
Total Files Cleaned = 209,00 mb
OTL by OldTimer - Version 3.2.68.0 log created on 09262012_155629
Files\Folders moved on Reboot...
File move failed. C:\Windows\tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
2.OTL
Kod: Zaznacz cały
OTL logfile created on: 2012-09-26 16:02:44 - Run 3
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Users\Michał\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,00 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 73,26% Memory free
5,99 Gb Paging File | 5,09 Gb Available in Paging File | 84,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 240,18 Gb Total Space | 208,88 Gb Free Space | 86,97% Space Free | Partition Type: NTFS
Drive D: | 214,69 Gb Total Space | 146,42 Gb Free Space | 68,20% Space Free | Partition Type: NTFS
Drive E: | 10,88 Gb Total Space | 1,82 Gb Free Space | 16,69% Space Free | Partition Type: NTFS
Computer Name: JEKA | User Name: Michał | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012-09-25 14:18:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe
PRC - [2012-09-07 23:19:52 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-09-05 21:09:22 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
PRC - [2012-08-30 13:23:28 | 000,008,704 | ---- | M] (Hi-Rez Studios) -- D:\Gry\Hi-Rez Studios\HiPatchService.exe
PRC - [2010-11-20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 23:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-21 17:33:32 | 000,458,844 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009-07-21 17:33:32 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe
PRC - [2009-07-12 22:04:26 | 001,656,112 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vcsFPService.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012-09-07 23:19:52 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-09-05 21:09:22 | 009,813,704 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2012-09-05 19:40:48 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2010-11-20 23:54:50 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\System.Management.ni.dll
MOD - [2010-11-20 23:52:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010-11-20 23:52:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010-11-20 23:50:36 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - [2012-09-05 21:09:23 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-08-30 13:23:28 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- D:\Gry\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2009-07-21 17:33:32 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe -- (STacSV)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-12 22:04:26 | 001,656,112 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2011-09-21 10:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011-05-13 13:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011-05-13 13:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010-11-20 23:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010-11-20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010-11-20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010-11-20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010-11-20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010-11-20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-02-25 14:18:58 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009-08-04 21:22:18 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009-07-23 23:48:00 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009-07-21 17:33:32 | 000,409,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-06-29 10:17:00 | 000,059,904 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2009-05-04 21:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2009-03-09 06:49:08 | 000,028,344 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1513761820-598730477-152485941-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-07 23:19:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\hideip@hide-ip-soft.com: C:\Users\Michał\AppData\Roaming\Hide IP NG\firefox_plugin\
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9764bb84-7272-11dd-8eb6-20d155d89557}: C:\Users\Michał\AppData\Roaming\hideip_firefox_plugin\ [2012-09-22 10:10:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-07 23:19:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012-09-05 20:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michał\AppData\Roaming\mozilla\Extensions
[2012-09-25 23:57:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\86vymkvd.default\extensions
[2012-09-25 23:57:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-09-07 23:19:52 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-08-25 05:42:39 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-08-25 05:42:39 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-08-25 05:42:39 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-08-25 05:42:39 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-08-25 05:42:39 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-08-25 05:42:39 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask.com/redirect?client=cr&src=kw&tb=HIP&o=102876&locale=en_US&apn_uid=e9473f58-f7b1-4e99-bd4e-f0de4c06cbef&apn_ptnrs=6G&apn_sauid=9C9AB536-6B9F-439D-BE32-3F5DBE8EB946&apn_dtid=YYYYYYYYPL&q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Micha\u0142\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Micha\u0142\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Micha\u0142\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Micha\u0142\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Micha\u0142\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Skype Click to Call = C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Skype Click to Call = C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{565D15CC-1DDF-4036-9465-C5BC42F276B4}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012-09-26 15:59:39 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Temp
[2012-09-26 15:28:54 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012-09-26 15:28:53 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012-09-26 15:28:46 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012-09-26 15:28:46 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012-09-26 15:28:46 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012-09-26 15:28:32 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012-09-26 15:28:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012-09-26 12:06:31 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\autoruns
[2012-09-25 23:57:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-09-25 21:45:51 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-09-25 21:44:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012-09-25 14:18:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe
[2012-09-25 09:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2012-09-24 17:04:50 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Wisdom-soft
[2012-09-24 17:04:35 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Free
[2012-09-24 17:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Free
[2012-09-24 16:51:41 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\System32\drivers\cpuz135_x32.sys
[2012-09-24 16:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012-09-24 10:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012-09-24 10:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows SideShow
[2012-09-24 10:06:28 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
[2012-09-24 10:06:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows Performance Toolkit
[2012-09-24 10:06:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2012-09-24 10:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)
[2012-09-24 10:05:53 | 000,000,000 | ---D | C] -- C:\Program Files\Debugging Tools for Windows (x86)
[2012-09-24 10:05:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier
[2012-09-24 10:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2012-09-24 10:01:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1
[2012-09-22 23:59:05 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\cache
[2012-09-22 23:56:05 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Nowe Gadu-Gadu
[2012-09-22 10:10:13 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\hideip_firefox_plugin
[2012-09-22 10:08:50 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Hide IP NG
[2012-09-22 10:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide IP NG
[2012-09-22 10:07:17 | 000,000,000 | ---D | C] -- C:\Users\Michał\.gstreamer-0.10
[2012-09-22 10:07:13 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\ChomikBox
[2012-09-22 09:52:33 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\FreeHideIP
[2012-09-22 09:52:33 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeHideIP
[2012-09-20 09:40:13 | 000,000,000 | ---D | C] -- C:\Users\Michał\Documents\My Games
[2012-09-20 00:04:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
[2012-09-20 00:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios
[2012-09-18 12:11:57 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\N.O.V.A. 3 [2w1][2 wersje gry]
[2012-09-16 12:08:39 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Adobe
[2012-09-16 12:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-09-16 12:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-09-16 12:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-09-12 12:35:00 | 000,000,000 | ---D | C] -- C:\Users\Michał\Documents\Heroes of Newerth
[2012-09-12 09:19:52 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\092312-16863
[2012-09-12 09:18:25 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\WinRAR
[2012-09-12 09:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-09-12 09:18:24 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-09-12 09:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-09-11 15:49:43 | 000,000,000 | ---D | C] -- C:\Users\Michał\Desktop\zdjecia MALTA
[2012-09-09 21:41:44 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Diagnostics
[2012-09-08 11:05:59 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-09-07 23:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-09-07 20:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM
[2012-09-07 20:34:28 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\ipla
[2012-09-07 20:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla
[2012-09-07 20:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-09-07 20:34:24 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2012-09-07 20:33:04 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-09-07 20:33:04 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2012-09-07 20:32:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012-09-06 18:44:44 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Skype
[2012-09-06 18:44:38 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012-09-06 18:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-09-06 18:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-09-06 18:44:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-09-06 18:35:54 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Apple Computer
[2012-09-06 18:35:54 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Apple Computer
[2012-09-06 18:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-09-06 18:35:46 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2012-09-06 18:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-09-06 18:35:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-09-06 18:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012-09-06 18:34:03 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Apple
[2012-09-06 18:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012-09-06 18:33:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012-09-06 18:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012-09-06 07:34:28 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Chromium
[2012-09-06 07:30:29 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012-09-06 07:30:29 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012-09-06 07:30:29 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012-09-06 07:30:29 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012-09-06 07:30:29 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012-09-06 07:30:29 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012-09-06 07:30:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012-09-06 07:30:28 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012-09-06 07:30:28 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012-09-06 07:30:28 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012-09-06 07:30:28 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012-09-06 07:30:28 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012-09-06 07:30:28 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012-09-06 07:30:28 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012-09-06 07:30:28 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012-09-06 07:30:27 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012-09-06 07:30:27 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012-09-06 07:30:27 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012-09-06 07:30:27 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012-09-06 07:30:27 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012-09-06 07:30:27 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012-09-06 07:30:27 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012-09-06 07:30:27 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012-09-06 07:30:27 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012-09-06 07:30:27 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012-09-06 07:30:26 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012-09-06 07:30:26 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012-09-06 07:30:26 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012-09-06 07:30:26 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012-09-06 07:30:26 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012-09-06 07:30:26 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012-09-06 07:30:26 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012-09-06 07:30:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012-09-06 07:30:26 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012-09-06 07:30:26 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012-09-06 07:30:26 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012-09-06 07:30:26 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012-09-06 07:30:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012-09-06 07:30:25 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012-09-06 07:30:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012-09-06 07:30:25 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012-09-06 07:30:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012-09-06 07:30:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012-09-06 07:30:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012-09-06 07:30:24 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012-09-06 07:30:24 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012-09-06 07:30:24 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012-09-06 07:30:24 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012-09-06 07:30:24 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012-09-06 07:30:24 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012-09-06 07:30:24 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012-09-06 07:30:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012-09-06 07:30:24 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012-09-06 07:30:23 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012-09-06 07:30:23 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012-09-06 07:30:22 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012-09-06 07:30:22 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012-09-06 07:30:22 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012-09-06 07:30:22 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012-09-06 07:30:22 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012-09-06 07:30:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012-09-06 07:30:22 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012-09-06 07:30:22 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012-09-06 07:30:22 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012-09-06 07:30:22 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012-09-06 07:30:21 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012-09-06 07:30:21 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012-09-06 07:30:21 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012-09-06 07:30:21 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012-09-06 07:30:21 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012-09-06 07:30:20 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012-09-06 07:30:20 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012-09-06 07:30:20 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012-09-06 07:30:20 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012-09-06 07:30:20 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012-09-06 07:30:20 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012-09-06 07:30:20 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012-09-06 07:30:20 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012-09-06 07:30:20 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012-09-06 07:30:20 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012-09-06 07:30:20 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012-09-06 07:30:20 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012-09-06 07:30:16 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012-09-06 07:30:16 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012-09-06 07:30:16 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012-09-06 07:30:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012-09-06 07:30:16 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012-09-06 07:30:16 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012-09-06 07:30:15 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012-09-06 07:30:15 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012-09-06 07:30:15 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012-09-06 07:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge
[2012-09-06 07:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\Gameforge
[2012-09-05 21:34:28 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-09-05 21:29:57 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Google
[2012-09-05 21:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2012-09-05 21:09:33 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Macromedia
[2012-09-05 20:53:03 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Hewlett-Packard
[2012-09-05 20:49:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012-09-05 20:49:51 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Hewlett-Packard
[2012-09-05 20:49:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2012-09-05 20:46:00 | 000,000,000 | ---D | C] -- C:\hp
[2012-09-05 20:45:46 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\WinBatch
[2012-09-05 20:43:15 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012-09-05 20:34:23 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Mozilla
[2012-09-05 20:34:23 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Mozilla
[2012-09-05 20:33:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012-09-05 20:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-09-05 20:25:24 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\ATI
[2012-09-05 20:25:24 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\ATI
[2012-09-05 20:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-09-05 20:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012-09-05 20:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012-09-05 20:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012-09-05 20:19:36 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012-09-05 20:19:19 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-09-05 20:06:49 | 000,372,736 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2012-09-05 20:06:49 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2012-09-05 20:06:48 | 012,030,044 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2012-09-05 20:06:48 | 003,600,384 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2012-09-05 20:06:48 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2012-09-05 20:06:48 | 000,458,844 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray.exe
[2012-09-05 20:06:48 | 000,138,240 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2012-09-05 20:06:48 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AESTCom.dll
[2012-09-05 20:06:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs
[2012-09-05 20:06:42 | 000,175,616 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\staco.dll
[2012-09-05 20:05:47 | 000,409,088 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2012-09-05 20:05:46 | 000,915,456 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll
[2012-09-05 20:05:46 | 000,490,496 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2012-09-05 20:05:46 | 000,405,504 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2012-09-05 20:05:43 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2012-09-05 20:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012-09-05 19:55:36 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Macromedia
[2012-09-05 19:55:36 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Adobe
[2012-09-05 19:55:28 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-09-05 19:55:28 | 000,073,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-09-05 19:55:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012-09-05 19:54:00 | 007,360,512 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSUSTORicon.dll
[2012-09-05 19:53:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\SDA
[2012-09-05 19:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\JMicron
[2012-09-05 19:52:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2012-09-05 19:52:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2012-09-05 19:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012-09-05 19:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-09-05 19:46:34 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\hpqLog
[2012-09-05 19:46:05 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wdfcoinstaller01005.dll
[2012-09-05 19:46:05 | 000,015,872 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys
[2012-09-05 19:46:04 | 001,885,488 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmns.dll
[2012-09-05 19:46:04 | 001,863,680 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmn.dll
[2012-09-05 19:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2012-09-05 19:46:03 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012-09-05 19:45:13 | 000,036,921 | ---- | C] (Hauppauge Computer Works) -- C:\Windows\System32\hcwutl32.dll
[2012-09-05 19:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\HP USB TV Tuner
[2012-09-05 19:43:03 | 000,028,344 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys
[2012-09-05 19:43:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012-09-05 19:43:02 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2012-09-05 19:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012-09-05 19:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\Validity Sensors
[2012-09-05 19:40:31 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012-09-05 19:39:22 | 000,000,000 | ---D | C] -- C:\swsetup
[2012-09-05 19:28:56 | 000,000,000 | R--D | C] -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-09-05 19:28:56 | 000,000,000 | R--D | C] -- C:\Users\Michał\Searches
[2012-09-05 19:28:56 | 000,000,000 | R--D | C] -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-09-05 19:28:45 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Identities
[2012-09-05 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Michał\Contacts
[2012-09-05 19:28:35 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\VirtualStore
[2012-09-05 19:28:32 | 000,000,000 | --SD | C] -- C:\Users\Michał\AppData\Roaming\Microsoft
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\Videos
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\Saved Games
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\Pictures
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\Music
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\Links
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\Favorites
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\Downloads
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\Documents
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\Desktop
[2012-09-05 19:28:32 | 000,000,000 | R--D | C] -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\Ustawienia lokalne
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\AppData\Local\Temporary Internet Files
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\Szablony
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\SendTo
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\Recent
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\PrintHood
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\NetHood
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\Documents\Moje wideo
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\Documents\Moje obrazy
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\Moje dokumenty
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\Documents\Moja muzyka
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\Menu Start
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\AppData\Local\Historia
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\Dane aplikacji
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\AppData\Local\Dane aplikacji
[2012-09-05 19:28:32 | 000,000,000 | -HSD | C] -- C:\Users\Michał\Cookies
[2012-09-05 19:28:32 | 000,000,000 | -H-D | C] -- C:\Users\Michał\AppData
[2012-09-05 19:28:32 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Local\Microsoft
[2012-09-05 19:28:32 | 000,000,000 | ---D | C] -- C:\Users\Michał\AppData\Roaming\Media Center Programs
[2012-09-05 19:28:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-09-05 19:28:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-09-05 19:28:20 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012-09-05 19:28:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-09-05 19:28:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-09-05 19:28:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-09-05 19:28:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-09-05 19:28:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-09-05 19:28:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-09-05 19:28:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2012-09-05 19:23:44 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-09-05 19:21:33 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012-09-05 19:20:40 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012-09-26 16:01:48 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-09-26 16:01:48 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-09-26 15:59:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-09-26 15:59:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-09-26 15:59:10 | 2414,215,168 | -HS- | M] () -- C:\hiberfil.sys
[2012-09-26 15:57:48 | 001,310,720 | -HS- | M] () -- C:\Users\Michał\NTUSER.DAT
[2012-09-26 15:34:10 | 001,712,832 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-09-26 15:34:10 | 000,762,416 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-09-26 15:34:10 | 000,660,212 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-09-26 15:34:10 | 000,162,616 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-09-26 15:34:10 | 000,128,760 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-09-26 15:26:49 | 196,312,115 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-09-26 12:12:51 | 000,043,776 | ---- | M] () -- C:\Users\Michał\Desktop\AutoRuns.rar
[2012-09-26 12:09:25 | 001,898,028 | ---- | M] () -- C:\Users\Michał\Desktop\AutoRuns.arn
[2012-09-26 00:27:54 | 002,351,320 | -H-- | M] () -- C:\Users\Michał\AppData\Local\IconCache.db
[2012-09-25 22:20:09 | 000,000,734 | ---- | M] () -- C:\Users\Public\Desktop\Driver Identifier.lnk
[2012-09-25 14:18:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michał\Desktop\OTL.exe
[2012-09-25 09:09:33 | 000,000,612 | ---- | M] () -- C:\Users\Michał\Desktop\HD Tune.lnk
[2012-09-24 17:15:46 | 000,182,461 | ---- | M] () -- C:\Users\Michał\Desktop\BSOD1.jpg
[2012-09-24 17:14:30 | 000,085,588 | ---- | M] () -- C:\Users\Michał\Desktop\BSOD2.jpg
[2012-09-24 17:08:20 | 000,095,415 | ---- | M] () -- C:\Users\Michał\Desktop\temperatura.jpg
[2012-09-24 17:04:35 | 000,000,848 | ---- | M] () -- C:\Users\Michał\Desktop\ScreenHunter 6.0 Free.lnk
[2012-09-24 16:51:42 | 000,000,767 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2012-09-22 23:56:35 | 000,000,671 | ---- | M] () -- C:\Users\Public\Desktop\Nowe Gadu-Gadu.lnk
[2012-09-20 00:06:17 | 000,000,805 | ---- | M] () -- C:\Users\Public\Desktop\Smite Closed Beta.lnk
[2012-09-17 19:56:55 | 709,056,992 | ---- | M] () -- C:\Users\Michał\Documents\DSCN4979.AVI
[2012-09-10 21:59:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-09-07 20:33:04 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2012-09-07 20:33:04 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2012-09-06 18:44:38 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-09-06 18:36:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-09-06 18:35:52 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-09-06 07:30:10 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\AION Free-To-Play.lnk
[2012-09-05 21:34:30 | 000,002,337 | ---- | M] () -- C:\Users\Michał\Desktop\Google Chrome.lnk
[2012-09-05 21:09:22 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-09-05 21:09:22 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-09-05 20:19:22 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-09-05 19:50:20 | 000,057,560 | ---- | M] () -- C:\Users\Michał\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-09-05 19:48:03 | 000,006,656 | ---- | M] () -- C:\Windows\System32\bcmwlrc.dll
[2012-09-05 19:36:51 | 000,338,906 | RHS- | M] () -- C:\JAFXQ
[2012-09-05 19:36:51 | 000,000,020 | RHS- | M] () -- C:\win7.ld
[2012-09-05 19:28:32 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-09-05 19:28:32 | 000,524,288 | -HS- | M] () -- C:\Users\Michał\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-09-05 19:28:32 | 000,065,536 | -HS- | M] () -- C:\Users\Michał\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-09-05 19:28:32 | 000,000,020 | -HS- | M] () -- C:\Users\Michał\ntuser.ini
[2012-09-05 19:25:02 | 000,067,908 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012-09-05 19:23:23 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012-09-05 19:21:14 | 000,265,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012-09-26 15:59:26 | 000,000,006 | -H-- | C] () -- C:\Windows\tasks\SA.DAT
[2012-09-26 12:12:51 | 000,043,776 | ---- | C] () -- C:\Users\Michał\Desktop\AutoRuns.rar
[2012-09-26 12:09:25 | 001,898,028 | ---- | C] () -- C:\Users\Michał\Desktop\AutoRuns.arn
[2012-09-25 22:20:09 | 000,000,734 | ---- | C] () -- C:\Users\Public\Desktop\Driver Identifier.lnk
[2012-09-25 09:09:33 | 000,000,612 | ---- | C] () -- C:\Users\Michał\Desktop\HD Tune.lnk
[2012-09-24 17:15:46 | 000,182,461 | ---- | C] () -- C:\Users\Michał\Desktop\BSOD1.jpg
[2012-09-24 17:14:30 | 000,085,588 | ---- | C] () -- C:\Users\Michał\Desktop\BSOD2.jpg
[2012-09-24 17:08:20 | 000,095,415 | ---- | C] () -- C:\Users\Michał\Desktop\temperatura.jpg
[2012-09-24 17:04:35 | 000,000,848 | ---- | C] () -- C:\Users\Michał\Desktop\ScreenHunter 6.0 Free.lnk
[2012-09-24 16:51:42 | 000,000,767 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2012-09-22 23:56:35 | 000,000,671 | ---- | C] () -- C:\Users\Public\Desktop\Nowe Gadu-Gadu.lnk
[2012-09-22 23:56:07 | 000,000,671 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nowe Gadu-Gadu.lnk
[2012-09-20 00:06:17 | 000,000,805 | ---- | C] () -- C:\Users\Public\Desktop\Smite Closed Beta.lnk
[2012-09-17 17:42:21 | 709,056,992 | ---- | C] () -- C:\Users\Michał\Documents\DSCN4979.AVI
[2012-09-16 12:08:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012-09-10 21:59:05 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-09-08 11:05:55 | 196,312,115 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-09-07 20:34:26 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-09-06 18:44:38 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-09-06 18:36:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012-09-06 18:35:52 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-09-06 18:34:02 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012-09-06 07:30:10 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\AION Free-To-Play.lnk
[2012-09-05 21:34:30 | 000,002,337 | ---- | C] () -- C:\Users\Michał\Desktop\Google Chrome.lnk
[2012-09-05 20:50:21 | 000,002,024 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Advisor.lnk
[2012-09-05 20:33:11 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-09-05 20:19:22 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012-09-05 20:19:19 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012-09-05 19:50:20 | 000,057,560 | ---- | C] () -- C:\Users\Michał\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-09-05 19:48:08 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2012-09-05 19:47:18 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012-09-05 19:36:59 | 002,351,320 | -H-- | C] () -- C:\Users\Michał\AppData\Local\IconCache.db
[2012-09-05 19:36:51 | 000,338,906 | RHS- | C] () -- C:\JAFXQ
[2012-09-05 19:36:51 | 000,000,020 | RHS- | C] () -- C:\win7.ld
[2012-09-05 19:35:10 | 000,001,421 | ---- | C] () -- C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-09-05 19:28:32 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012-09-05 19:28:32 | 000,524,288 | -HS- | C] () -- C:\Users\Michał\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012-09-05 19:28:32 | 000,065,536 | -HS- | C] () -- C:\Users\Michał\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012-09-05 19:28:32 | 000,000,020 | -HS- | C] () -- C:\Users\Michał\ntuser.ini
[2012-09-05 19:28:31 | 001,310,720 | -HS- | C] () -- C:\Users\Michał\NTUSER.DAT
[2012-09-05 19:24:48 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012-09-05 19:24:37 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012-09-05 19:23:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-09-05 19:20:41 | 2414,215,168 | -HS- | C] () -- C:\hiberfil.sys
[2011-02-01 21:37:01 | 000,762,416 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2011-02-01 21:37:01 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2011-02-01 21:37:01 | 000,162,616 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2011-02-01 21:37:01 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2010-11-20 23:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010-11-20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010-11-20 23:29:20 | 000,053,600 | ---- | C] () -- C:\Windows\System32\dosx.exe
[2010-11-20 23:01:02 | 001,712,832 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-20 23:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== LOP Check ==========[/color]
[2012-09-22 09:52:33 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\FreeHideIP
[2012-09-22 10:10:15 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Hide IP NG
[2012-09-22 10:10:13 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\hideip_firefox_plugin
[2012-09-07 20:34:42 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\ipla
[2012-09-22 23:59:06 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\Nowe Gadu-Gadu
[2012-09-05 20:45:46 | 000,000,000 | ---D | M] -- C:\Users\Michał\AppData\Roaming\WinBatch
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
-
- Reklama
Kto jest online
Użytkownicy przeglądający to forum: Obecnie na forum nie ma żadnego zarejestrowanego użytkownika i 3 gości
