Prosze o sprawdzenie logow OTL

Niecodzienny · 4 Października 2013

OTL:

OTL logfile created on: 2013-10-04 10:59:58 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Darek\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,91 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,66% Memory free
7,83 Gb Paging File | 5,55 Gb Available in Paging File | 70,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,00 Gb Total Space | 35,17 Gb Free Space | 35,17% Space Free | Partition Type: NTFS
Drive D: | 177,46 Gb Total Space | 22,31 Gb Free Space | 12,57% Space Free | Partition Type: NTFS
Drive F: | 425,50 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: WESPEREK | User Name: Darek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-10-04 10:59:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Darek\Downloads\OTL.exe
PRC - [2013-08-30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-08-30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-08-30 09:47:31 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013-08-27 12:42:50 | 000,358,480 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2013-08-27 12:42:14 | 000,437,328 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2013-07-08 12:35:42 | 001,992,704 | ---- | M] () -- C:\Program Files (x86)\screenSHU\screenSHU.exe
PRC - [2013-06-15 03:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2012-02-11 22:52:00 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\SpeedyDrive\mounter.exe
PRC - [2011-03-30 14:42:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011-03-30 14:42:32 | 001,321,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011-03-30 14:42:30 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011-03-30 14:42:28 | 000,985,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2010-09-29 18:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
PRC - [2009-08-13 06:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe

========== Modules (No Company Name) ==========

MOD - [2013-07-08 12:35:42 | 001,992,704 | ---- | M] () -- C:\Program Files (x86)\screenSHU\screenSHU.exe
MOD - [2013-06-15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
MOD - [2013-06-15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013-06-15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013-06-15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013-06-15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2012-02-02 19:26:52 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\screenSHU\libgcc_s_dw2-1.dll
MOD - [2012-02-02 19:26:52 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\screenSHU\mingwm10.dll
MOD - [2011-12-02 02:30:54 | 000,979,982 | ---- | M] () -- C:\Program Files (x86)\screenSHU\libstdc++-6.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013-08-30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013-08-30 09:47:31 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011-01-05 13:41:38 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011-01-05 13:28:50 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011-01-05 13:26:56 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010-10-07 15:58:14 | 000,331,776 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:64bit: - [2010-06-17 15:47:12 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV - [2013-10-01 15:51:14 | 002,746,704 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013-08-27 12:42:50 | 000,358,480 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2013-08-27 12:42:14 | 000,437,328 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2013-08-27 12:09:34 | 014,401,104 | ---- | M] () [Auto | Stopped] -- D:\Program Files (x86)\VMware\vmware-hostd.exe -- (VMwareHostd)
SRV - [2013-08-27 11:50:10 | 000,086,096 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- D:\Program Files (x86)\VMware\vmware-authd.exe -- (VMAuthdService)
SRV - [2013-08-26 23:33:42 | 000,904,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2013-06-07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012-02-11 22:52:00 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SpeedyDrive\mounter.exe -- (DokanMounter)
SRV - [2011-03-30 14:42:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011-03-30 14:42:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011-03-30 14:42:30 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-08-30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-08-30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-08-30 09:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-08-30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-08-30 09:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-08-30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013-08-30 09:48:09 | 000,270,824 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2013-08-30 09:48:09 | 000,131,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2013-08-30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-08-30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-08-30 09:48:09 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013-08-27 12:42:46 | 000,030,800 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2013-08-27 12:42:20 | 000,064,080 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2013-08-27 12:42:02 | 000,046,160 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2013-08-27 12:42:02 | 000,020,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2013-08-27 12:41:58 | 000,032,848 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2013-08-26 23:33:30 | 000,053,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2013-08-15 18:25:16 | 000,073,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2013-08-15 18:25:12 | 000,085,584 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2013-07-17 11:17:56 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2013-07-04 15:57:00 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013-06-11 17:05:59 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013-04-24 21:28:08 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-08-23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-11 22:52:00 | 000,120,408 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\dokan.sys -- (Dokan)
DRV:64bit: - [2011-12-15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011-04-15 04:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011-03-25 12:41:48 | 000,022,552 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rstfltr.sys -- (rstfltr)
DRV:64bit: - [2011-03-25 12:41:44 | 000,607,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rstescu1.sys -- (rstescu1)
DRV:64bit: - [2011-03-25 12:41:42 | 000,607,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rstescu.sys -- (rstescu)
DRV:64bit: - [2011-03-22 18:14:04 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-03-08 14:44:08 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011-03-08 14:44:08 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011-02-18 01:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011-01-04 11:29:46 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010-12-28 20:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-10-20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010-10-14 18:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010-10-09 05:35:38 | 001,801,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2010-05-07 03:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009-11-19 13:45:08 | 000,299,568 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-24 06:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006-11-01 12:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV:64bit: - [2006-11-01 11:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV - [2010-11-01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1967885626-866257224-4059253713-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1967885626-866257224-4059253713-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1967885626-866257224-4059253713-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1967885626-866257224-4059253713-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-12 05:58:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013-05-26 13:34:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Darek\AppData\Roaming\mozilla\Extensions
[2013-09-28 20:48:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Darek\AppData\Roaming\mozilla\Firefox\Profiles\jlnsjxm2.default-1379504368025\extensions
[2013-10-01 19:41:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013-10-01 19:41:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013-10-01 19:41:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - Extension: Dokumenty Google = C:\Users\Darek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Darek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Darek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Darek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Darek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0\
CHR - Extension: Gmail = C:\Users\Darek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [bTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [intelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [indicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [vmware-tray.exe] D:\Program Files (x86)\VMware\vmware-tray.exe (VMware, Inc.)
O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1967885626-866257224-4059253713-1000..\Run: [eRclient] C:\Users\Darek\AppData\Roaming\eRclient\eRclient.exe (eRmail Company, s. r. o.)
O4 - HKU\S-1-5-21-1967885626-866257224-4059253713-1000..\Run: [screenSHU] C:\Program Files (x86)\screenSHU\screenSHU.exe ()
O4 - HKU\S-1-5-21-1967885626-866257224-4059253713-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1967885626-866257224-4059253713-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F11572B1-0F54-4C6F-9188-06067A43D558}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003-05-06 13:56:44 | 000,090,112 | R--- | M] (Knowledge Adventure) - F:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2005-04-29 17:22:47 | 000,004,685 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{08895dac-c8fe-11e2-bc49-4c809354acd0}\Shell - "" = AutoRun
O33 - MountPoints2\{08895dac-c8fe-11e2-bc49-4c809354acd0}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta
O33 - MountPoints2\{6855be3b-d295-11e2-837d-9f8b21a3fe95}\Shell - "" = AutoRun
O33 - MountPoints2\{6855be3b-d295-11e2-837d-9f8b21a3fe95}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE -- [2003-05-06 13:56:44 | 000,090,112 | R--- | M] (Knowledge Adventure)
O33 - MountPoints2\{6855be3b-d295-11e2-837d-9f8b21a3fe95}\Shell\Setup\command - "" = F:\Support\SETUP\Setup.exe -- [2002-12-02 16:33:00 | 000,107,512 | R--- | M] (InstallShield Software Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-10-04 09:52:45 | 000,000,000 | ---D | C] -- C:\Users\Darek\AppData\Local\LogMeIn
[2013-10-04 09:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2013-10-03 11:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013-10-03 11:30:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013-10-03 11:28:22 | 000,000,000 | ---D | C] -- C:\Users\Darek\AppData\Roaming\Apple Computer
[2013-10-02 17:46:44 | 000,000,000 | ---D | C] -- C:\Users\Darek\Documents\Shark Tale
[2013-10-02 17:45:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2013-10-02 17:43:45 | 000,000,000 | ---D | C] -- C:\Users\Darek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Activision
[2013-10-02 17:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013-10-02 17:34:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013-10-02 17:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013-10-02 17:33:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013-10-02 17:33:27 | 000,000,000 | ---D | C] -- C:\Users\Darek\AppData\Local\Apple
[2013-10-02 17:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013-10-02 17:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013-10-02 17:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barbie
[2013-10-02 17:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Vivendi Universal Games
[2013-10-01 19:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-09-30 21:54:54 | 000,000,000 | ---D | C] -- C:\Users\Darek\AppData\Local\VMware
[2013-09-30 21:54:53 | 000,000,000 | ---D | C] -- C:\Users\Darek\AppData\Roaming\VMware
[2013-09-30 18:30:29 | 000,067,664 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vsocklib.dll
[2013-09-30 18:30:29 | 000,063,568 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vsocklib.dll
[2013-09-30 18:30:28 | 000,073,296 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vsock.sys
[2013-09-30 18:30:16 | 000,064,080 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2013-09-30 18:30:15 | 000,032,848 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2013-09-30 18:29:19 | 000,358,480 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2013-09-30 18:29:13 | 000,437,328 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2013-09-30 18:29:13 | 000,030,800 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2013-09-30 18:28:59 | 000,930,384 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2013-09-30 18:28:13 | 000,053,816 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2013-09-30 18:27:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2013-09-30 18:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2013-09-30 18:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2013-09-30 18:24:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2013-09-30 18:24:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2013-09-30 18:24:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines
[2013-09-30 18:13:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Makayama Interactive
[2013-09-30 15:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2013-09-26 16:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AidemMedia
[2013-09-26 16:39:32 | 000,000,000 | ---D | C] -- C:\Users\Darek\AppData\Roaming\Aidem Media
[2013-09-23 13:21:00 | 000,000,000 | ---D | C] -- C:\Users\Darek\Paker
[2013-09-23 13:13:53 | 000,000,000 | ---D | C] -- C:\Users\Darek\Desktop\Nowy folder (3)
[2013-09-22 10:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O22y Inc
[2013-09-18 13:39:35 | 000,000,000 | ---D | C] -- C:\Users\Darek\Desktop\Stare dane programu Firefox
[2013-09-16 16:46:12 | 000,000,000 | ---D | C] -- C:\Users\Darek\Documents\My Games
[2013-09-16 16:45:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
[2013-09-16 14:55:51 | 000,000,000 | ---D | C] -- C:\Users\Darek\Desktop\Nowy folder (2)
[2013-09-15 13:28:32 | 000,000,000 | ---D | C] -- C:\Users\Darek\AppData\Local\LogMeIn Hamachi
[2013-09-12 05:58:20 | 000,270,824 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2013-09-12 05:58:19 | 000,131,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2013-09-12 05:58:19 | 000,022,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2013-09-12 05:58:16 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2013-09-12 05:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2013-09-11 10:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2013-09-11 09:54:45 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-09-11 09:54:44 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-09-11 09:54:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013-09-11 09:54:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013-09-11 09:54:42 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013-09-11 09:54:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013-09-11 09:54:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013-09-11 09:54:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013-09-11 09:54:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013-09-11 09:54:40 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013-09-11 09:54:40 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013-09-11 09:54:35 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-09-11 09:54:34 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-09-11 09:54:34 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-09-11 09:54:33 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-09-11 09:47:19 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013-09-11 09:47:14 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013-09-11 09:47:13 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013-09-11 09:47:13 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013-09-11 09:47:12 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013-09-11 09:47:12 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013-09-11 09:47:11 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013-09-11 09:47:10 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013-09-11 09:47:10 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013-09-11 09:47:10 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013-09-11 09:47:10 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013-09-11 09:47:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013-09-11 09:47:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013-09-11 09:47:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013-09-11 09:47:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013-09-11 09:47:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013-09-11 09:47:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013-09-11 09:47:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013-09-11 09:47:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013-09-11 09:47:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013-09-11 09:47:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013-09-11 09:47:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-09-11 09:47:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013-09-11 09:47:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013-09-11 09:47:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013-09-11 09:47:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013-09-11 09:47:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013-09-11 09:47:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-09-11 09:47:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013-09-11 09:47:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013-09-11 09:47:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013-09-11 09:47:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-09-11 09:47:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013-09-11 09:47:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013-09-11 09:47:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013-09-11 09:47:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013-09-11 09:47:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013-09-11 09:47:07 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013-09-11 09:47:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013-09-11 09:47:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013-09-11 09:47:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013-09-11 09:47:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-09-11 09:47:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013-09-11 09:47:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013-09-11 09:47:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013-09-11 09:47:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-09-11 09:47:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013-09-11 09:47:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013-09-11 09:47:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013-09-11 09:47:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013-09-11 09:47:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013-09-11 09:47:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013-09-11 09:47:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013-09-11 09:47:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013-09-11 09:47:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013-09-11 09:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013-09-11 09:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013-09-11 09:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-09-11 09:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013-09-11 09:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013-09-11 09:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013-09-11 09:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013-09-11 09:47:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013-09-11 09:47:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013-09-11 09:47:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013-09-11 09:47:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013-09-11 09:47:00 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013-09-11 09:47:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013-09-11 09:47:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013-09-11 09:46:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013-09-11 09:46:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013-09-11 09:46:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013-09-11 09:46:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013-09-11 09:46:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013-09-11 09:46:58 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013-09-11 09:46:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013-09-11 09:46:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013-09-11 09:46:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013-09-11 09:46:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013-09-04 13:24:43 | 000,000,000 | ---D | C] -- C:\Users\Darek\AppData\Local\Diagnostics
[2013-07-24 11:39:46 | 000,005,120 | ---- | C] (myN) -- C:\Users\Darek\AppData\Roaming\patcher02.patUpdater.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-10-04 10:00:18 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-10-04 10:00:18 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-10-04 09:51:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-10-04 09:50:55 | 3152,506,880 | -HS- | M] () -- C:\hiberfil.sys
[2013-10-02 17:45:40 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\Graj w Rybki z Ferajny.lnk
[2013-10-02 17:35:01 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013-10-02 17:26:52 | 000,000,130 | ---- | M] () -- C:\Windows\KA.ini
[2013-10-02 17:26:46 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Barbie z Jeziora Łabędziego.lnk
[2013-09-30 19:01:33 | 000,000,301 | ---- | M] () -- C:\Users\Darek\AppData\Roaming\burnaware.ini
[2013-09-30 18:27:12 | 000,001,024 | ---- | M] () -- C:\Windows\SysWow64\%TMP%
[2013-09-30 18:27:06 | 001,695,888 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-09-30 18:27:06 | 000,743,068 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-09-30 18:27:06 | 000,656,860 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-09-30 18:27:06 | 000,157,136 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-09-30 18:27:06 | 000,123,258 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-09-30 18:27:02 | 000,001,687 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2013-09-30 14:18:59 | 001,669,178 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-09-26 16:40:45 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\Alfabet.lnk
[2013-09-24 23:19:16 | 000,000,690 | ---- | M] () -- C:\Users\Darek\Desktop\Internet Download Manager.lnk
[2013-09-22 10:41:57 | 000,000,807 | ---- | M] () -- C:\Users\Darek\Desktop\The Incredible Adventures of Van Helsing.lnk
[2013-09-16 16:45:54 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\Path of Exile.lnk
[2013-09-16 11:32:14 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013-09-16 11:32:14 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-09-12 05:58:18 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013-09-12 05:55:06 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013-09-11 10:10:05 | 000,276,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-09-11 09:56:41 | 000,934,183 | ---- | M] () -- C:\Users\Darek\Desktop\qqqq.xps
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-10-02 17:45:40 | 000,000,977 | ---- | C] () -- C:\Users\Public\Desktop\Graj w Rybki z Ferajny.lnk
[2013-10-02 17:35:01 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013-10-02 17:33:22 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013-10-02 17:26:52 | 000,000,130 | ---- | C] () -- C:\Windows\KA.ini
[2013-10-02 17:26:46 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Barbie z Jeziora Łabędziego.lnk
[2013-09-30 19:00:12 | 000,000,301 | ---- | C] () -- C:\Users\Darek\AppData\Roaming\burnaware.ini
[2013-09-30 18:27:12 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\%TMP%
[2013-09-30 18:27:02 | 000,001,687 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2013-09-26 16:40:45 | 000,001,946 | ---- | C] () -- C:\Users\Public\Desktop\Alfabet.lnk
[2013-09-24 23:19:16 | 000,000,690 | ---- | C] () -- C:\Users\Darek\Desktop\Internet Download Manager.lnk
[2013-09-22 10:41:57 | 000,000,807 | ---- | C] () -- C:\Users\Darek\Desktop\The Incredible Adventures of Van Helsing.lnk
[2013-09-16 16:45:54 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\Path of Exile.lnk
[2013-09-12 05:58:18 | 000,204,880 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013-09-12 05:58:18 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013-09-12 05:55:06 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013-09-11 09:56:37 | 000,934,183 | ---- | C] () -- C:\Users\Darek\Desktop\qqqq.xps
[2013-08-07 17:25:10 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2013-08-07 17:25:10 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2013-08-07 17:25:10 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2013-07-27 10:03:16 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2013-06-25 15:35:58 | 001,695,888 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-06-23 14:01:51 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013-06-23 14:01:51 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2013-06-20 14:20:25 | 001,073,152 | ---- | C] () -- C:\Windows\SysWow64\libmysql_c.dll
[2013-06-17 08:49:02 | 000,000,600 | ---- | C] () -- C:\Users\Darek\AppData\Local\PUTTY.RND
[2013-06-16 15:29:29 | 001,816,064 | ---- | C] () -- C:\Windows\SysWow64\libmysql_e.dll
[2013-05-28 23:05:23 | 000,000,343 | ---- | C] () -- C:\Users\Darek\SciTE.session
[2013-05-26 13:44:20 | 000,000,061 | ---- | C] () -- C:\Users\Darek\SciTEUser.properties
[2012-02-17 17:14:06 | 000,000,038 | ---- | C] () -- C:\Users\Darek\abbrev.properties
[2012-02-17 16:02:02 | 000,000,000 | ---- | C] () -- C:\Users\Darek\au3.keywords.user.abbreviations.properties
[2012-02-14 22:52:12 | 000,000,027 | ---- | C] () -- C:\Users\Darek\au3UserAbbrev.properties
[2012-02-11 22:52:00 | 000,035,840 | ---- | C] () -- C:\Windows\SysWow64\dokan.dll
[2010-03-27 17:22:54 | 000,014,905 | ---- | C] () -- C:\Users\Darek\au3abbrev.properties
[2010-01-02 23:16:12 | 000,000,111 | ---- | C] () -- C:\Users\Darek\au3.UserUdfs.properties
[2010-01-02 23:15:50 | 000,000,000 | ---- | C] () -- C:\Users\Darek\au3.user.calltips.api

========== ZeroAccess Check ==========

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-07-21 15:37:42 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\.minecraft
[2013-08-30 14:27:07 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\Ableton
[2013-09-26 16:39:32 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\Aidem Media
[2013-10-04 10:51:39 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\DAEMON Tools Lite
[2013-09-25 17:16:51 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\DMCache
[2013-08-07 17:11:42 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\driveridentifier
[2013-08-19 13:23:12 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\eRclient
[2013-07-27 11:47:21 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\FileZilla
[2013-05-26 13:25:43 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\Fujitsu
[2013-08-30 12:17:48 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\Line 6
[2013-05-28 12:48:40 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\Need for Speed World
[2013-05-27 16:15:43 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\Notepad++
[2013-08-30 12:17:03 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\Propellerhead Software
[2013-07-07 10:34:17 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\Rovio
[2013-05-30 20:37:03 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\TeamViewer
[2013-10-04 10:51:39 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\TS3Client
[2013-10-04 10:45:38 | 000,000,000 | ---D | M] -- C:\Users\Darek\AppData\Roaming\uTorrent

========== Purity Check ==========

< End of report >

Extras:

OTL Extras logfile created on: 2013-10-04 10:59:58 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Darek\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,91 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,66% Memory free
7,83 Gb Paging File | 5,55 Gb Available in Paging File | 70,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,00 Gb Total Space | 35,17 Gb Free Space | 35,17% Space Free | Partition Type: NTFS
Drive D: | 177,46 Gb Total Space | 22,31 Gb Free Space | 12,57% Space Free | Partition Type: NTFS
Drive F: | 425,50 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: WESPEREK | User Name: Darek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1967885626-866257224-4059253713-1000\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E49CE2-4647-4E67-94C5-012B04572E74}" = lport=445 | protocol=6 | dir=in | app=system |
"{034C5648-8623-47CD-88C0-8B1090C31C3C}" = lport=139 | protocol=6 | dir=in | app=system |
"{105686FE-99FB-40F3-B5E1-30FB3662C690}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2DC95D66-2FCA-439C-85E4-AD66E4D17572}" = rport=137 | protocol=17 | dir=out | app=system |
"{365D9764-FFF3-422D-AE8F-FF60CB95DF15}" = lport=137 | protocol=17 | dir=in | app=system |
"{37082579-5788-48A4-9765-E99977B4882D}" = rport=138 | protocol=17 | dir=out | app=system |
"{43C2B550-F307-45B2-B096-B3ADCE691102}" = rport=445 | protocol=6 | dir=out | app=system |
"{5561852F-C744-438C-869C-FD50E261ABA5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{600B3A6F-F696-4AF4-98C9-9F90E07BA18F}" = rport=139 | protocol=6 | dir=out | app=system |
"{686CF20A-EC80-4105-BCC8-887806B1D2D0}" = lport=138 | protocol=17 | dir=in | app=system |
"{6C66EBD4-2608-48F9-92F4-F36F89F8D030}" = lport=10243 | protocol=6 | dir=in | app=system |
"{724F0333-77CC-4DAD-87AF-B3E6B7C135B2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A3BED1A-AD3E-40F1-AF34-5B5E6A07B78F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7AB56794-5C12-4265-BAB3-594C496D7864}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7FED9135-01BA-4AC1-A999-F6B4DF49BA16}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{85BA2C6F-6DEA-4708-9054-92CE7F74973E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A3426504-F7AC-4D27-834A-ACA31698B6CB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AECFC95C-ECCA-41C5-BADD-1DE22DCD7BCB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D8BA40DD-8021-4E4B-94C7-2D177980FC27}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E2542B9A-FA5D-4EB8-A67F-7A9A70894B6F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EC97A0B2-A3C8-4156-A81D-417189AD846D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EFDFEA94-5B76-486F-AF61-4A039A22C305}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F40F61AC-153B-4587-96D5-3164259D8E21}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A8B3CE-8587-40B1-A5B2-319F8470965E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0A9D8774-7007-483B-AAFE-1EFCE0947677}" = protocol=58 | dir=in | [email protected],-28545 |
"{12118D63-A5F7-4F66-9BBD-B56C711A1960}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{1D715F30-7450-403C-A187-8B210179D59F}" = protocol=6 | dir=in | app=d:\program files (x86)\gameforgelive\games\pol_pol\priv moj\metin2.bin |
"{3F3E6632-0383-476F-A53A-C918AC4DC60F}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4521F6AA-27D7-4574-85F6-E8638908C9D6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{46B1C1B1-1E53-42C9-B0EC-57045F728D1B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{59541103-087F-4A8E-A8AD-A0B065A1E55A}" = protocol=6 | dir=out | app=system |
"{5E6F4217-A1D2-48DA-ADAF-8B1DBD7A02C7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5FFF1846-B623-4898-99DD-C8259F7EF421}" = protocol=58 | dir=out | [email protected],-28546 |
"{61153CDA-55C1-442A-9087-CF1323813487}" = protocol=17 | dir=in | app=d:\program files (x86)\gameforgelive\games\pol_pol\priv moj\metin2.bin |
"{62ECEA51-AAEE-4323-90CF-133141C505F8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64A3A8CC-D256-4A13-A04F-0BF9B67DE16D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65445F21-D426-4CF1-97CF-1A8EF617078F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6E594C74-53B1-4546-BAED-7DB396040113}" = dir=in | app=d:\program files (x86)\vmware\vmware-authd.exe |
"{707BD11D-0F02-48A1-9A77-F9784538912E}" = dir=in | app=d:\program files (x86)\vmware\vmware-authd.exe |
"{7AAFB4B6-591A-4798-9E5F-382B73FC308A}" = dir=in | app=d:\program files (x86)\vmware\vmware-hostd.exe |
"{833D6613-CBC6-4270-A534-4AD3F84F7892}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8888681C-3D58-4397-8402-A0975E12DA70}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8F8C536D-D5C4-47FF-B1B3-611D31897804}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{91CD5122-5B44-487C-A8CE-15D32C8600F6}" = protocol=1 | dir=out | [email protected],-28544 |
"{96627E0A-C90A-447B-9278-23AE1146B8CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9B89D8C7-3D73-4B4C-BBCA-4A88A1B02C68}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E18B546-44B9-4F45-A320-EC43079C51E4}" = protocol=1 | dir=in | [email protected],-28543 |
"{A1B33E36-8C5A-4972-90C3-D5F22BEE89D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AABA5271-4B4C-42A7-A182-B1D4B3C58832}" = dir=in | app=d:\program files (x86)\vmware\vmware-hostd.exe |
"{ACE3769B-1D4D-4113-803E-14F33543363B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B91FE690-D0CA-4C5A-AB52-1C57112ED62B}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{CDC23715-AA60-4B01-8C92-B4EAC72EBAE3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D15CC48A-E058-4F83-A41D-4C48B840E1C2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D1A7DB6C-0AC7-473B-92C8-549DFFC88A9B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D23D8CCF-7887-4E30-B4DF-34471CB83288}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{D996C142-0F60-42C0-9354-11BD9CDC6695}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DC609DD5-DB2F-42B6-89E2-64B6D775D503}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{EA0D9358-13A0-46EA-97AD-E2477B2E9549}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{F190F0E5-10BF-46ED-9561-6DC4C3A5651B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{44C80B6E-E52F-4434-98AA-A150D090585B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{4AC70FFB-56F9-43D2-8CA8-FAEB940DC485}D:\program files (x86)\gameforgelive\games\pol_pol\priv moj\metin2.bin" = protocol=6 | dir=in | app=d:\program files (x86)\gameforgelive\games\pol_pol\priv moj\metin2.bin |
"UDP Query User{34594596-11D9-4FAA-9836-859E0D918572}D:\program files (x86)\gameforgelive\games\pol_pol\priv moj\metin2.bin" = protocol=17 | dir=in | app=d:\program files (x86)\gameforgelive\games\pol_pol\priv moj\metin2.bin |
"UDP Query User{4E9F9999-B26D-41E5-96FD-E36C39E82C98}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Oprogramowanie Intel® PROSet/Wireless WiFi
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D01C998-0062-41DC-BF80-BB4C3566851F}" = Ableton Live 9 Suite
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{94C42BE9-B62A-3558-A793-AD49B354F7AA}" = Microsoft .NET Framework 4.5 PLK Language Pack
"{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"CCleaner" = CCleaner
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{37993A79-5D36-4227-B8E8-9BDE95B2CE45}" = Bolek i Lolek - Alfabet i nauka czytania
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Obsługa programów Apple
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{99A016E1-0840-43AE-8434-A18CEDFA833B}" = LogMeIn Hamachi
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2C21F60-523D-4FC7-90AF-AE2707E45AFE}" = Rybki z Ferajny
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ALLPlayer_is1" = ALLPlayer V5.X
"AutoItv3" = AutoIt v3.3.8.1
"avast" = avast! Internet Security
"Barbie z Jeziora Łabędziego" = Barbie z Jeziora Łabędziego
"DAEMON Tools Lite" = DAEMON Tools Lite
"Game Booster_is1" = Game Booster 3
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{A2C21F60-523D-4FC7-90AF-AE2707E45AFE}" = Rybki z Ferajny
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 24.0 (x86 pl)" = Mozilla Firefox 24.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"Notepad++" = Notepad++
"Odkurzacz 13.3_is1" = Odkurzacz
"PremiumSoft Navicat 8.2 for MySQL_is1" = PremiumSoft Navicat 8.2 for MySQL
"screenSHU" = screenSHU - the fastest screen capture ever.
"SpeedyDrive" = Speedy Drive (remove only)
"Steam App 10" = Counter-Strike
"Syncrosoft's License Control" = Syncrosoft's License Control
"The Incredible Adventures of Van Helsing_is1" = The Incredible Adventures of Van Helsing
"TunnelBear" = TunnelBear 1.0.38
"uTorrent" = µTorrent
"VMware_Workstation" = VMware Workstation

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1967885626-866257224-4059253713-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{5CBD4386-2DE5-43A2-AED7-E690BF9B0F04}_is1" = eRclient 2.0.10.210

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2013-10-02 01:46:04 | Computer Name = Wesperek | Source = WinMgmt | ID = 10
Description =

Error - 2013-10-02 04:59:05 | Computer Name = Wesperek | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: EterNexus.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x51213e04 Nazwa modułu powodującego błąd: EterNexus.exe, wersja:
0.0.0.0, sygnatura czasowa: 0x51213e04 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x00002434 Identyfikator procesu powodującego błąd: 0xd94 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cebf4d847f68c3 Ścieżka aplikacji powodującej błąd: C:\Users\Darek\Downloads\Packer\EterNexus.exe
Ścieżka
modułu powodującego błąd: C:\Users\Darek\Downloads\Packer\EterNexus.exe Identyfikator
raportu: e3729108-2b40-11e3-a5ac-aec1544b2af0

Error - 2013-10-02 04:59:36 | Computer Name = Wesperek | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: EterNexus.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x51213e04 Nazwa modułu powodującego błąd: EterNexus.exe, wersja:
0.0.0.0, sygnatura czasowa: 0x51213e04 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x00002434 Identyfikator procesu powodującego błąd: 0x1534 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cebf4dad8b5d70 Ścieżka aplikacji powodującej błąd: C:\Users\Darek\Downloads\Packer\EterNexus.exe
Ścieżka
modułu powodującego błąd: C:\Users\Darek\Downloads\Packer\EterNexus.exe Identyfikator
raportu: f61ad737-2b40-11e3-a5ac-aec1544b2af0

Error - 2013-10-02 06:42:54 | Computer Name = Wesperek | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: EterNexus.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x51213e04 Nazwa modułu powodującego błąd: EterNexus.exe, wersja:
0.0.0.0, sygnatura czasowa: 0x51213e04 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x00002434 Identyfikator procesu powodującego błąd: 0xe70 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cebf5c13084499 Ścieżka aplikacji powodującej błąd: C:\Users\Darek\Downloads\Packer\EterNexus.exe
Ścieżka
modułu powodującego błąd: C:\Users\Darek\Downloads\Packer\EterNexus.exe Identyfikator
raportu: 643f9962-2b4f-11e3-a5ac-aec1544b2af0

Error - 2013-10-02 06:43:26 | Computer Name = Wesperek | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: EterNexus.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x51213e04 Nazwa modułu powodującego błąd: EterNexus.exe, wersja:
0.0.0.0, sygnatura czasowa: 0x51213e04 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x00002434 Identyfikator procesu powodującego błąd: 0x1d8 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cebf5c2fc19804 Ścieżka aplikacji powodującej błąd: C:\Users\Darek\Downloads\Packer\EterNexus.exe
Ścieżka
modułu powodującego błąd: C:\Users\Darek\Downloads\Packer\EterNexus.exe Identyfikator
raportu: 7768d145-2b4f-11e3-a5ac-aec1544b2af0

Error - 2013-10-02 07:16:35 | Computer Name = Wesperek | Source = WinMgmt | ID = 10
Description =

Error - 2013-10-02 08:29:20 | Computer Name = Wesperek | Source = BstHdAndroidSvc | ID = 0
Description = Nie można zamknąć usługi. Wystąpił błąd: System.InvalidOperationException:
Element UpdatePendingStatus można wywołać tylko podczas obsługi poleceń Uruchom,
Zatrzymaj, Wstrzymaj i Kontynuuj. w System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32
milliseconds) w BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process
proc, String name) w BlueStacks.hyperDroid.Service.Service.OnStop() w BlueStacks.hyperDroid.Service.Service.OnShutdown()

w System.ServiceProcess.ServiceBase.DeferredShutdown().

Error - 2013-10-02 10:32:36 | Computer Name = Wesperek | Source = WinMgmt | ID = 10
Description =

Error - 2013-10-03 05:29:05 | Computer Name = Wesperek | Source = WinMgmt | ID = 10
Description =

Error - 2013-10-04 03:52:13 | Computer Name = Wesperek | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2013-07-26 08:20:42 | Computer Name = Wesperek | Source = DCOM | ID = 10010
Description =

Error - 2013-07-26 13:39:50 | Computer Name = Wesperek | Source = Microsoft-Windows-Application-Experience | ID = 205
Description = Usługa Asystent zgodności programów nie może wykonać inicjowania fazy
drugiej.

Error - 2013-07-27 02:32:48 | Computer Name = Wesperek | Source = DCOM | ID = 10010
Description =

Error - 2013-07-27 05:54:42 | Computer Name = Wesperek | Source = DCOM | ID = 10010
Description =

Error - 2013-07-27 11:54:53 | Computer Name = Wesperek | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
z usługi ShellHWDetection.

Error - 2013-07-27 11:54:58 | Computer Name = Wesperek | Source = DCOM | ID = 10010
Description =

Error - 2013-07-29 14:06:13 | Computer Name = Wesperek | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
z usługi PNRPsvc.

Error - 2013-07-29 14:06:13 | Computer Name = Wesperek | Source = DCOM | ID = 10010
Description =

Error - 2013-07-29 14:06:14 | Computer Name = Wesperek | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Protokół rozpoznawania nazw równorzędnych
z powodu następującego błędu: %%1053

Error - 2013-07-29 14:06:15 | Computer Name = Wesperek | Source = Service Control Manager | ID = 7001
Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania
nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%1053

< End of report >

Janusz. · 4 Października 2013

tutaj ci nikt nie sprawdzi. chętnie bym to zrobił ale nadal się uczę i nie chce ci nic naknocić polecam napisać na innych forach (jeśli jakiś mod ma coś do tych for to niech linki usunie, chce mu tylko pomóc. ) elektroda.pl albo forum.dobreprogramy.pl

Niecodzienny · 4 Października 2013

tutaj ci nikt nie sprawdzi. chętnie bym to zrobił ale nadal się uczę i nie chce ci nic naknocić polecam napisać na innych forach (jeśli jakiś mod ma coś do tych for to niech linki usunie, chce mu tylko pomóc. ) elektroda.pl albo forum.dobreprogramy.pl

FreshMaker sprawdza logi

Janusz. · 4 Października 2013

Fr3sha na forum nie było od ponad pół roku.

// żadnych tolbarów czy innych syfów w przeglądarkach nie masz więc adwcleanera nie musisz używać :3

natan1234 · 4 Października 2013

a po co ci sprawdzić ? jakiś virus czy cos

Niecodzienny · 4 Października 2013

a po co ci sprawdzić ? jakiś virus czy cos

Ch*j wie. Strasznie mi muli lapek ;x. A system pare tyg temu stawiany ( oczywiscie oryginal, bo to forum nie popiera piractwa )

@ 2 UP adwcleaner i odkurzacza urzywam prawie codziennie. Ale to nie uchroni przed wszystkim

To FreshMaker byl mentaorem, pomagal. Trudno ze go nie ma Spoko typek . Zobaczymy na inne forum, co powiedza.

Temat do zamkniecia

Zaloguj się

👋 Witaj na MPCForum!

Prosze o sprawdzenie logow OTL

Rekomendowane odpowiedzi

Niecodzienny

Niecodzienny

Janusz.

Janusz.

Niecodzienny

Niecodzienny

Janusz.

Janusz.

natan1234

natan1234

Niecodzienny

Niecodzienny

Zarchiwizowany