• Ogłoszenie:

Wolne dzialanie oraz przywieszki

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Wolne dzialanie oraz przywieszki

Postprzez Okocza 17 Gru 2014, 22:35

reklama
Cześć,

Mam problem z zawieszkami systemu, spowolnieniem nawet przy przeglądaniu dwóch kart w google chrome. W podpisie mój komp.

ponizej moje logi:

Kod: Zaznacz wszystko
OTL logfile created on: 2014-12-17 20:45:36 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mariusz\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,93 Gb Total Physical Memory | 0,37 Gb Available Physical Memory | 19,42% Memory free
3,86 Gb Paging File | 1,71 Gb Available in Paging File | 44,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 43,95 Gb Total Space | 3,03 Gb Free Space | 6,88% Space Free | Partition Type: NTFS
Drive D: | 239,50 Gb Total Space | 42,32 Gb Free Space | 17,67% Space Free | Partition Type: NTFS
Drive E: | 2,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 14,55 Gb Total Space | 1,14 Gb Free Space | 7,85% Space Free | Partition Type: NTFS

Computer Name: TEARGAS666 | User Name: Mariusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014-12-17 20:41:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mariusz\Desktop\OTL.exe
PRC - [2014-12-09 04:45:28 | 039,207,112 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014-11-18 19:46:48 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
PRC - [2014-06-02 11:37:25 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2014-06-02 11:37:16 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-02-24 15:27:06 | 001,343,408 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2011-06-01 16:57:16 | 000,561,984 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
PRC - [2010-08-10 16:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010-08-10 16:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010-08-10 16:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2009-12-23 16:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009-12-23 16:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014-12-17 20:17:27 | 000,043,008 | ---- | M] () -- c:\users\mariusz\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplppebt.dll
MOD - [2014-11-25 07:39:24 | 009,009,480 | ---- | M] () -- C:\Users\Mariusz\AppData\Local\Google\Chrome\Application\39.0.2171.71\pdf.dll
MOD - [2014-11-25 07:39:20 | 001,077,064 | ---- | M] () -- C:\Users\Mariusz\AppData\Local\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
MOD - [2014-11-25 07:39:18 | 000,211,272 | ---- | M] () -- C:\Users\Mariusz\AppData\Local\Google\Chrome\Application\39.0.2171.71\libegl.dll
MOD - [2014-11-25 07:39:17 | 001,677,128 | ---- | M] () -- C:\Users\Mariusz\AppData\Local\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
MOD - [2014-11-16 20:23:09 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll
MOD - [2014-10-22 01:22:50 | 000,750,080 | ---- | M] () -- C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2014-10-22 01:22:50 | 000,047,616 | ---- | M] () -- C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2014-10-22 01:22:48 | 000,863,744 | ---- | M] () -- C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
MOD - [2014-10-22 01:22:46 | 000,200,704 | ---- | M] () -- C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
MOD - [2014-10-18 21:22:38 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014-10-18 21:22:30 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014-10-18 21:22:25 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014-10-18 21:22:20 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014-10-18 21:22:07 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014-10-18 21:22:03 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014-09-12 19:05:58 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013-07-08 13:46:03 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-12-17 10:24:04 | 000,066,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\SmartCom\DragnDropCopyHook.dll
MOD - [2009-05-20 13:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014-06-04 18:23:54 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014-02-24 15:27:06 | 001,343,408 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010-01-22 08:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014-12-17 20:37:32 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-11-18 21:23:34 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-11-14 03:42:30 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-10-02 17:43:58 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2014-06-26 17:25:58 | 001,771,560 | ---- | M] (pdfforge GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\PDF Architect 2\ws.exe -- (PDF Architect 2)
SRV - [2014-06-26 17:25:58 | 000,861,736 | ---- | M] (pdfforge GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe -- (pdfforge CrashHandler)
SRV - [2014-06-02 11:37:25 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2014-06-02 11:37:16 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-03-20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013-09-11 20:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-08-10 16:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2009-12-23 16:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2014-12-07 11:37:55 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2014-07-28 13:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2014-01-22 07:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2013-09-17 13:17:38 | 000,239,320 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2013-09-17 13:17:38 | 000,220,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2013-09-17 13:17:38 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2013-09-17 13:17:38 | 000,062,136 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2013-09-17 13:17:38 | 000,044,120 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:[b]64bit:[/b] - [2012-08-21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-02-08 08:01:01 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:[b]64bit:[/b] - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-03-31 17:54:36 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2010-03-01 14:20:56 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2010-01-22 08:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010-01-22 07:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2009-12-17 09:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009-12-10 18:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009-08-05 16:03:02 | 000,032,256 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokiappo.sys -- (nokiappo)
DRV:[b]64bit:[/b] - [2009-08-05 16:03:02 | 000,022,528 | ---- | M] (Icera Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nokiacpo.sys -- (nokiacpo)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013-11-21 09:22:10 | 000,115,448 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp3
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp3
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp3
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1.1
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\PDF Architect 2: C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mariusz\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mariusz\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-06-01 12:25:49 | 000,000,000 | ---D | M]

[2014-11-23 20:07:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mariusz\AppData\Roaming\mozilla\Extensions
[2014-11-25 21:41:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mariusz\AppData\Roaming\mozilla\Firefox\Profiles\y55fh7sd.default\extensions
[2014-11-23 20:07:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-11-23 20:07:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome  ==========[/color]

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.8_0\
CHR - Extension: No name found = C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.23_0\
CHR - Extension: No name found = C:\Users\Mariusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - Startup: C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9:[b]64bit:[/b] - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDEFDFAC-ADD1-468C-9B8F-9A2B07DDC700}: DhcpNameServer = 62.179.1.63 62.179.1.62
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-10-06 10:12:40 | 001,567,576 | R--- | M] () - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008-05-19 17:42:26 | 000,000,051 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{33ec2b09-e980-11e3-9525-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{33ec2b09-e980-11e3-9525-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2009-10-06 10:12:40 | 001,567,576 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014-12-17 20:41:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mariusz\Desktop\OTL.exe
[2014-12-07 17:47:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014-12-07 16:27:01 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2014-12-07 16:27:01 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2014-12-07 16:27:01 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2014-12-07 16:27:01 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2014-12-07 16:27:00 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2014-12-07 16:27:00 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014-12-07 16:26:59 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2014-12-07 16:26:59 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014-12-07 16:26:58 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014-12-07 16:26:58 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2014-12-07 16:26:58 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2014-12-07 16:26:58 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2014-12-07 16:26:58 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2014-12-07 16:26:58 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2014-12-07 16:26:57 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2014-12-07 16:26:57 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014-12-07 16:26:56 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014-12-07 16:26:56 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2014-12-07 16:26:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2014-12-07 16:26:56 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014-12-07 16:26:56 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014-12-07 16:26:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2014-12-07 16:26:56 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014-12-07 16:26:56 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2014-12-07 16:26:55 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014-12-07 16:26:55 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2014-12-07 16:26:55 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2014-12-07 16:26:55 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014-12-07 16:26:54 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014-12-07 16:26:54 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2014-12-07 16:26:51 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014-12-07 16:26:51 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2014-12-07 16:26:50 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2014-12-07 16:26:50 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2014-12-07 16:26:50 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014-12-07 16:26:50 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2014-12-07 16:26:49 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014-12-07 16:26:49 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2014-12-07 16:26:48 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014-12-07 16:26:48 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2014-12-07 16:26:48 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014-12-07 16:26:48 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2014-12-07 16:26:46 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014-12-07 16:26:46 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2014-12-07 16:26:46 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014-12-07 16:26:46 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2014-12-07 16:26:46 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014-12-07 16:26:46 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2014-12-07 16:26:45 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2014-12-07 16:26:45 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014-12-07 16:26:45 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014-12-07 16:26:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2014-12-07 16:26:44 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014-12-07 16:26:44 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2014-12-07 16:26:44 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014-12-07 16:26:44 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2014-12-07 16:26:43 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014-12-07 16:26:43 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2014-12-07 16:26:42 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014-12-07 16:26:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2014-12-07 16:26:42 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2014-12-07 16:26:42 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014-12-07 16:26:42 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014-12-07 16:26:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2014-12-07 16:26:41 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014-12-07 16:26:41 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2014-12-07 16:26:41 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014-12-07 16:26:41 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2014-12-07 16:26:41 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014-12-07 16:26:41 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2014-12-07 16:26:40 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014-12-07 16:26:40 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2014-12-07 16:26:40 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014-12-07 16:26:40 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2014-12-07 16:26:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2014-12-07 16:26:40 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014-12-07 16:26:37 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014-12-07 16:26:37 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2014-12-07 16:26:37 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014-12-07 16:26:37 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2014-12-07 16:26:37 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014-12-07 16:26:37 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2014-12-07 16:26:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2014-12-07 16:26:36 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014-12-07 16:26:36 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014-12-07 16:26:36 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2014-12-07 16:26:35 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014-12-07 16:26:35 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2014-12-07 16:26:35 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014-12-07 16:26:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2014-12-07 16:26:33 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014-12-07 16:26:33 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2014-12-07 16:26:32 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014-12-07 16:26:32 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2014-12-07 16:26:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2014-12-07 16:26:32 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014-12-07 16:26:32 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014-12-07 16:26:32 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2014-12-07 16:26:31 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014-12-07 16:26:31 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2014-12-07 16:26:31 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014-12-07 16:26:31 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2014-12-07 16:26:30 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014-12-07 16:26:30 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2014-12-07 16:26:29 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014-12-07 16:26:29 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014-12-07 16:26:27 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014-12-07 16:26:27 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014-12-07 16:26:27 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014-12-07 16:26:27 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014-12-07 16:26:26 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014-12-07 16:26:26 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014-12-07 16:26:25 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014-12-07 16:26:25 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014-12-07 16:26:24 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014-12-07 16:26:24 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014-12-07 16:26:24 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014-12-07 16:26:24 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014-12-07 16:26:22 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014-12-07 16:26:22 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014-12-07 16:26:22 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014-12-07 16:26:22 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014-12-07 16:26:22 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014-12-07 16:26:22 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014-12-07 16:26:21 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014-12-07 16:26:21 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014-12-07 16:26:21 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014-12-07 16:26:21 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014-12-07 16:26:19 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014-12-07 16:26:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014-12-07 16:26:18 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014-12-07 16:26:17 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014-12-07 16:26:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014-12-07 16:26:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014-12-07 16:26:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014-12-07 16:26:17 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014-12-07 16:26:17 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014-12-07 16:26:15 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014-12-07 16:26:15 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014-12-07 16:26:14 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014-12-07 16:26:14 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014-12-07 16:26:14 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014-12-07 16:26:14 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014-12-07 16:26:13 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014-12-07 16:26:13 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014-12-07 16:26:12 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014-12-07 16:26:12 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2014-12-07 16:26:11 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014-12-07 16:26:11 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014-12-07 16:26:11 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014-12-07 16:26:11 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014-12-07 16:26:10 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014-12-07 16:26:10 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014-12-07 16:26:10 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014-12-07 16:26:10 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014-12-07 16:26:09 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014-12-07 16:26:09 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014-12-07 16:26:09 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014-12-07 16:26:09 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014-12-07 16:26:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014-12-07 16:26:09 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014-12-07 16:26:08 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014-12-07 16:26:08 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014-12-07 16:26:01 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014-12-07 16:26:01 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014-12-07 16:26:00 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014-12-07 16:26:00 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014-12-07 16:26:00 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014-12-07 16:26:00 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014-12-07 16:25:58 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014-12-07 16:25:58 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014-12-07 16:25:57 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014-12-07 16:25:57 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014-12-07 16:25:56 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014-12-07 16:25:56 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014-12-07 16:25:55 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014-12-07 16:25:55 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014-12-07 16:25:55 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014-12-07 16:25:55 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014-12-07 16:25:54 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014-12-07 16:25:54 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014-12-07 11:53:10 | 000,000,000 | ---D | C] -- C:\Users\Mariusz\AppData\Roaming\Tropico 5
[2014-12-07 11:48:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014-12-07 11:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repack by Fenixx
[2014-12-07 11:37:55 | 000,386,680 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2014-12-05 20:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014-12-05 20:47:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2014-12-05 20:47:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014-12-05 20:37:20 | 000,000,000 | ---D | C] -- C:\Users\Mariusz\AppData\Roaming\Thinstall
[2014-12-05 20:28:37 | 001,725,776 | ---- | C] (BitTorrent Inc.) -- C:\Users\Mariusz\Desktop\uTorrent.exe
[2014-11-23 20:15:04 | 000,000,000 | ---D | C] -- C:\Users\Mariusz\AppData\Roaming\Macromedia
[2014-11-23 20:15:04 | 000,000,000 | ---D | C] -- C:\Users\Mariusz\AppData\Local\Macromedia
[2014-11-23 20:13:40 | 000,701,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-11-23 20:13:40 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-11-23 20:13:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014-11-23 20:07:51 | 000,000,000 | ---D | C] -- C:\Users\Mariusz\AppData\Roaming\Mozilla
[2014-11-23 20:07:51 | 000,000,000 | ---D | C] -- C:\Users\Mariusz\AppData\Local\Mozilla
[2014-11-23 20:07:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014-11-23 20:07:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014-11-23 20:07:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014-11-23 14:47:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2014-11-23 13:40:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2014-11-23 13:40:44 | 000,000,000 | ---D | C] -- C:\Users\Mariusz\AppData\Local\Last.fm
[2014-11-23 13:40:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Last.fm
[2014-11-23 12:49:39 | 000,000,000 | ---D | C] -- C:\Users\Mariusz\AppData\Local\Spotify
[2014-11-23 12:49:22 | 000,000,000 | ---D | C] -- C:\Users\Mariusz\AppData\Roaming\Spotify

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014-12-17 20:52:02 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8bdb15e8af6a.job
[2014-12-17 20:47:29 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1827364687-1117648312-291519731-1000Core.job
[2014-12-17 20:47:15 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1827364687-1117648312-291519731-1000UA1cf92356e2b9fcc.job
[2014-12-17 20:47:04 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1827364687-1117648312-291519731-1000UA1d001d57a134902.job
[2014-12-17 20:41:19 | 000,380,416 | ---- | M] () -- C:\Users\Mariusz\Desktop\j8ys8t3e.exe
[2014-12-17 20:41:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mariusz\Desktop\OTL.exe
[2014-12-17 20:37:51 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-12-17 20:37:22 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-12-17 20:37:22 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-12-17 20:18:24 | 000,001,143 | ---- | M] () -- C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014-12-17 20:17:08 | 000,036,368 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-12-17 20:17:08 | 000,036,368 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-12-17 20:10:37 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-12-17 20:10:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-12-17 20:10:14 | 1552,973,824 | -HS- | M] () -- C:\hiberfil.sys
[2014-12-07 21:18:46 | 000,686,290 | ---- | M] () -- C:\Users\Mariusz\Desktop\Christmas-Decorating-Ideas-Wallpapers.jpg
[2014-12-07 17:52:47 | 002,292,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-12-07 12:45:31 | 000,000,222 | ---- | M] () -- C:\Users\Mariusz\Desktop\Football Manager 2015.url
[2014-12-07 11:48:33 | 000,000,920 | ---- | M] () -- C:\Users\Public\Desktop\Tropico 5.Special Edition.v 1.1.0.0.lnk
[2014-12-07 11:37:55 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2014-12-06 13:39:10 | 1664,882,688 | R--- | M] () -- C:\Users\Mariusz\Desktop\TROPICO 5 SPECIAL EDITION [ 2014 ]  REPACK.iso
[2014-12-05 20:32:55 | 000,119,307 | ---- | M] () -- C:\Users\Mariusz\Desktop\Football.Manager.2015.PROPER.v.15.0.2.3DM.torrent
[2014-12-05 20:30:17 | 000,015,035 | ---- | M] () -- C:\Users\Mariusz\Desktop\Male.Stluczki.2014.PL.WEB-DLRip.x264-LLO.mkv.torrent
[2014-12-05 20:29:48 | 000,000,983 | ---- | M] () -- C:\Users\Mariusz\Desktop\µTorrent.lnk
[2014-12-05 20:28:44 | 001,725,776 | ---- | M] (BitTorrent Inc.) -- C:\Users\Mariusz\Desktop\uTorrent.exe
[2014-11-30 21:01:10 | 000,047,865 | ---- | M] () -- C:\Users\Mariusz\Desktop\8953_864168883623067_3519367690855604250_n.jpg
[2014-11-30 21:00:50 | 000,046,764 | ---- | M] () -- C:\Users\Mariusz\Desktop\10805699_873411319365490_5573110149098050353_n.jpg
[2014-11-30 20:58:24 | 000,065,540 | ---- | M] () -- C:\Users\Mariusz\Desktop\382551_449384915080076_1720865707_n.jpg
[2014-11-29 19:54:06 | 000,015,717 | ---- | M] () -- C:\Users\Mariusz\Desktop\lista.odt
[2014-11-27 21:29:52 | 001,694,026 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-11-27 21:29:52 | 000,752,400 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-11-27 21:29:52 | 000,658,006 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-11-27 21:29:52 | 000,159,714 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-11-27 21:29:52 | 000,125,686 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-11-26 22:06:59 | 000,004,836 | ---- | M] () -- C:\Users\Mariusz\Desktop\szkolenie z fejsbuka.png
[2014-11-23 20:07:45 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-11-23 13:40:48 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2014-11-23 12:49:38 | 000,001,817 | ---- | M] () -- C:\Users\Mariusz\Desktop\Spotify.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014-12-17 20:41:17 | 000,380,416 | ---- | C] () -- C:\Users\Mariusz\Desktop\j8ys8t3e.exe
[2014-12-17 20:18:24 | 000,001,143 | ---- | C] () -- C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014-12-07 21:18:36 | 000,686,290 | ---- | C] () -- C:\Users\Mariusz\Desktop\Christmas-Decorating-Ideas-Wallpapers.jpg
[2014-12-07 12:45:30 | 000,000,222 | ---- | C] () -- C:\Users\Mariusz\Desktop\Football Manager 2015.url
[2014-12-07 11:48:33 | 000,000,920 | ---- | C] () -- C:\Users\Public\Desktop\Tropico 5.Special Edition.v 1.1.0.0.lnk
[2014-12-06 13:21:12 | 1664,882,688 | R--- | C] () -- C:\Users\Mariusz\Desktop\TROPICO 5 SPECIAL EDITION [ 2014 ]  REPACK.iso
[2014-12-05 20:32:55 | 000,119,307 | ---- | C] () -- C:\Users\Mariusz\Desktop\Football.Manager.2015.PROPER.v.15.0.2.3DM.torrent
[2014-12-05 20:30:17 | 000,015,035 | ---- | C] () -- C:\Users\Mariusz\Desktop\Male.Stluczki.2014.PL.WEB-DLRip.x264-LLO.mkv.torrent
[2014-12-05 20:29:48 | 000,000,983 | ---- | C] () -- C:\Users\Mariusz\Desktop\µTorrent.lnk
[2014-12-05 20:29:48 | 000,000,969 | ---- | C] () -- C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent.lnk
[2014-11-30 21:01:05 | 000,047,865 | ---- | C] () -- C:\Users\Mariusz\Desktop\8953_864168883623067_3519367690855604250_n.jpg
[2014-11-30 21:00:47 | 000,046,764 | ---- | C] () -- C:\Users\Mariusz\Desktop\10805699_873411319365490_5573110149098050353_n.jpg
[2014-11-30 20:58:13 | 000,065,540 | ---- | C] () -- C:\Users\Mariusz\Desktop\382551_449384915080076_1720865707_n.jpg
[2014-11-26 22:06:58 | 000,004,836 | ---- | C] () -- C:\Users\Mariusz\Desktop\szkolenie z fejsbuka.png
[2014-11-25 21:29:34 | 000,015,717 | ---- | C] () -- C:\Users\Mariusz\Desktop\lista.odt
[2014-11-23 20:13:41 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-11-23 20:07:45 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014-11-23 20:07:45 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-11-23 13:40:48 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
[2014-11-23 12:49:38 | 000,001,817 | ---- | C] () -- C:\Users\Mariusz\Desktop\Spotify.lnk
[2014-11-23 12:49:38 | 000,001,803 | ---- | C] () -- C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014-07-21 19:59:51 | 000,000,320 | ---- | C] () -- C:\Users\Mariusz\AppData\Local\FSCache.dat
[2014-06-15 20:33:16 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2014-06-15 20:33:16 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2014-06-13 15:47:17 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2014-06-04 18:42:57 | 001,666,816 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-06-03 20:02:15 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\ssdevm.dll
[2014-06-02 11:37:18 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-06-02 11:37:16 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014-06-01 12:31:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014-06-01 12:19:59 | 000,000,000 | ---- | C] () -- C:\Windows\Setup.INI

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-06-25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >


Kod: Zaznacz wszystko
OTL Extras logfile created on: 2014-12-17 20:45:36 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mariusz\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,93 Gb Total Physical Memory | 0,37 Gb Available Physical Memory | 19,42% Memory free
3,86 Gb Paging File | 1,71 Gb Available in Paging File | 44,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 43,95 Gb Total Space | 3,03 Gb Free Space | 6,88% Space Free | Partition Type: NTFS
Drive D: | 239,50 Gb Total Space | 42,32 Gb Free Space | 17,67% Space Free | Partition Type: NTFS
Drive E: | 2,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 14,55 Gb Total Space | 1,14 Gb Free Space | 7,85% Space Free | Partition Type: NTFS

Computer Name: TEARGAS666 | User Name: Mariusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FDCBECB-50D7-4E4E-B281-915F35684AFD}" = rport=138 | protocol=17 | dir=out | app=system |
"{10AF0EF5-7780-47C7-9B86-0FA8EFD7B4C7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{10CDDD06-5F41-4061-B764-464AE60D7F51}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{142B70BF-23EC-4F74-A2AF-7D64D7B76D03}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{27F289B0-3452-47BA-8C82-B1B254983EC8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{31EFB878-A5BB-4217-B82B-859F8A6EABF5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3BBD33A6-3323-4B96-BE52-C1C5A6CF8562}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{45D3F9D7-0F3D-48E7-B390-A39F9F1B8CBB}" = rport=139 | protocol=6 | dir=out | app=system |
"{552A9B81-4350-4AED-9588-C3B5A0B9FF12}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5596AB5D-2EBE-48B8-82CC-AAA742A19838}" = lport=138 | protocol=17 | dir=in | app=system |
"{62630DEF-F60A-422B-BFF6-D96C3CE996D0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{82002411-243C-44C4-A199-162B19100035}" = lport=2869 | protocol=6 | dir=in | app=system |
"{842D7D0D-AAB7-4B81-95E8-AB13E630DC15}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{8FB8115E-217D-4139-A4E6-D9736E57C43A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A116380A-D8AC-4F1C-B3C7-336FCCB0A428}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C085099E-0C7A-46D1-A3AD-A339B7BE0A96}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C556B8E1-CC3D-47B1-9BC0-23E7C2864555}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D012B9A6-9858-41B4-B0BC-9BAC332B670C}" = lport=139 | protocol=6 | dir=in | app=system |
"{D0FFDCEC-3475-40D6-88E8-ACCEC3D26C8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D2C9A3C8-45AF-490D-96A0-4B2CB505A5FA}" = lport=137 | protocol=17 | dir=in | app=system |
"{D7918D26-6F52-4281-8ACF-062C86B10AD3}" = lport=445 | protocol=6 | dir=in | app=system |
"{D7D68578-DCE7-4676-812C-BB6980F0884B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E52B6D22-352B-448F-B720-D2D8F88F4863}" = rport=137 | protocol=17 | dir=out | app=system |
"{E5573D31-F105-45C1-A50E-EF5B5B6AA41A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E9F0FD5E-C2C5-4110-8158-836BDC4F98DD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F78D680E-C87B-477F-B38B-EE01005D382A}" = rport=445 | protocol=6 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040239BB-7CDB-48BA-96D0-D2CAABFD88D2}" = protocol=17 | dir=in | app=c:\users\mariusz\appdata\roaming\dropbox\bin\dropbox.exe |
"{075008DF-26E3-43CA-93E6-20607475BB0C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{092AFCEC-5ABD-4D4F-B403-D2EC2CADD387}" = protocol=17 | dir=in | app=d:\origin\fifa world\fifaworld.exe |
"{0F2B5573-6DA8-4378-85D5-2086D310C8CF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{10C5737B-3841-4B64-B89B-7435F516992F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{130F4437-1B05-4D07-B4AC-7664A4363C00}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1CF528A9-4587-4392-B0F5-8A1CD7C64308}" = protocol=17 | dir=in | app=c:\users\mariusz\appdata\roaming\utorrent\utorrent.exe |
"{20D3A3C6-FF0A-4AAD-8423-5DC9CDCEE498}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{25D57416-F6F1-41CE-830B-3288A67FD54E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2DF6B512-2EB7-4D59-A7F0-BDFBF79D590C}" = protocol=6 | dir=in | app=d:\origin\fifa world\fifaworld.exe |
"{391A445F-80E2-47BB-A1F6-DC28E6807290}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3A9F1FA3-0848-46DF-BF59-1AF379698F9C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\football manager 2013\fm.exe |
"{3DF6E40A-F006-45AA-9C9B-43551CB36A8E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3EB59D0C-B653-4C89-A65A-3E63C8F49527}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{47B47680-1F3B-43A8-938F-8BBC2B649A09}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4D2149D7-CA8B-48B4-8B1B-C306CB4E9BF9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{51B25C99-D0F9-4C7B-9CB1-3CEB582FBA96}" = protocol=17 | dir=out | app=c:\users\mariusz\appdata\roaming\utorrent\utorrent.exe |
"{58CF151F-2425-4B8F-9020-49905A4BE1AD}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\football manager 2015\fm.exe |
"{5A5D2F54-5F42-48DF-BCDA-91D6FFAA7AE3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5C89225E-C2B3-4C43-9D9D-3A1633D97C21}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\football manager 2013\fm.exe |
"{610DC911-4494-43F8-9464-E9AEEA701358}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{6BCC02E5-62A4-4DE7-8510-09B061D344D1}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{729A5744-FA08-4EB1-910E-651F3F3A5FF1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{83157B41-AE21-42E0-9FC8-92F7C345743D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8656C3D4-E7A6-49B4-8109-7B9BFC03C0F5}" = protocol=6 | dir=out | app=c:\users\mariusz\appdata\roaming\utorrent\utorrent.exe |
"{90DDA30B-0A5B-49D9-9F28-497CC7FC4EB3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{939B691D-BDCA-4B33-8A40-3FACA2D6EEB9}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{9B8207D5-9B31-457B-BDEF-3F28B44993C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFCA1A21-F370-4D8B-92B9-9DD9F135208C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B07B6012-95F0-4D78-AEB0-EBF6D4B9F7CA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B5C84967-815A-48F0-B97B-E9EFDE63201C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\football manager 2015\fm.exe |
"{B6A9CCB4-6352-4A3C-B59C-5BE80A119310}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{C1594ED4-7591-4915-92E8-0B467344B4ED}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C27D99C7-8537-4E39-A223-49BF7613AE1C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C40C5737-EB54-43D0-AA2D-3ED380DDA5A3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C5696940-D9F0-4D3B-B7E9-EF67332EFED2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CC7D30BF-C3F1-4293-87FF-FDDB48067418}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{CEA00047-15B4-44D5-99A1-9346CF6A326E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF599A5B-2C43-423F-8148-43D498934D07}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D259BACB-0F2E-43DC-B91A-1B3F5590CC8D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D5539C16-423A-4533-8497-FBD294A6F637}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D6FF41EC-BDA3-4282-B548-B6426412D679}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D80D0061-69C9-47C3-A4F7-4CA5B4656EDA}" = protocol=6 | dir=in | app=c:\users\mariusz\appdata\roaming\utorrent\utorrent.exe |
"{E9C8041B-BF57-4551-9A97-D303F0284BA8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2D1701A-FD61-41EB-8A79-FBC7868EE860}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F3BC8219-0B27-4744-B311-1459CC838C36}" = protocol=6 | dir=out | app=system |
"{FB310D8E-F155-4F73-A2A6-6E272866E9BA}" = protocol=6 | dir=in | app=c:\users\mariusz\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{71C2C000-5A95-47A3-93BF-9F8870F7459B}C:\users\mariusz\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\mariusz\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{C063F7CD-461A-4D3C-95FE-076DA5A36F0A}C:\users\mariusz\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\mariusz\appdata\roaming\dropbox\bin\dropbox.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{25058321-C33E-496B-8915-6FD64D362CAF}" = Windows Live MIME IFilter
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6096C0CC-7E19-4355-87F0-627EC5AA146D}" = iCloud
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}" = ATI Catalyst Install Manager
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B00F3D06-90CA-4388-8622-FD018675C29A}" = ESET Smart Security
"{B0B97CF2-5032-A645-7FFC-BD1E39FC4E3F}" = ccc-utility64
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F46AA0F1-E284-4878-A462-5F11B9166C0E}" = iTunes
"CCleaner" = CCleaner
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{02A414EA-0E5F-CD08-61EF-E155F31DFF76}" = Catalyst Control Center Graphics Previews Vista
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}" = IBM SPSS Statistics 19
"{08938019-97FA-1C7A-19E0-0C8D56ED7CB2}" = CCC Help Hungarian
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A4D717B-E6E8-11FA-E7D2-385EBB1A4A85}" = CCC Help Japanese
"{0BE9E708-5DC0-4963-9CFD-0AA519090E79}" = Junk Mail filter update
"{13BA5548-1065-4DBE-B115-681AFB77263B}" = CCC Help Swedish
"{16890D7F-1C77-733B-D8E4-F5D4315A5F93}" = Catalyst Control Center Localization All
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1CBDB473-E303-EFAE-88D1-6F741ACD5B31}" = CCC Help Czech
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1D8912B0-343C-EB1F-28EE-B672D444C192}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2C59BF0E-66A5-681E-60FE-8D18CE6319A1}" = CCC Help German
"{2C9D4FCA-3E7F-9368-6955-EA6D65F7DC78}" = CCC Help English
"{3788B9B7-C15F-4C64-D52B-3DD1BA494B7A}" = CCC Help Korean
"{3D200EB9-44FC-432F-1E35-C20AB5FDCD77}" = CCC Help Thai
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EEF6B1E-38AA-4F22-BA70-30A73BB06AAE}" = Photo Common
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{44D52071-5077-2839-1AE6-863563AEA269}" = CCC Help Russian
"{45FF54A4-ECD4-455D-89A2-D209737AD726}" = Poczta usługi Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BCBC4D0-1D88-462D-809E-506F34EA11C0}" = Catalyst Control Center - Branding
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{714E162E-CD4F-4F1B-8302-7F5179409C25}" = Windows Live Writer
"{78002155-F025-4070-85B3-7C0453561701}" = Obsługa programów Apple
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3
"{7EB1185B-6319-42D7-B103-707570BFB0D8}" = OpenOffice 4.1.0
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{87976D85-DBF6-F263-39B6-500ACB658CE0}" = Catalyst Control Center Graphics Full Existing
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}" = EA Sports FIFA World
"{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}" = Podstawowe programy Windows Live
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BBB29A1-C71D-DD1D-66B1-352AAAB13FC6}" = CCC Help Danish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F4D1D9E-5542-B572-81A7-9DCB0AEED1BE}" = CCC Help French
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3EF3FAD-6ABA-1551-AD3B-D09361C5EEC9}" = CCC Help Polish
"{A5101403-2C42-40E0-8D9E-5E49E7C3B89E}" = Tycoon City - New York
"{A73FBC00-44F8-0ECF-76FB-14CF62120B55}" = ccc-core-static
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AACEAAE9-9CC3-5715-4539-EB13CA3C67BA}" = CCC Help Spanish
"{AC57543E-EC54-4AB7-A18C-4B04BB1CF09A}" = Windows Live UX Platform Language Pack
"{AF91A56A-A775-4183-99C5-E9320263B612}" = Nokia Internet Modem
"{B2463AD3-1334-A30E-A523-D38E8E7B09A2}" = CCC Help Dutch
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}" = Windows Live Mail
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA2AD7F2-55AE-87B5-00DD-9B0C6F087FD0}" = Catalyst Control Center Graphics Light
"{BC940CD7-FC71-83C5-2001-CF6FD07BA3D1}" = CCC Help Chinese Traditional
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BF847A60-119D-6888-B2DA-EC62F1B66BBB}" = CCC Help Chinese Standard
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C960FF38-431D-429D-AD1F-FBD12A45B7C5}" = PDF Architect 2 View Module
"{C97396A9-44BC-C856-0B92-93A6A417D6A8}" = Catalyst Control Center Graphics Full New
"{CA10114E-3941-E8ED-70A3-17CAA2226AFC}" = CCC Help Turkish
"{CAB89605-7C12-8082-32DF-B419C696BD12}" = Catalyst Control Center Core Implementation
"{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{D98C2191-0AE0-4087-9153-018A4810DF45}" = CCC Help Norwegian
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DF7D3C5E-87FC-6AE6-D986-35E0F05FEFD9}" = CCC Help Italian
"{E0848A2E-A162-45B2-9F5A-A3921DB444C2}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EBA8538C-F0B1-A089-D555-44DBF3A47C9F}" = CCC Help Finnish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F22E305E-BD02-5CC1-92D0-BD7170CDFE45}" = CCC Help Portuguese
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FD4B3108-0915-31E1-5A7C-AC5B3C33846C}" = CCC Help Greek
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3
"Battlelog Web Plugins" = Battlelog Web Plugins
"foobar2000" = foobar2000 v1.1.11
"Foxit Reader_is1" = Foxit Reader
"LastFM_is1" = Last.fm Scrobbler 2.1.36
"LManager" = Launch Manager
"Mozilla Firefox 33.1.1 (x86 pl)" = Mozilla Firefox 33.1.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Origin" = Origin
"PDF Architect 2" = PDF Architect 2
"RollerCoaster Tycoon Setup" = Roll
"Samsung ML-2160 Series" = Samsung ML-2160 Series
"Samsung Printer Diagnostics" = Samsung Printer Diagnostics
"Samsung Printer Live Update" = Samsung Printer Live Update
"Steam" = Steam
"Steam App 207890" = Football Manager 2013
"Steam App 295270" = Football Manager 2015
"Steam App 63380" = Sniper Elite V2
"Traffic Giant Gold" = Traffic Giant Gold
"Tropico 5.Special Edition.v 1.1.0.0_is1" = Tropico 5.Special Edition.v 1.1.0.0
"UltraISO_is1" = UltraISO Premium V9.62
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Podstawowe programy Windows Live
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Spotify" = Spotify
"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2014-12-07 11:44:04 | Computer Name = teargas666 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2014-12-07 11:44:04 | Computer Name = teargas666 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 611992

Error - 2014-12-07 11:44:04 | Computer Name = teargas666 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 611992

Error - 2014-12-07 12:53:15 | Computer Name = teargas666 | Source = WinMgmt | ID = 10
Description =

Error - 2014-12-09 12:27:11 | Computer Name = teargas666 | Source = WinMgmt | ID = 10
Description =

Error - 2014-12-09 14:03:16 | Computer Name = teargas666 | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: fm.exe, wersja: 15.1.3.0, sygnatura
czasowa: 0x545f6b97  Nazwa modułu powodującego błąd: fm.exe, wersja: 15.1.3.0, sygnatura
czasowa: 0x545f6b97  Kod wyjątku: 0xc0000005  Przesunięcie błędu: 0x01f447ae  Identyfikator
procesu powodującego błąd: 0x1738  Godzina uruchomienia aplikacji powodującej błąd:
0x01d013da64cca8e9  Ścieżka aplikacji powodującej błąd: D:\steam\SteamApps\common\Football
Manager 2015\fm.exe  Ścieżka modułu powodującego błąd: D:\steam\SteamApps\common\Football
Manager 2015\fm.exe  Identyfikator raportu: a5937c03-7fcd-11e4-8342-d1eaed0845e4

Error - 2014-12-09 14:09:27 | Computer Name = teargas666 | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: fm.exe, wersja: 15.1.3.0, sygnatura
czasowa: 0x545f6b97  Nazwa modułu powodującego błąd: fm.exe, wersja: 15.1.3.0, sygnatura
czasowa: 0x545f6b97  Kod wyjątku: 0xc0000005  Przesunięcie błędu: 0x01f447ae  Identyfikator
procesu powodującego błąd: 0xf00  Godzina uruchomienia aplikacji powodującej błąd:
0x01d013db3db81867  Ścieżka aplikacji powodującej błąd: D:\Football Manager 2015\fm.exe
Ścieżka
modułu powodującego błąd: D:\Football Manager 2015\fm.exe  Identyfikator raportu:
82b2ec52-7fce-11e4-8342-d1eaed0845e4

Error - 2014-12-09 14:16:45 | Computer Name = teargas666 | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: fm.exe, wersja: 15.0.2.0, sygnatura
czasowa: 0x544a83b0  Nazwa modułu powodującego błąd: fm.exe, wersja: 15.0.2.0, sygnatura
czasowa: 0x544a83b0  Kod wyjątku: 0x80000003  Przesunięcie błędu: 0x01f447ad  Identyfikator
procesu powodującego błąd: 0xf84  Godzina uruchomienia aplikacji powodującej błąd:
0x01d013dc48f8802f  Ścieżka aplikacji powodującej błąd: D:\Football Manager 2015\fm.exe
Ścieżka
modułu powodującego błąd: D:\Football Manager 2015\fm.exe  Identyfikator raportu:
88462317-7fcf-11e4-8342-d1eaed0845e4

Error - 2014-12-10 16:24:08 | Computer Name = teargas666 | Source = WinMgmt | ID = 10
Description =

Error - 2014-12-17 15:11:20 | Computer Name = teargas666 | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2014-12-09 16:23:10 | Computer Name = teargas666 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować
następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Internet Explorer
11 dla systemu Windows 7 - wersja dla systemów opartych na procesorach x64.

Error - 2014-12-10 16:23:35 | Computer Name = teargas666 | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się.    Ścieżka
modułu: C:\Windows\system32\athExt.dll  Kod błędu: 126 

Error - 2014-12-17 15:10:26 | Computer Name = teargas666 | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się.    Ścieżka
modułu: C:\Windows\system32\athExt.dll  Kod błędu: 126 

Error - 2014-12-17 15:13:36 | Computer Name = teargas666 | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą Usługa Google Update (gupdate).

Error - 2014-12-17 15:13:36 | Computer Name = teargas666 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu
następującego błędu:   %%1053

Error - 2014-12-17 15:15:40 | Computer Name = teargas666 | Source = Service Control Manager | ID = 7022
Description = Usługa Windows Defender zawiesiła się podczas uruchamiania.

Error - 2014-12-17 15:16:42 | Computer Name = teargas666 | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
z usługi eventlog.

Error - 2014-12-17 15:17:41 | Computer Name = teargas666 | Source = Service Control Manager | ID = 7022
Description = Usługa Centrum zabezpieczeń zawiesiła się podczas uruchamiania.

Error - 2014-12-17 15:17:42 | Computer Name = teargas666 | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
z usługi eventlog.

Error - 2014-12-17 15:38:50 | Computer Name = teargas666 | Source = Schannel | ID = 36888
Description = Został wygenerowany następujący alert krytyczny: 70. Stan błędu wewnętrznego:
105.


< End of report >


Kod: Zaznacz wszystko
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-12-17 21:34:37
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.01.0 298,09GB
Running: j8ys8t3e.exe; Driver: C:\Users\Mariusz\AppData\Local\Temp\fwtoyfob.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1680] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                                                                                                     0000000076c18791 4 bytes [C2, 04, 00, 00]

---- Kernel IAT/EAT - GMER 2.1 ----

IAT      C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort]                                                                                                                                                                                [fffff88001071e94] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT      C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar]                                                                                                                                                                                       [fffff88001071c38] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT      C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar]                                                                                                                                                                                      [fffff88001072614] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT      C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong]                                                                                                                                                                                      [fffff88001072a10] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT      C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort]                                                                                                                                                                               [fffff8800107286c] \SystemRoot\System32\Drivers\sptd.sys [.text]

---- Devices - GMER 2.1 ----

Device   \FileSystem\Ntfs \Ntfs                                                                                                                                                                                                                                        fffffa80021152c0
Device   \Driver\usbehci \Device\USBPDO-1                                                                                                                                                                                                                              fffffa8004cf02c0
Device   \Driver\cdrom \Device\CdRom0                                                                                                                                                                                                                                  fffffa80048da2c0
Device   \Driver\usbehci \Device\USBFDO-0                                                                                                                                                                                                                              fffffa8004cf02c0
Device   \Driver\NetBT \Device\NetBT_Tcpip_{FDEFDFAC-ADD1-468C-9B8F-9A2B07DDC700}                                                                                                                                                                                      fffffa8004a272c0
Device   \Driver\usbehci \Device\USBFDO-1                                                                                                                                                                                                                              fffffa8004cf02c0
Device   \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                                                                                                                                       fffffa8004a272c0
Device   \Driver\usbehci \Device\USBPDO-0                                                                                                                                                                                                                              fffffa8004cf02c0

---- Threads - GMER 2.1 ----

Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [3328:3492]                                                                                                                                                                                                000007fefefca808
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [3328:3796]                                                                                                                                                                                                000007feff070168
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [3328:3812]                                                                                                                                                                                                000007fefb162bf8
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [3328:3820]                                                                                                                                                                                                000007fef1104830
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [3328:3832]                                                                                                                                                                                                000007fefdce6e60
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [3328:3836]                                                                                                                                                                                                000007fefdce6e60
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [3328:3548]                                                                                                                                                                                                000007fef89a5124
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [3328:5284]                                                                                                                                                                                                000007feff070168
---- Processes - GMER 2.1 ----

Library  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D5C13F6-5571-4D64-870F-DDE9AD5C71C2}\mpengine.dll (*** suspicious ***) @ C:\Windows\System32\svchost.exe [3632]                                                                                000007fee9840000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:46)        000000006a170000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38)            0000000069e70000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092](2014-10-22 00:22:50)                                                                                        0000000073920000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38)           0000000069a80000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (ICU I18N DLL/The ICU Project)(2014-10-22 00:22:50)                                                           000000004a900000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (ICU Common DLL/The ICU Project)(2014-10-22 00:22:50)                                                         00000000044e0000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (ICU Data DLL/The ICU Project)(2014-10-22 00:22:50)                                                           000000004ad00000
Library  c:\users\mariusz\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplppebt.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092](2014-12-17 19:17:27)                                       0000000003f80000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38)        00000000698a0000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40)         000000005fc90000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40)          0000000069680000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40)            0000000069420000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40)            0000000074330000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092](2014-10-22 00:22:50)                                                                                           0000000074630000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:46)  0000000073a70000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38)         0000000073a30000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38)   00000000738d0000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092](2014-10-22 00:22:48)                                                                       0000000069340000
Library  C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Mariusz\AppData\Roaming\Dropbox\bin\Dropbox.exe [5092](2014-10-22 00:22:46)                                                                       000000006b6b0000

---- EOF - GMER 2.1 ----


dziekuje za pomoc :)
eMachines E730G - Core i5-430M, 2GiB RAM, ATI Mobility Radeon HD5470, WD 320GiB; Cort Z-44,DR 0.09-0.42, Peavey Backstage
Mac OS X 10.7.4 Lion // Windows 7 Professional x64 // NIE POMAGAM NA PW/GG/E-MAIL
Image
"Moje Ego i Anima spotykają się i wymieniają przepisami na ciasteczka" - Maynard James Keenan
Awatar użytkownika
Okocza
~user
 
Posty: 8001
Dołączenie: 19 Mar 2006, 11:53
Pochwały: 406



Wolne dzialanie oraz przywieszki

Postprzez ordynat 17 Gru 2014, 22:59

W logach nie ma niczego podejrzanego.

Kosmetyka:
Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:
:OTL
O9:64bit: - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt.


Error - 2014-12-17 15:11:20 | Computer Name = teargas666 | Source = WinMgmt | ID = 10
Description =

Aby automatycznie rozwiązać ten problem, kliknij > Fix.it. na stronie http://support2.microsoft.com/kb/2545227/en-us
Następnie kliknij przycisk Uruchom w oknie dialogowym Pobieranie pliku i wykonaj kroki w kreatorze Fix.it.
(Link zapasowy > http://www.mediafire.com/download/6hwcm6b77098cbb/MicrosoftFixit50688.msi )
.
ordynat
~user
 
Posty: 4765
Dołączenie: 02 Kwi 2010, 11:18
Pochwały: 866




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 10 gości