Cykliczne lagowanie laptopa

[Walkerowy]

Problem ujawnia się w grach internetowych. Komputer laguje się na ułamki sekund po czym wraca do normalnej pracy i tak kilkadziesiąt razy na minutę. Proszę o pomoc w sprawdzeniu logów.

 

OTL.Txt:

 

 

OTL logfile created on: 2013-07-17 20:12:20 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\eMeM\Desktop\Pobieranie\OTL

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16635)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

1,99 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 61,98% Memory free

2,24 Gb Paging File | 1,08 Gb Available in Paging File | 48,37% Paging File free

Paging file location(s): c:\pagefile.sys 256 512 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 80,00 Gb Total Space | 9,45 Gb Free Space | 11,81% Space Free | Partition Type: NTFS

Drive D: | 152,79 Gb Total Space | 30,23 Gb Free Space | 19,79% Space Free | Partition Type: NTFS

 

Computer Name: EMEM-KOMPUTER | User Name: eMeM | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2013-07-17 20:04:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\eMeM\Desktop\Pobieranie\OTL\OTL.exe

PRC - [2013-04-23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

PRC - [2009-08-29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Users\eMeM\Local Settings\Apps\F.lux\flux.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012-11-28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2012-11-28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2009-08-29 08:00:12 | 000,966,656 | ---- | M] () -- C:\Users\eMeM\Local Settings\Apps\F.lux\flux.exe

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2013-02-08 20:30:42 | 000,359,664 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV:64bit: - [2007-02-06 11:45:30 | 000,080,384 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)

SRV - [2013-07-14 11:03:35 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013-07-02 22:17:44 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013-04-23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)

SRV - [2012-11-20 20:30:29 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2012-10-03 16:51:04 | 000,725,400 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2010-10-26 23:24:36 | 000,403,536 | ---- | M] (Logitech, Inc.) [Auto | Running] -- D:\Programy\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)

SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2013-07-17 19:36:53 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2013-01-03 10:17:38 | 000,079,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)

DRV:64bit: - [2013-01-03 10:17:38 | 000,077,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2013-01-03 10:17:38 | 000,061,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2013-01-03 10:17:38 | 000,015,752 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)

DRV:64bit: - [2012-12-13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012-09-13 07:13:42 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV:64bit: - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012-08-23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012-08-21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012-06-27 16:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)

DRV:64bit: - [2012-06-11 15:17:44 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)

DRV:64bit: - [2012-06-11 15:17:44 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)

DRV:64bit: - [2012-06-11 15:17:44 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)

DRV:64bit: - [2012-06-11 15:17:44 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)

DRV:64bit: - [2012-06-11 15:17:44 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)

DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011-10-14 15:36:02 | 000,015,552 | ---- | M] (Shaul Eizikovich) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vjoy.sys -- (vjoy)

DRV:64bit: - [2011-06-17 20:54:22 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0151.sys -- (RsFx0151)

DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011-01-15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)

DRV:64bit: - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2010-11-21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)

DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010-02-25 01:02:38 | 000,019,000 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CPQBTTN.sys -- (HBtnKey)

DRV:64bit: - [2009-11-04 05:03:56 | 000,020,032 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PPJoyBus64.sys -- (PPJoyBus)

DRV:64bit: - [2009-09-23 19:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009-06-10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)

DRV:64bit: - [2009-06-10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)

DRV:64bit: - [2009-06-10 22:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express)

DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009-04-29 08:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV:64bit: - [2008-04-24 17:25:48 | 000,402,432 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)

DRV:64bit: - [2007-12-12 14:12:32 | 000,095,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2007-12-12 14:12:32 | 000,089,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2007-12-12 14:12:32 | 000,019,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

 

IE - HKU\S-1-5-21-2379810547-2737495414-2129919692-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2379810547-2737495414-2129919692-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR

IE - HKU\S-1-5-21-2379810547-2737495414-2129919692-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2379810547-2737495414-2129919692-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..extensions.enabledAddons: quicksearch%40peter.faj:3.0.14

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programy\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: D:\Programy\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-05-05 19:26:57 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: D:\Programy\Mozilla Firefox\components [2013-07-02 22:17:37 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: D:\Programy\Mozilla Firefox\plugins [2013-07-02 22:17:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: D:\Programy\Mozilla Thunderbird\components [2013-06-25 20:12:50 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: D:\Programy\Mozilla Thunderbird\plugins

 

[2011-08-30 15:02:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eMeM\AppData\Roaming\mozilla\Extensions

[2013-01-03 12:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eMeM\AppData\Roaming\mozilla\Firefox\Profiles\5bp4k35x.default-1357209546432\extensions

[2013-07-14 22:43:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eMeM\AppData\Roaming\mozilla\Firefox\Profiles\pampk215.emem\extensions

[2013-07-14 22:43:37 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\eMeM\AppData\Roaming\mozilla\Firefox\Profiles\pampk215.emem\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}

[2013-06-29 12:40:07 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\eMeM\AppData\Roaming\mozilla\Firefox\Profiles\pampk215.emem\extensions\firefox@ghostery.com

[2013-01-03 12:56:40 | 000,054,904 | ---- | M] () (No name found) -- C:\Users\eMeM\AppData\Roaming\mozilla\firefox\profiles\5bp4k35x.default-1357209546432\extensions\quicksearch@peter.faj.xpi

[2013-02-13 20:16:37 | 000,004,366 | ---- | M] () (No name found) -- C:\Users\eMeM\AppData\Roaming\mozilla\firefox\profiles\pampk215.emem\extensions\firefox@mega.co.nz.xpi

[2013-04-25 11:27:29 | 000,060,099 | ---- | M] () (No name found) -- C:\Users\eMeM\AppData\Roaming\mozilla\firefox\profiles\pampk215.emem\extensions\quicksearch@peter.faj.xpi

[2013-05-09 14:06:23 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\eMeM\AppData\Roaming\mozilla\firefox\profiles\pampk215.emem\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2013-07-12 19:20:03 | 000,275,262 | ---- | M] () (No name found) -- C:\Users\eMeM\AppData\Roaming\mozilla\firefox\profiles\pampk215.emem\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

[2013-01-03 12:57:37 | 000,002,221 | ---- | M] () -- C:\Users\eMeM\AppData\Roaming\mozilla\firefox\profiles\5bp4k35x.default-1357209546432\searchplugins\filmweb.xml

[2013-01-03 12:58:17 | 000,001,633 | ---- | M] () -- C:\Users\eMeM\AppData\Roaming\mozilla\firefox\profiles\5bp4k35x.default-1357209546432\searchplugins\googletranslate.xml

 

========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Go\u015B\u0107\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Go\u015B\u0107\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Go\u015B\u0107\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll

CHR - plugin: GanymedeNet.Detector (Enabled) = D:\Programy\Mozilla Firefox\plugins\npganymedenet.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = D:\Programy\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

CHR - plugin: Java Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

CHR - plugin: Nokia Suite Enabler Plugin (Enabled) = C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

CHR - plugin: Java Deployment Toolkit 7.0.250.16 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

CHR - plugin: iTunes Application Detector (Enabled) = D:\Programy\iTunes\Mozilla Plugins\npitunes.dll

CHR - Extension: Dokumenty Google = C:\Users\eMeM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\

CHR - Extension: Dokumenty Google = C:\Users\eMeM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Dysk Google = C:\Users\eMeM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\

CHR - Extension: Dysk Google = C:\Users\eMeM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Users\eMeM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: YouTube = C:\Users\eMeM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Szukaj w Google = C:\Users\eMeM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Szukaj w Google = C:\Users\eMeM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: Logitech SetPoint = C:\Users\eMeM\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0\

CHR - Extension: Gmail = C:\Users\eMeM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2012-11-20 20:37:16 | 000,001,368 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1                activate.adobe.com

O1 - Hosts: 127.0.0.1                practivate.adobe.com

O1 - Hosts: 127.0.0.1                ereg.adobe.com

O1 - Hosts: 127.0.0.1                activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1                wip3.adobe.com

O1 - Hosts: 127.0.0.1                3dns-3.adobe.com

O1 - Hosts: 127.0.0.1                3dns-2.adobe.com

O1 - Hosts: 127.0.0.1                adobe-dns.adobe.com

O1 - Hosts: 127.0.0.1                adobe-dns-2.adobe.com

O1 - Hosts: 127.0.0.1                adobe-dns-3.adobe.com

O1 - Hosts: 127.0.0.1                ereg.wip3.adobe.com

O1 - Hosts: 127.0.0.1                activate-sea.adobe.com

O1 - Hosts: 127.0.0.1                wwis-dubc1-vip60.adobe.com

O1 - Hosts: 127.0.0.1                activate-sjc0.adobe.com

O1 - Hosts: 127.0.0.1                               adobe.activate.com    

O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)

O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found

O4 - HKU\S-1-5-20..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found

O4 - HKU\S-1-5-21-2379810547-2737495414-2129919692-1000..\Run: [F.lux] C:\Users\eMeM\Local Settings\Apps\F.lux\flux.exe ()

O4 - Startup: C:\Users\eMeM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-2379810547-2737495414-2129919692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3

O7 - HKU\S-1-5-21-2379810547-2737495414-2129919692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.213.112.4 130.67.15.198

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D40224D-17C7-4509-88F8-3B488A83DC64}: DhcpNameServer = 193.213.112.4 130.67.15.198

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{5f0ffd89-ec7d-11e1-aedc-b6468845db07}\Shell - "" = AutoRun

O33 - MountPoints2\{5f0ffd89-ec7d-11e1-aedc-b6468845db07}\Shell\AutoRun\command - "" = G:\NokiaPCIA_Autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013-07-17 19:36:53 | 000,564,824 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys

[2013-07-16 14:31:03 | 000,000,000 | ---D | C] -- C:\Users\eMeM\AppData\Local\Google

[2013-07-16 11:48:42 | 000,000,000 | ---D | C] -- C:\Users\eMeM\Desktop\Ola

[2013-07-10 23:36:21 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013-07-10 23:36:21 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2013-07-10 23:36:20 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2013-07-10 23:36:20 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2013-07-10 23:36:20 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2013-07-10 23:36:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2013-07-10 23:36:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2013-07-10 23:36:20 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2013-07-10 23:36:20 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2013-07-10 23:36:20 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2013-07-10 23:36:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2013-07-10 23:36:18 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2013-07-10 23:36:18 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2013-07-10 23:36:18 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2013-07-10 23:36:17 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2013-07-10 09:55:52 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll

[2013-07-10 09:55:52 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll

[2013-07-10 09:55:49 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL

[2013-07-10 09:55:47 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL

[2013-07-10 09:55:11 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll

[2013-06-22 00:55:04 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2013-06-22 00:54:54 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2013-06-22 00:54:54 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2013-06-22 00:54:54 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2013-06-20 16:41:38 | 000,000,000 | ---D | C] -- C:\Plugins

 

========== Files - Modified Within 30 Days ==========

 

[2013-07-17 20:11:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013-07-17 19:47:39 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013-07-17 19:47:39 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013-07-17 19:40:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013-07-17 19:40:02 | 1603,772,416 | -HS- | M] () -- C:\hiberfil.sys

[2013-07-17 19:36:53 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys

[2013-07-16 14:31:18 | 000,002,660 | ---- | M] () -- C:\Users\eMeM\Desktop\Google Chrome.lnk

[2013-07-16 12:30:19 | 000,217,253 | ---- | M] () -- C:\Users\eMeM\Desktop\RyanairBoardingPass.pdf

[2013-07-16 12:14:52 | 000,529,767 | ---- | M] () -- C:\Users\eMeM\Desktop\Itinerary - Ryanair.pdf

[2013-07-15 14:48:12 | 000,347,112 | ---- | M] () -- C:\Users\eMeM\Desktop\CV english - Ola.pdf

[2013-07-15 14:17:25 | 000,447,605 | ---- | M] () -- C:\Users\eMeM\Desktop\CV english.pdf

[2013-07-14 11:03:35 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013-07-14 11:03:35 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013-07-13 21:30:11 | 002,007,122 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013-07-13 21:30:11 | 000,868,948 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2013-07-13 21:30:11 | 000,774,668 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013-07-13 21:30:11 | 000,200,186 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2013-07-13 21:30:11 | 000,160,706 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013-07-11 00:38:31 | 000,320,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013-07-02 11:42:17 | 000,080,167 | ---- | M] () -- C:\Users\eMeM\Desktop\Informacje ogólne.pdf

[2013-06-30 20:16:46 | 000,134,369 | ---- | M] () -- C:\Users\eMeM\Desktop\Przechwytywanie.JPG

[2013-06-24 22:01:27 | 000,000,574 | ---- | M] () -- C:\Users\eMeM\Desktop\LFS.lnk

[2013-06-23 17:51:51 | 000,513,901 | ---- | M] () -- C:\Users\eMeM\Desktop\y6zGgc8.jpg

 

========== Files Created - No Company Name ==========

 

[2013-07-16 12:30:21 | 000,217,253 | ---- | C] () -- C:\Users\eMeM\Desktop\RyanairBoardingPass.pdf

[2013-07-16 12:14:46 | 000,529,767 | ---- | C] () -- C:\Users\eMeM\Desktop\Itinerary - Ryanair.pdf

[2013-07-16 11:48:42 | 000,002,660 | ---- | C] () -- C:\Users\eMeM\Desktop\Google Chrome.lnk

[2013-07-15 14:48:12 | 000,347,112 | ---- | C] () -- C:\Users\eMeM\Desktop\CV english - Ola.pdf

[2013-07-13 15:20:34 | 000,447,605 | ---- | C] () -- C:\Users\eMeM\Desktop\CV english.pdf

[2013-07-02 11:42:15 | 000,080,167 | ---- | C] () -- C:\Users\eMeM\Desktop\Informacje ogólne.pdf

[2013-06-30 20:16:45 | 000,134,369 | ---- | C] () -- C:\Users\eMeM\Desktop\Przechwytywanie.JPG

[2013-06-23 17:51:50 | 000,513,901 | ---- | C] () -- C:\Users\eMeM\Desktop\y6zGgc8.jpg

[2013-01-18 01:33:52 | 000,221,498 | ---- | C] () -- C:\Users\eMeM\Nowy dokument 1.2013_01_18_00_33_52.0.svg

[2013-01-09 01:29:32 | 000,104,440 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat

[2012-12-06 18:24:44 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat

[2012-09-07 16:55:24 | 000,000,301 | ---- | C] () -- C:\Windows\SIERRA.INI

[2012-08-14 21:07:46 | 000,000,083 | ---- | C] () -- C:\Windows\wwp.INI

[2012-04-16 12:21:56 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin

[2012-01-14 18:22:12 | 000,000,180 | ---- | C] () -- C:\Windows\PowerReg.dat

[2011-12-27 14:06:38 | 000,000,027 | ---- | C] () -- C:\Windows\lmgrd.ini

[2011-12-16 20:07:49 | 000,000,017 | ---- | C] () -- C:\Windows\Missing.ini

[2011-12-11 20:56:26 | 000,000,046 | ---- | C] () -- C:\Users\eMeM\AppData\Roaming\mainhst.zgh

[2011-10-27 13:36:38 | 001,983,260 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011-10-18 16:15:12 | 000,000,278 | R--- | C] () -- C:\Users\eMeM\Show_Hidden_Files_On_Off.vbs

[2011-09-22 17:32:25 | 000,007,597 | ---- | C] () -- C:\Users\eMeM\AppData\Local\Resmon.ResmonCfg

 

========== ZeroAccess Check ==========

 

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-08-21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-08-21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-08-21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 

========== LOP Check ==========

 

[2013-06-24 21:24:40 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\.purple

[2012-09-06 20:36:14 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Ashampoo

[2012-03-12 15:13:31 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Cream Software

[2013-07-17 17:18:01 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Dropbox

[2012-05-14 17:59:45 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\e-academy Inc

[2013-04-07 15:43:21 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Fluke

[2013-04-25 12:32:05 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Foxit Software

[2013-06-20 16:41:56 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\GanymedeNet

[2012-05-21 20:31:18 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\gtk-2.0

[2013-03-13 19:15:00 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\IGC

[2013-02-14 00:20:48 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\inkscape

[2012-05-21 20:23:34 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\IsolatedStorage

[2011-10-04 14:11:34 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Leadertech

[2012-03-25 17:26:16 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Mathsoft

[2012-05-27 23:19:23 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Need for Speed World

[2012-05-11 22:10:04 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Nokia

[2012-05-11 22:09:13 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Nokia Suite

[2012-05-29 09:22:40 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\PC Suite

[2013-06-13 10:56:32 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\TeamViewer

[2011-09-19 23:19:36 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\Thunderbird

[2013-07-16 19:30:37 | 000,000,000 | ---D | M] -- C:\Users\eMeM\AppData\Roaming\uTorrent

[2013-06-14 01:37:32 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Foxit Software

 

========== Purity Check ==========

 

 

< End of report >

 

 

 

Extras:

 

 

OTL Extras logfile created on: 2013-07-17 20:12:20 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\eMeM\Desktop\Pobieranie\OTL

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16635)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

1,99 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 61,98% Memory free

2,24 Gb Paging File | 1,08 Gb Available in Paging File | 48,37% Paging File free

Paging file location(s): c:\pagefile.sys 256 512 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 80,00 Gb Total Space | 9,45 Gb Free Space | 11,81% Space Free | Partition Type: NTFS

Drive D: | 152,79 Gb Total Space | 30,23 Gb Free Space | 19,79% Space Free | Partition Type: NTFS

 

Computer Name: EMEM-KOMPUTER | User Name: eMeM | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-2379810547-2737495414-2129919692-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- D:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Directory [Winamp.Play] -- "D:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Directory [Winamp.Play] -- "D:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0675EA63-2EDD-4FDF-9735-5862C0BFE246}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{1257B747-1609-4D87-91CD-6F1D9334BBAF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{17E43EC4-FC48-4E37-86F4-2B5BF44AE104}" = rport=138 | protocol=17 | dir=out | app=system |

"{1A28D2BC-17A4-4B1F-9975-AB7082DB9B3A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{283C4C64-0CD6-4500-AA3D-5B9C67D3858B}" = lport=137 | protocol=17 | dir=in | app=system |

"{2A76EFCA-ADA0-4B76-A69F-55B3C3B4A786}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{36FD8AD5-1553-44B0-BADA-5361A572385A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{43864B6D-417E-48D8-8349-BCE5CC797969}" = rport=137 | protocol=17 | dir=out | app=system |

"{4AAAE078-62AE-415A-9273-E638FE3F890A}" = lport=445 | protocol=6 | dir=in | app=system |

"{5054958D-2D1D-45A8-BA57-4545CCE5ADA5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{5B5378B6-0DFB-482D-8EB4-66A178DB6EE7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{7B86D4ED-2967-4309-8E18-0575D0EAB0F5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{8280D78A-9C00-46DA-8E12-46D82D162FFC}" = lport=139 | protocol=6 | dir=in | app=system |

"{8C7D3949-CA25-45CB-A85D-2CD1998F3DA6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{9BB364C9-088C-496F-8B30-6153CDEE979A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{CC964935-9F18-4191-9DAB-36FD8ED7ADF1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{D35E2473-0044-44FF-A381-F5082857F67A}" = lport=138 | protocol=17 | dir=in | app=system |

"{DE176248-4491-4CF1-8B13-C58259F69E68}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{E63CFC04-1A76-4EF7-AE8C-399DFE4A1077}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{E89B77E2-CD29-473D-9E8C-3FD44E30E6C8}" = rport=445 | protocol=6 | dir=out | app=system |

"{EC2C8C2E-F4FE-4520-9232-5BFA0E6C611B}" = rport=139 | protocol=6 | dir=out | app=system |

"{F4C1F7F5-49E5-49AA-A8E1-B89C2B7268C8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00F37E9C-E0A9-4FB0-88BB-5A0965B3ED81}" = protocol=6 | dir=in | app=c:\users\emem\appdata\roaming\dropbox\bin\dropbox.exe |

"{0AC73D52-506B-4181-9E85-923FF659E6D0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{1003C2B7-26C6-4818-993A-FE7821F14A5B}" = protocol=17 | dir=in | app=d:\gry\steam\steamapps\common\dota 2 beta\dota.exe |

"{138300C3-7827-4588-9684-332EEB21CDC4}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |

"{293B321D-7941-4AB2-B9DA-ADF27859ED20}" = protocol=6 | dir=in | app=d:\programy\utorrent\utorrent.exe |

"{35B6B5BC-6CB9-46DA-91A2-5E30C5989173}" = protocol=17 | dir=in | app=d:\programy\utorrent\utorrent.exe |

"{3A4EF167-B083-498E-BCF3-9B36D2F6B8B2}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |

"{4910B87B-0C47-4334-B48D-053E63B1BB68}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{4AEB2813-2590-4551-A7FD-2643E3F11189}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |

"{4DDA9AAF-0AC4-4332-BBAE-20408C6C4E6E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{51D66CAD-E1E3-4DCA-8674-3AF8157052E3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{557D886B-103D-448B-8DD7-F77D656E8E81}" = protocol=17 | dir=in | app=d:\gry\steam\steam.exe |

"{61E634C5-CC03-4A4C-9F48-80D9AAA4B055}" = protocol=6 | dir=in | app=d:\gry\steam\steam.exe |

"{6576A501-B7D5-43D0-90BF-FE2659B010DF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |

"{68A85113-701C-4282-88B0-F157AFE99E5B}" = protocol=17 | dir=in | app=c:\users\emem\appdata\roaming\dropbox\bin\dropbox.exe |

"{71FB9365-2266-4CBE-8A50-55BA770A644B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{7F313B81-2051-4229-98FD-69B86CB1A544}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{8007A9C3-FC8A-4B2E-9D06-645D44DC2346}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{80ACE627-AAF8-4CC5-AF2C-0195AFFB74F6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |

"{815C5E17-6996-4AA9-8A84-3A68E7585370}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{8214A40B-F870-4218-BAE5-E0F74FD7B4D0}" = protocol=6 | dir=in | app=d:\gry\steam\steamapps\common\dota 2 beta\dota.exe |

"{A29F6C0B-B474-499E-978C-B10F50C90FAE}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |

"{BA4D9659-110C-49BA-9F3F-4C65A27B2F79}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |

"{C16DC427-8758-45CE-8D97-266684555CC1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{CC029F8B-1873-44C6-A40F-760A2E948FD5}" = protocol=17 | dir=in | app=d:\gry\warcraft iii\euroloader.exe |

"{DB25315A-D034-4812-B9CC-DF279665751F}" = protocol=6 | dir=in | app=d:\gry\steam\steamapps\common\dota 2 test\dota.exe |

"{E0D05B5B-440F-4430-ADE3-24471550835A}" = protocol=6 | dir=in | app=d:\gry\warcraft iii\euroloader.exe |

"{E576FADE-7E29-426F-BF55-DCACEE4728F3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{E778D84F-ED41-469D-B011-9329C31D49CE}" = protocol=17 | dir=in | app=d:\gry\steam\steamapps\common\dota 2 test\dota.exe |

"{E7AF44DB-815E-4FFC-A694-96B66D230393}" = dir=in | app=d:\programy\itunes\itunes.exe |

"{EECA57B8-8406-4991-8920-640C0753C274}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{F767D001-CE0F-4F25-8FFE-49D9EADEC034}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"TCP Query User{0DAAB80C-689E-42B0-AD3D-EBC2AD3DFCE4}D:\gry\lfs\lfs.exe" = protocol=6 | dir=in | app=d:\gry\lfs\lfs.exe |

"TCP Query User{3833FB03-BC57-4783-A3D4-A6FF5D7FE236}D:\gry\half-life\hlds.exe" = protocol=6 | dir=in | app=d:\gry\half-life\hlds.exe |

"TCP Query User{86A4FF7C-897F-4B84-8857-345DCBAC4A79}D:\gry\warcraft iii\gproxy.exe" = protocol=6 | dir=in | app=d:\gry\warcraft iii\gproxy.exe |

"TCP Query User{8CA4985F-FDD1-453A-A743-11F2EF4A58F5}C:\users\emem\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\emem\appdata\roaming\dropbox\bin\dropbox.exe |

"TCP Query User{9C011D14-0F40-4257-90F8-578BFFD3A95E}D:\gry\half-life\hl.exe" = protocol=6 | dir=in | app=d:\gry\half-life\hl.exe |

"TCP Query User{B1CB935D-E601-4E5D-8AFA-E8B75D73994E}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |

"TCP Query User{BF32B379-D2D3-42A3-8F8A-276B3C40A235}D:\gry\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\gry\warcraft iii\war3.exe |

"TCP Query User{D30FBF38-3F93-479C-8FE2-9C3728DD050D}D:\gry\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\gry\tmnationsforever\tmforever.exe |

"TCP Query User{D845E4CC-3DF3-4F50-9A99-76F5303E6826}D:\gry\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\gry\warcraft iii\war3.exe |

"TCP Query User{EB49EF88-3ABD-4CFD-B45D-F5F0B61F33C3}D:\gry\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=d:\gry\tmnationsforever\tmforever.exe |

"UDP Query User{19F2BE65-3D38-44E2-9A04-BAB6DBC4348E}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |

"UDP Query User{444BB197-B04F-4D68-8547-7F6E02052158}D:\gry\half-life\hlds.exe" = protocol=17 | dir=in | app=d:\gry\half-life\hlds.exe |

"UDP Query User{4681BBA7-7504-4E93-B42E-5730B00342E6}D:\gry\warcraft iii\gproxy.exe" = protocol=17 | dir=in | app=d:\gry\warcraft iii\gproxy.exe |

"UDP Query User{5988B045-1AF9-4ECD-A424-85457ADDD506}D:\gry\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\gry\tmnationsforever\tmforever.exe |

"UDP Query User{778E45AD-FD2D-491C-AA3A-BFD5E15BD87B}D:\gry\lfs\lfs.exe" = protocol=17 | dir=in | app=d:\gry\lfs\lfs.exe |

"UDP Query User{7AC48072-479E-40FF-B02C-BE651176AEC9}D:\gry\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\gry\warcraft iii\war3.exe |

"UDP Query User{800FFF59-7226-4362-8778-37E3546CFDA3}D:\gry\half-life\hl.exe" = protocol=17 | dir=in | app=d:\gry\half-life\hl.exe |

"UDP Query User{84BA69EB-4FE7-4FC5-A8E2-5FD608D8356B}C:\users\emem\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\emem\appdata\roaming\dropbox\bin\dropbox.exe |

"UDP Query User{91B9454F-F77E-4C40-A34A-FEA317E7FFA4}D:\gry\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=d:\gry\tmnationsforever\tmforever.exe |

"UDP Query User{BF13DC2C-8EF8-461F-AAB7-D15AC2614B49}D:\gry\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\gry\warcraft iii\war3.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01078B88-2981-4F75-96B0-8B22E2D2DE03}" = Microsoft SQL Server 2008 R2 Setup (English)

"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6000

"{0AB1CEAD-FF24-33F8-8A25-292A8E835822}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK

"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{23170F69-40C1-2702-0925-000001000000}" = 7-Zip 9.25 (x64 edition)

"{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}" = SQL Server 2008 R2 SP1 Common Files

"{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer

"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema 1.6.0.4014 x64

"{2D2601B6-157F-4F88-B66B-B52DB21EAB2D}" = SQL Server 2008 R2 SP1 Client Tools

"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support

"{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 SP1 Common Files

"{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64)

"{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}" = Microsoft SQL Server 2008 R2 Native Client

"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2

"{51E5BC99-A087-4CFF-8D93-462903EA7E12}" = SQL Server 2008 R2 SP1 Management Studio

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}" = SQL Server 2008 R2 SP1 Management Studio

"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 SP1 Database Engine Shared

"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack

"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64

"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files

"{B5FE23CC-0151-4595-84C3-F1DE6F44FE9B}" = SQL Server 2008 R2 SP1 Client Tools

"{C942A025-A840-4BF2-8987-849C0DD44574}" = SQL Server 2008 R2 SP1 Database Engine Shared

"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU

"{D8C23BDE-4748-44D9-A9DD-8AB64EB18BE3}" = Microsoft SQL Server 2008 R2 RsFx Driver

"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1

"{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = SQL Server 2008 R2 SP1 Database Engine Services

"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 SP1 Database Engine Services

"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)

"B5657FC7A1FBE007CD962905D131D1CA759A45D4" = Windows Driver Package - Fluke (WinUSB) Thermal Imager  (08/21/2011 1.0.1)

"CCleaner" = CCleaner

"HDMI" = Intel® Graphics Media Accelerator Driver

"Logitech Unifying" = Oprogramowanie Logitech Unifying 2.10

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1

"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-bit)

"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-bit)

"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK" = Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

"Recuva" = Recuva

"SolarApp" = Aplikacja Logitech Solar App 1.0

"sp6" = Logitech SetPoint 6.52

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver

"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}" = Mathcad 14 Help

"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2

"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25

"{33EBF075-8593-4698-BDAF-CF8DED80BB5B}" = Nokia Suite

"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU

"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU

"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1

"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Obsługa programów Apple

"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{74F7B314-0507-4F91-9A4E-B6C9B027E410}" = Microsoft SQL Server 2008 R2 Books Online

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects

"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types

"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer

"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007

"{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007

"{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007

"{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007

"{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0415-1000-0000000FF1CE}_HOMESTUDENTR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007

"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007

"{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007

"{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0

"{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}" = PC Connectivity Solution

"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser

"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack

"{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}" = Microsoft SQL Server 2008 R2 Policies

"{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU

"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86

"{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}" = Mathcad 14

"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0

"{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}" = Mathcad 14 Resource Center

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL

"{F7481131-3D39-4BB2-A339-1807EDD56B33}" = SmartView 3.2

"4K Video Downloader_is1" = 4K Video Downloader 2.7

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2

"AnyToISO_is1" = AnyToISO

"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15

"Eurobattle.net1.26" = Eurobattle.net

"Eurobattle.net1.26a" = Eurobattle.net

"EuroPoker Tournament Director's Poker Clock" = EuroPoker Tournament Director's Poker Clock

"Foxit Reader_is1" = Foxit Reader

"Freemake Video Converter_is1" = Freemake Video Converter wersja 3.0.1

"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker

"Half-Life" = Half-Life

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"Inkscape" = Inkscape 0.48.2

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300

"Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1

"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU

"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1

"Mozilla Firefox 22.0 (x86 pl)" = Mozilla Firefox 22.0 (x86 pl)

"Mozilla Thunderbird 17.0.7 (x86 pl)" = Mozilla Thunderbird 17.0.7 (x86 pl)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Nokia Suite" = Nokia Suite

"Pajączek 5 NxG PRO_is1" = Pajączek 5 NxG PRO - Deinstalacja

"Pidgin" = Pidgin

"Pocket Tanks_is1" = Pocket Tanks v1.3

"PokerStars.eu" = PokerStars.eu

"SIMARIS design 6.0" = SIMARIS design 6.0

"SIMARIS design localisation pl_PL 1.0" = Technic package - Poland

"Steam App 205790" = Dota 2 Test

"Steam App 44690" = GT Legends

"Steam App 570" = Dota 2

"TeamViewer 8" = TeamViewer 8

"TmNationsForever_is1" = TmNationsForever

"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition

"uTorrent" = µTorrent

"Winamp" = Winamp

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-2379810547-2737495414-2129919692-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Flux" = F.lux

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 2013-07-17 03:46:09 | Computer Name = eMeM-komputer | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 2013-07-17 03:46:11 | Computer Name = eMeM-komputer | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 1076

 

Error - 2013-07-17 03:46:11 | Computer Name = eMeM-komputer | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 1076

 

Error - 2013-07-17 12:07:23 | Computer Name = eMeM-komputer | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 2013-07-17 12:07:23 | Computer Name = eMeM-komputer | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 1045

 

Error - 2013-07-17 12:07:23 | Computer Name = eMeM-komputer | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 1045

 

Error - 2013-07-17 13:36:39 | Computer Name = eMeM-komputer | Source = VSS | ID = 8193

Description =

 

Error - 2013-07-17 13:36:39 | Computer Name = eMeM-komputer | Source = VSS | ID = 8194

Description =

 

Error - 2013-07-17 13:36:40 | Computer Name = eMeM-komputer | Source = VSS | ID = 8193

Description =

 

Error - 2013-07-17 13:36:50 | Computer Name = eMeM-komputer | Source = Microsoft-Windows-CAPI2 | ID = 513

Description = Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez

 Usługi kryptograficzne nie powiodło się.  Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path()

 failed.  System Error: 0xC0000039 (unresolvable).

 

[ OSession Events ]

Error - 2011-12-07 14:41:56 | Computer Name = eMeM-komputer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 100

 seconds with 60 seconds of active time.  This session ended with a crash.

 

Error - 2011-12-07 14:44:07 | Computer Name = eMeM-komputer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 99

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 2011-12-07 14:53:07 | Computer Name = eMeM-komputer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 520

 seconds with 60 seconds of active time.  This session ended with a crash.

 

Error - 2012-11-15 13:11:31 | Computer Name = eMeM-komputer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 17353

 seconds with 3900 seconds of active time.  This session ended with a crash.

 

Error - 2012-11-16 09:26:21 | Computer Name = eMeM-komputer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4910

 seconds with 2280 seconds of active time.  This session ended with a crash.

 

Error - 2012-11-16 10:22:48 | Computer Name = eMeM-komputer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 133

 seconds with 60 seconds of active time.  This session ended with a crash.

 

Error - 2012-11-16 10:23:06 | Computer Name = eMeM-komputer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 2012-11-16 10:23:55 | Computer Name = eMeM-komputer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 24

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 2012-11-16 10:25:26 | Computer Name = eMeM-komputer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 56

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 2012-11-16 10:25:44 | Computer Name = eMeM-komputer | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3

 seconds with 0 seconds of active time.  This session ended with a crash.

 

[ System Events ]

Error - 2013-07-03 14:19:15 | Computer Name = eMeM-komputer | Source = Disk | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\DR3.

 

Error - 2013-07-03 14:19:16 | Computer Name = eMeM-komputer | Source = Disk | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk3\DR3.

 

Error - 2013-07-10 05:50:26 | Computer Name = eMeM-komputer | Source = Service Control Manager | ID = 7011

Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji

 z usługi TeamViewer8.

 

Error - 2013-07-10 18:36:20 | Computer Name = eMeM-komputer | Source = DCOM | ID = 10010

Description =

 

Error - 2013-07-11 13:02:29 | Computer Name = eMeM-komputer | Source = Service Control Manager | ID = 7011

Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji

 z usługi lmhosts.

 

Error - 2013-07-13 09:36:09 | Computer Name = eMeM-komputer | Source = bowser | ID = 8003

Description =

 

Error - 2013-07-13 16:57:51 | Computer Name = eMeM-komputer | Source = volsnap | ID = 393252

Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie

 można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.

 

Error - 2013-07-14 05:07:08 | Computer Name = eMeM-komputer | Source = Service Control Manager | ID = 7011

Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji

 z usługi lmhosts.

 

Error - 2013-07-15 08:26:15 | Computer Name = eMeM-komputer | Source = bowser | ID = 8003

Description =

 

Error - 2013-07-16 06:48:18 | Computer Name = eMeM-komputer | Source = bowser | ID = 8003

Description =

 

 

< End of report >

 

 

 

Security Check:

 

 

 Results of screen317's Security Check version 0.99.69  

 Windows 7 Service Pack 1 x64 (UAC is disabled!)  

 Internet Explorer 10  

``````````````Antivirus/Firewall Check:``````````````

 WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

 Java 7 Update 25  

 Adobe Flash Player 11.8.800.94  

 Mozilla Firefox (22.0)

 Mozilla Thunderbird (17.0.7)

````````Process Check: objlist.exe by Laurent````````  

`````````````````System Health check`````````````````

 Total Fragmentation on Drive C:  

````````````````````End of Log``````````````````````

 

 

 

Edytowane 19 Lipca 2013 przez picasso
Oznak infekcji brak. Temat przenoszę do działu Windows. //picasso

[Walkerowy]

Log z Netalyzr:

http://n1.netalyzr.icsi.berkeley.edu/summary/id=43ca253f-25921-88831c2e-4ba5-4897-b8e2