x-kom hosting

Problem z wirusem svchost.exe

jnocctcop
utworzono
utworzono (edytowane)

Witam, skanowałem Malwarebytes Antimalware i wykryło wirusa w svchost.exe, po usunięciu, zrobieniu reseta kompa było pusto a za kilka godzin skanuję i dalej siedzi... Jak go wykurzyć? :(

[log]

OTL logfile created on: 2012-12-15 20:05:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Konrad\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 71,59% Memory free
8,00 Gb Paging File | 6,60 Gb Available in Paging File | 82,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 39,00 Gb Free Space | 52,40% Space Free | Partition Type: NTFS

Computer Name: KOMPUTER | User Name: Konrad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-12-15 20:04:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Konrad\Downloads\OTL.exe
PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2001-08-24 19:00:00 | 000,036,352 | --S- | M] (Microsoft Corporation) -- C:\Windows\svchost.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-11-28 15:15:45 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-11-19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-12-02 18:07:03 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2012-11-28 15:15:46 | 002,159,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2010-11-09 14:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:[b]64bit:[/b] - [2010-01-05 19:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]






IE - HKU\S-1-5-21-2900820410-901064891-3336881770-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2900820410-901064891-3336881770-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url]
IE - HKU\S-1-5-21-2900820410-901064891-3336881770-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)


[2012-12-14 17:41:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Konrad\AppData\Roaming\mozilla\Extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Dysk Google = C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SaveAs = C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaalnfofnpjmnegmgmhhnfamedfbgbih\2_0\
CHR - Extension: Gmail = C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2900820410-901064891-3336881770-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2900820410-901064891-3336881770-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2900820410-901064891-3336881770-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2900820410-901064891-3336881770-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2900820410-901064891-3336881770-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:[b]64bit:[/b] - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-2900820410-901064891-3336881770-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2900820410-901064891-3336881770-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2900820410-901064891-3336881770-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2900820410-901064891-3336881770-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2900820410-901064891-3336881770-1003\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-21-2900820410-901064891-3336881770-1003\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-21-2900820410-901064891-3336881770-1003\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-21-2900820410-901064891-3336881770-1003\..Trusted Domains: sony.com ([]* in )
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E895899E-3094-423A-8A22-71244BD302AE}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4F4FD11-B449-4940-97D3-6F86080F8705}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpFolder: C:^Users^Konrad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk - C:\PROGRA~2\Evernote\Evernote\EVERNO~2.EXE - (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
MsConfig:64bit - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-12-15 17:41:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012-12-15 17:40:50 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\2K Games
[2012-12-15 17:36:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2012-12-15 17:31:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2012-12-15 15:28:44 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\VSO
[2012-12-15 15:28:44 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\ObviousIdea
[2012-12-15 09:27:53 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Malwarebytes
[2012-12-15 09:27:46 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-12-15 09:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-12-15 09:27:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-12-15 09:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-12-14 17:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2012-12-14 17:41:19 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\GG
[2012-12-14 17:41:19 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\GG
[2012-12-11 21:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012-12-11 21:20:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012-12-11 19:49:06 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\ElevatedDiagnostics
[2012-12-11 19:17:52 | 000,000,000 | ---D | C] -- C:\Users\Konrad\Desktop\Pliki do CS
[2012-12-11 17:13:46 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\BitTorrent
[2012-12-11 15:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveAs
[2012-12-11 15:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012-12-11 15:42:38 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012-12-10 16:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-12-10 16:09:30 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Google
[2012-12-10 16:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-12-10 16:09:11 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Deployment
[2012-12-10 16:09:11 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Apps
[2012-12-08 19:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-12-08 19:25:03 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Programs
[2012-12-08 11:41:44 | 000,000,000 | ---D | C] -- C:\Nagrane
[2012-12-08 11:41:19 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\BANDISOFT
[2012-12-08 11:41:15 | 000,000,000 | ---D | C] -- C:\Users\Konrad\Documents\Bandicam
[2012-12-07 16:14:20 | 000,000,000 | ---D | C] -- C:\Kompozycja
[2012-12-06 21:23:45 | 001,847,296 | R--- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athurx.sys
[2012-12-06 21:23:45 | 001,847,296 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athurx.sys
[2012-12-06 21:23:45 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2012-12-06 17:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012-12-06 17:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK
[2012-12-05 15:03:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-12-03 14:31:50 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\SKIDROW
[2012-12-03 07:45:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012-12-02 18:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2012-12-02 18:13:40 | 000,000,000 | ---D | C] -- C:\Users\Konrad\Documents\My Games
[2012-12-02 18:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-12-02 18:07:03 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-12-02 18:07:02 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\DAEMON Tools Lite
[2012-12-02 18:07:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012-12-02 18:06:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-12-02 17:02:58 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\.minecraft
[2012-12-02 16:30:15 | 000,000,000 | ---D | C] -- C:\Users\Konrad\SystemRequirementsLab
[2012-12-02 16:30:11 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-12-02 16:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012-12-02 16:30:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012-12-02 16:29:58 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012-12-02 16:29:58 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012-12-02 16:29:53 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012-12-02 16:29:53 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012-12-02 16:29:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012-12-01 22:21:54 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\WMTools Downloaded Files
[2012-12-01 22:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker 2.6
[2012-12-01 09:04:02 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\uTorrent
[2012-12-01 08:48:12 | 000,000,000 | ---D | C] -- C:\Downloads
[2012-12-01 08:48:01 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\BitComet
[2012-11-29 18:10:59 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Evernote
[2012-11-29 18:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012-11-29 18:10:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2012-11-29 17:52:57 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-11-29 17:34:52 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\SCE
[2012-11-29 17:34:52 | 000,000,000 | ---D | C] -- C:\Crash
[2012-11-29 17:34:51 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Sony Online Entertainment
[2012-11-29 17:34:39 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012-11-29 17:34:39 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012-11-29 17:34:39 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012-11-29 17:34:39 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012-11-29 17:34:38 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012-11-29 17:34:38 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012-11-28 19:07:30 | 000,000,000 | ---D | C] -- C:\Download
[2012-11-28 18:41:03 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\WinRAR
[2012-11-28 18:41:03 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-11-28 18:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-11-28 18:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-11-28 17:30:23 | 000,000,000 | ---D | C] -- C:\Muzyka
[2012-11-28 16:51:42 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\NVIDIA
[2012-11-28 15:52:01 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012-11-28 15:52:01 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012-11-28 15:52:01 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012-11-28 15:52:01 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012-11-28 15:52:01 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012-11-28 15:52:01 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012-11-28 15:52:00 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012-11-28 15:52:00 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012-11-28 15:52:00 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012-11-28 15:52:00 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012-11-28 15:52:00 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012-11-28 15:52:00 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012-11-28 15:51:59 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012-11-28 15:51:59 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012-11-28 15:51:59 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012-11-28 15:51:59 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012-11-28 15:51:58 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012-11-28 15:51:58 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012-11-28 15:51:58 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012-11-28 15:51:58 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012-11-28 15:51:58 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012-11-28 15:51:58 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012-11-28 15:51:58 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012-11-28 15:51:58 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012-11-28 15:51:58 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012-11-28 15:51:58 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012-11-28 15:51:58 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012-11-28 15:51:58 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012-11-28 15:51:58 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012-11-28 15:51:58 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012-11-28 15:51:58 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012-11-28 15:51:58 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012-11-28 15:51:57 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012-11-28 15:51:57 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012-11-28 15:51:57 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012-11-28 15:51:57 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012-11-28 15:51:57 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012-11-28 15:51:57 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012-11-28 15:51:57 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012-11-28 15:51:57 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012-11-28 15:51:57 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012-11-28 15:51:57 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012-11-28 15:51:56 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012-11-28 15:51:56 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012-11-28 15:51:56 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012-11-28 15:51:56 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012-11-28 15:51:56 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012-11-28 15:51:56 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012-11-28 15:51:56 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012-11-28 15:51:56 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012-11-28 15:51:56 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012-11-28 15:51:56 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012-11-28 15:51:56 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012-11-28 15:51:56 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012-11-28 15:51:56 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012-11-28 15:51:56 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012-11-28 15:51:55 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012-11-28 15:51:55 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012-11-28 15:51:55 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012-11-28 15:51:55 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012-11-28 15:51:55 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012-11-28 15:51:55 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012-11-28 15:51:55 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012-11-28 15:51:55 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012-11-28 15:51:55 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012-11-28 15:51:55 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012-11-28 15:51:54 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012-11-28 15:51:54 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012-11-28 15:51:54 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012-11-28 15:51:54 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012-11-28 15:51:54 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012-11-28 15:51:54 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012-11-28 15:51:54 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012-11-28 15:51:54 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012-11-28 15:51:54 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012-11-28 15:51:54 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012-11-28 15:51:54 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012-11-28 15:51:54 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012-11-28 15:51:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012-11-28 15:51:54 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012-11-28 15:51:54 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012-11-28 15:51:54 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012-11-28 15:51:54 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012-11-28 15:51:54 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012-11-28 15:51:53 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012-11-28 15:51:53 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012-11-28 15:51:53 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012-11-28 15:51:53 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012-11-28 15:51:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012-11-28 15:51:53 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012-11-28 15:51:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012-11-28 15:51:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012-11-28 15:51:51 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012-11-28 15:51:51 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012-11-28 15:51:51 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012-11-28 15:51:51 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012-11-28 15:51:51 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012-11-28 15:51:51 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012-11-28 15:51:50 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012-11-28 15:51:50 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012-11-28 15:51:50 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012-11-28 15:51:50 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012-11-28 15:51:50 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012-11-28 15:51:50 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012-11-28 15:51:50 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012-11-28 15:51:50 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012-11-28 15:51:50 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012-11-28 15:51:50 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012-11-28 15:51:50 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012-11-28 15:51:50 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012-11-28 15:51:50 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012-11-28 15:51:50 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012-11-28 15:51:50 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012-11-28 15:51:50 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012-11-28 15:51:49 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012-11-28 15:51:49 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012-11-28 15:51:49 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012-11-28 15:51:49 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012-11-28 15:51:49 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012-11-28 15:51:49 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012-11-28 15:51:49 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012-11-28 15:51:49 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012-11-28 15:51:48 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012-11-28 15:51:48 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012-11-28 15:51:48 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012-11-28 15:51:48 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012-11-28 15:51:48 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012-11-28 15:51:48 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012-11-28 15:51:48 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012-11-28 15:51:48 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012-11-28 15:51:48 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012-11-28 15:51:48 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012-11-28 15:51:48 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012-11-28 15:51:48 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012-11-28 15:51:47 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012-11-28 15:51:47 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012-11-28 15:51:47 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012-11-28 15:51:47 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012-11-28 15:51:47 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012-11-28 15:51:47 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012-11-28 15:51:47 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012-11-28 15:51:47 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012-11-28 15:51:47 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012-11-28 15:51:47 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012-11-28 15:51:47 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012-11-28 15:51:47 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012-11-28 15:51:46 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012-11-28 15:51:46 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012-11-28 15:51:46 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012-11-28 15:51:46 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012-11-28 15:51:46 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012-11-28 15:51:46 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012-11-28 15:51:46 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012-11-28 15:51:46 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012-11-28 15:51:46 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012-11-28 15:51:46 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012-11-28 15:51:45 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012-11-28 15:51:45 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012-11-28 15:51:44 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012-11-28 15:51:44 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012-11-28 15:51:42 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012-11-28 15:51:42 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012-11-28 15:51:42 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012-11-28 15:51:42 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012-11-28 15:51:42 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012-11-28 15:51:42 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012-11-28 15:51:42 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012-11-28 15:51:42 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012-11-28 15:51:42 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012-11-28 15:51:42 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012-11-28 15:51:42 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012-11-28 15:51:42 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012-11-28 15:51:41 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012-11-28 15:51:41 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012-11-28 15:51:41 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012-11-28 15:51:41 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012-11-28 15:48:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012-11-28 15:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repack by Fenixx
[2012-11-28 15:48:50 | 000,000,000 | ---D | C] -- C:\Users\Konrad\Documents\Euro Truck Simulator 2
[2012-11-28 15:47:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Euro Truck Simulator 2.v 1.1.1
[2012-11-28 15:17:22 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012-11-28 15:16:22 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2012-11-28 15:16:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2012-11-28 15:16:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012-11-28 07:10:41 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Skype
[2012-11-28 07:10:38 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012-11-28 07:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-11-28 07:10:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-11-28 07:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-11-28 07:02:45 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-11-28 06:57:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-11-28 06:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-11-27 22:13:57 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Microsoft Games
[2012-11-27 21:30:14 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2012-11-27 21:10:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012-11-27 21:10:12 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012-11-27 20:16:58 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Macromedia
[2012-11-27 20:16:58 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Macromedia
[2012-11-27 20:16:58 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Adobe
[2012-11-27 20:14:09 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-11-27 20:14:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012-11-27 20:14:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012-11-27 19:56:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012-11-27 19:50:48 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Mozilla
[2012-11-27 19:50:48 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Mozilla
[2012-11-27 19:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-11-27 19:49:28 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012-11-27 18:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-11-27 18:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-11-27 18:48:53 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-11-27 18:48:46 | 006,200,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012-11-27 18:48:46 | 003,293,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012-11-27 18:48:46 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012-11-27 18:48:46 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012-11-27 18:48:46 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012-11-27 18:48:29 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-11-27 18:48:29 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-11-27 18:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012-11-27 18:47:48 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-11-27 18:47:48 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012-11-27 18:47:47 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-11-27 18:47:47 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-11-27 18:47:47 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-11-27 18:47:47 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-11-27 18:47:47 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012-11-27 18:47:47 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-11-27 18:47:47 | 007,697,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012-11-27 18:47:47 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012-11-27 18:47:47 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-11-27 18:47:47 | 002,731,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012-11-27 18:47:47 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-11-27 18:47:47 | 002,428,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012-11-27 18:47:47 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-11-27 18:47:47 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-11-27 18:47:47 | 001,760,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012-11-27 18:47:47 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012-11-27 18:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012-11-27 18:17:25 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-11-27 18:15:40 | 000,000,000 | R--D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-11-27 18:15:40 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Searches
[2012-11-27 18:15:40 | 000,000,000 | R--D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-11-27 18:15:28 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Identities
[2012-11-27 18:15:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Contacts
[2012-11-27 18:15:19 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\VirtualStore
[2012-11-27 18:14:57 | 000,000,000 | --SD | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Videos
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Saved Games
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Pictures
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Music
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Links
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Favorites
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Downloads
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Documents
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Desktop
[2012-11-27 18:14:57 | 000,000,000 | R--D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Ustawienia lokalne
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\AppData\Local\Temporary Internet Files
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Szablony
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\SendTo
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Recent
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\PrintHood
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\NetHood
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Documents\Moje wideo
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Documents\Moje obrazy
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Moje dokumenty
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Documents\Moja muzyka
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Menu Start
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\AppData\Local\Historia
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Dane aplikacji
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\AppData\Local\Dane aplikacji
[2012-11-27 18:14:57 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Cookies
[2012-11-27 18:14:57 | 000,000,000 | -H-D | C] -- C:\Users\Konrad\AppData
[2012-11-27 18:14:57 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Temp
[2012-11-27 18:14:57 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Microsoft
[2012-11-27 18:14:57 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Media Center Programs
[2012-11-27 18:14:47 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012-11-27 18:14:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-11-27 18:14:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-11-27 18:14:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-11-27 18:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-11-27 18:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-11-27 18:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-11-27 18:14:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-11-27 18:14:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-11-27 18:14:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2012-11-01 18:11:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-11-01 18:08:55 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012-11-01 18:08:36 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-11-01 18:07:52 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[6 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-12-15 20:07:15 | 001,310,720 | -HS- | M] () -- C:\Users\Konrad\NTUSER.DAT
[2012-12-15 19:15:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-15 19:01:46 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-15 19:01:46 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-12-15 19:01:46 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-15 19:01:46 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-12-15 19:01:46 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-12-15 19:00:52 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-12-15 19:00:52 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-12-15 18:55:52 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-15 18:55:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-12-15 18:55:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-12-15 18:55:44 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-15 18:55:04 | 004,989,128 | -H-- | M] () -- C:\Users\Konrad\AppData\Local\IconCache.db
[2012-12-15 18:47:14 | 000,097,978 | ---- | M] () -- C:\Users\Konrad\Desktop\wir.png
[2012-12-15 17:36:38 | 000,002,101 | ---- | M] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2012-12-15 09:27:46 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-12-15 09:19:01 | 000,000,640 | RHS- | M] () -- C:\Users\Konrad\ntuser.pol
[2012-12-12 07:30:31 | 000,000,218 | ---- | M] () -- C:\Users\Konrad\Desktop\Counter-Strike.url
[2012-12-11 21:20:40 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-12-11 16:26:53 | 000,000,974 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2012-12-11 16:26:53 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-12-10 16:13:11 | 000,002,295 | ---- | M] () -- C:\Users\Konrad\Desktop\Google Chrome.lnk
[2012-12-02 18:07:24 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-12-02 18:07:03 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-12-02 16:29:50 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012-12-02 16:29:49 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012-12-02 16:29:49 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012-12-02 16:29:49 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012-11-29 18:10:45 | 000,000,932 | ---- | M] () -- C:\Users\Konrad\Desktop\Evernote.lnk
[2012-11-29 07:03:43 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-11-28 15:48:51 | 000,002,334 | ---- | M] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.v 1.1.1.lnk
[2012-11-28 15:16:41 | 000,001,202 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2012-11-28 15:15:53 | 000,414,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2012-11-28 15:15:46 | 002,159,728 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys
[2012-11-28 15:15:45 | 001,161,328 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaKaraokeApo.dll
[2012-11-28 15:15:45 | 000,994,928 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll
[2012-11-28 15:15:45 | 000,869,376 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMAPO64.DLL
[2012-11-28 15:15:45 | 000,731,648 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysWow64\VMAPO32.DLL
[2012-11-28 15:15:45 | 000,559,216 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll
[2012-11-28 15:15:45 | 000,202,864 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2012-11-28 15:15:45 | 000,116,848 | ---- | M] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaKaraokePropPageExt.dll
[2012-11-28 15:15:45 | 000,087,152 | ---- | M] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2012-11-28 15:15:45 | 000,085,504 | ---- | M] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2012-11-28 15:15:45 | 000,083,968 | ---- | M] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2012-11-28 15:15:45 | 000,074,240 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMWRP64.DLL
[2012-11-28 15:15:45 | 000,057,856 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMPPLD64.DLL
[2012-11-28 15:15:45 | 000,053,760 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMPPCN64.DLL
[2012-11-28 15:15:45 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViakaraokeSrv.exe
[2012-11-28 07:10:38 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-11-27 20:14:09 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-11-27 19:51:31 | 000,057,560 | ---- | M] () -- C:\Users\Konrad\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-11-27 18:19:54 | 000,524,288 | -HS- | M] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012-11-27 18:19:54 | 000,524,288 | -HS- | M] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012-11-27 18:19:54 | 000,065,536 | -HS- | M] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012-11-27 18:14:57 | 000,000,020 | -HS- | M] () -- C:\Users\Konrad\ntuser.ini
[2012-11-01 18:12:03 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012-11-01 18:12:03 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012-11-01 18:10:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-11-01 18:09:12 | 000,274,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[6 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-12-15 18:47:14 | 000,097,978 | ---- | C] () -- C:\Users\Konrad\Desktop\wir.png
[2012-12-15 17:36:38 | 000,002,101 | ---- | C] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2012-12-15 09:27:46 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-12-15 09:19:01 | 000,000,640 | RHS- | C] () -- C:\Users\Konrad\ntuser.pol
[2012-12-12 07:30:31 | 000,000,218 | ---- | C] () -- C:\Users\Konrad\Desktop\Counter-Strike.url
[2012-12-11 21:20:40 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-12-10 16:13:11 | 000,002,295 | ---- | C] () -- C:\Users\Konrad\Desktop\Google Chrome.lnk
[2012-12-10 16:09:33 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-10 16:09:32 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-06 21:23:45 | 000,017,326 | R--- | C] () -- C:\Windows\SysNative\netathurx.inf
[2012-12-06 21:23:45 | 000,007,484 | ---- | C] () -- C:\Windows\SysNative\athurextx.cat
[2012-12-02 18:07:24 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-12-01 22:21:27 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
[2012-11-29 18:10:45 | 000,000,932 | ---- | C] () -- C:\Users\Konrad\Desktop\Evernote.lnk
[2012-11-29 07:03:42 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-11-28 15:48:51 | 000,002,334 | ---- | C] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.v 1.1.1.lnk
[2012-11-28 15:16:41 | 000,001,214 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2012-11-28 15:16:41 | 000,001,202 | ---- | C] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2012-11-28 07:10:38 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-11-28 06:57:36 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-27 21:30:14 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2012-11-27 19:51:31 | 000,057,560 | ---- | C] () -- C:\Users\Konrad\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-11-27 18:47:47 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012-11-27 18:19:53 | 004,989,128 | -H-- | C] () -- C:\Users\Konrad\AppData\Local\IconCache.db
[2012-11-27 18:15:49 | 000,001,417 | ---- | C] () -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012-11-27 18:15:42 | 000,001,451 | ---- | C] () -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-11-27 18:14:57 | 000,524,288 | -HS- | C] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012-11-27 18:14:57 | 000,524,288 | -HS- | C] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012-11-27 18:14:57 | 000,065,536 | -HS- | C] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012-11-27 18:14:57 | 000,000,020 | -HS- | C] () -- C:\Users\Konrad\ntuser.ini
[2012-11-27 18:14:56 | 001,310,720 | -HS- | C] () -- C:\Users\Konrad\NTUSER.DAT
[2012-11-01 18:11:54 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012-11-01 18:11:48 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012-11-01 18:10:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-11-01 18:08:36 | 3220,627,456 | -HS- | C] () -- C:\hiberfil.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009-07-14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2012-12-10 15:03:06 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\.minecraft
[2012-12-08 11:41:19 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\BANDISOFT
[2012-12-12 14:14:43 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\BitComet
[2012-12-12 22:29:27 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\BitTorrent
[2012-12-02 18:07:55 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\DAEMON Tools Lite
[2012-12-14 19:13:15 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\GG
[2012-12-15 15:28:44 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\ObviousIdea
[2012-12-15 18:28:03 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\uTorrent
[2012-12-15 15:30:59 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\VSO

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2012-12-15 18:55:44 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-15 18:55:44 | 4294,172,672 | -HS- | M] () -- C:\pagefile.sys
[2012-12-15 15:24:27 | 000,000,096 | ---- | M] () -- C:\SetSearchAndHomepageInBrowserLog.txt
[6 C:\*.tmp files -> C:\*.tmp -> ]

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012-09-29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< End of report >
[/log]

[log]

OTL Extras logfile created on: 2012-12-15 20:05:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Konrad\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 71,59% Memory free
8,00 Gb Paging File | 6,60 Gb Available in Paging File | 82,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 39,00 Gb Free Space | 52,40% Space Free | Partition Type: NTFS

Computer Name: KOMPUTER | User Name: Konrad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2900820410-901064891-3336881770-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08B9B943-DD28-40C5-896F-F07537F40B37}" = rport=445 | protocol=6 | dir=out | app=system |
"{1B52FA13-A2B9-4C34-BABA-98B97256A8F8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{203EF32C-0721-4C74-9E54-FD44D3129155}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{23199F84-843E-4EF4-A13E-AE25AB1319E2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{272CD4D6-4212-4A36-8553-312E3576E8E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{335E668C-8BCF-4062-B9A6-00F480479A46}" = lport=2869 | protocol=6 | dir=in | app=system |
"{35E04740-185B-498E-861B-50D88A8EBCD7}" = lport=137 | protocol=17 | dir=in | app=system |
"{5255B575-913F-4D06-B2A8-890CEE7A243A}" = lport=445 | protocol=6 | dir=in | app=system |
"{5AB16704-5B05-4DC3-93EB-D720C0079325}" = lport=15532 | protocol=17 | dir=in | name=bitcomet 15532 udp |
"{5F9965E5-280F-4B9F-A068-4271EB092862}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{680BE887-4017-4825-B8B2-A0004C66B289}" = rport=137 | protocol=17 | dir=out | app=system |
"{6C1C79EE-8271-4E99-AA51-CB722F2D5F2C}" = lport=138 | protocol=17 | dir=in | app=system |
"{769ACB73-1323-4E59-8125-407543738513}" = rport=10243 | protocol=6 | dir=out | app=system |
"{89315BE0-CF81-4D82-8B06-E1B4C437A19D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{97C813B9-615C-4678-AA7E-D6C37EA88392}" = lport=15532 | protocol=6 | dir=in | name=bitcomet 15532 tcp |
"{9B5E2EA9-7A0D-4F9C-9CEA-563195DC3B41}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A6CAB57E-43B7-4795-B939-D66927F4061A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CEC2BC2F-4449-4E93-AED5-7B85649E71AF}" = lport=139 | protocol=6 | dir=in | app=system |
"{E0F05517-194D-45B8-9F8C-BCE56B59D6F1}" = rport=139 | protocol=6 | dir=out | app=system |
"{E542D9C4-C216-4C1B-ADB6-F80B20C05F0B}" = rport=138 | protocol=17 | dir=out | app=system |
"{E75E0BE2-68D7-4F1F-B573-D0A28BDA16FE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F069927F-2205-448A-9A4E-C4F77D1D5FDB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F83A98BA-E051-4A28-85F9-3526735DF5C9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07CCAD2A-5D01-4CBF-88E4-39EACF55DE2F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\bongomp3\counter-strike\hl.exe |
"{1289037B-6689-4517-82B0-90A4B78CF257}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2158088E-8C15-4004-94DA-BE2CB5A7C1E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2270423C-0CB4-4BCA-B027-8AA771F35608}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{229A49EF-E015-4678-BB8C-B7B16B287745}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{25CC50CB-9348-45D3-AFCA-8EA9E46DB6A0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{30609BDB-F2BB-4A44-B4A5-F547720FADD9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3156E2DC-8050-4423-A204-438DC6FA5898}" = protocol=6 | dir=in | app=c:\users\konrad\downloads\bittorrent.exe |
"{3D1BECA2-0B9A-46E9-AAE9-EE0628082339}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{407F3C5C-A9B5-48FB-9A78-039663677B9E}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{4C41FCF7-82ED-4D02-8244-ADEB2E012AB1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{56688E6F-3177-4354-8560-B1E9310AC3E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\bongomp3\counter-strike\hl.exe |
"{5C827778-6001-4135-8727-7E8BB2A675F4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{60880A6D-58F6-4A2D-8C8F-C74A86E192B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{60DAC3AF-106A-4E3F-80E4-9237E43FCEA7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6A43DCFB-3D0B-4C3D-8AC8-762748D824E3}" = protocol=6 | dir=out | app=system |
"{6ABCF6B5-3D40-41D8-BF48-A136860BD72E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6B6CEFA5-D963-4256-9C51-EBB93F5EE208}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7331F232-D5FD-4534-B3DA-081130724EF1}" = protocol=17 | dir=in | app=c:\users\konrad\desktop\utorrent.exe |
"{8375139B-A14A-4BD4-9CEA-A6A0CBBBA1C3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{93E1B918-0F9E-404C-AC9B-DFCA40C3462C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9D80CB2D-290F-4FEA-A1A5-4B8D82E43C9E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9EC76F13-8C50-4F81-A907-31BD80653EAD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A83EAD7C-3F51-4FAF-B3FC-6778F3DE7376}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{C6414F3F-0B89-4F4C-808F-2CE430DF68B4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C79BDFBD-8B09-4768-85B9-92E58A19B0F2}" = protocol=17 | dir=in | app=c:\users\konrad\downloads\bittorrent.exe |
"{D5575111-765C-4091-9251-3CB65E6087F3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D99C0C6B-1C36-4470-A13C-BF4F746A1706}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EEE32426-1417-4753-B372-1B1CC2BAC9AF}" = protocol=6 | dir=in | app=c:\users\konrad\desktop\utorrent.exe |
"{F03C3DD1-0D98-462D-82D7-C9493B2F7D8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F0B2A80F-6C5E-4E64-90FD-95C946F28F5D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FA1545A4-F299-4606-93FC-1430B264F4DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{90340092-59DA-4D70-BCB5-CEC4F688B2E7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{AE50A44D-3020-467D-BBA9-DB5B4728838A}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{B2C9BFEE-F749-4B06-8F34-3B2C576FE792}C:\program files (x86)\dishonored\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dishonored\dishonored\binaries\win32\dishonored.exe |
"TCP Query User{D7D15108-E71F-4367-B3E1-B8D9E0CFA1B2}C:\2k games\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\2k games\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{DD3B8BD4-C30C-40B2-A3B8-309586633F95}C:\program files (x86)\torchlight ii\torchlight2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\torchlight ii\torchlight2.exe |
"UDP Query User{15968300-5B51-4D1E-B9B4-B2F95A891F5F}C:\program files (x86)\dishonored\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dishonored\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{545CBDD2-3BA3-4DA0-9311-73936C3A3619}C:\program files (x86)\torchlight ii\torchlight2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\torchlight ii\torchlight2.exe |
"UDP Query User{76C6864A-6511-4621-9831-A1BD5ACA00A3}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{A1D62003-CD26-413D-8EA8-E2B2345CCE7A}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{F32F8018-8B16-4506-B280-C7688D35517C}C:\2k games\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\2k games\borderlands 2\binaries\win32\borderlands2.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.17
"WinRAR archiver" = WinRAR 4.20 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EF7E46B8-1FB7-11E2-B6B3-984BE15F174E}" = Evernote v. 4.5.10
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Euro Truck Simulator 2.v 1.1.1_is1" = Euro Truck Simulator 2.v 1.1.1
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Steam App 10" = Counter-Strike

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-12-10 11:12:58 | Computer Name = Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe, wersja: 5.1.0.0, sygnatura
czasowa: 0x3b866bf0 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16385,
sygnatura czasowa: 0x4a5bdb3b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00033915
Identyfikator
procesu powodującego błąd: 0x664 Godzina uruchomienia aplikacji powodującej błąd:
0x01cdd6e8d6d31980 Ścieżka aplikacji powodującej błąd: C:\Windows\svchost.exe Ścieżka
modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll Identyfikator raportu: 148c3720-42dc-11e2-9e40-bc5ff442264e

Error - 2012-12-10 11:13:55 | Computer Name = Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: FlashPlayerPlugin_11_5_502_110.exe,
wersja: 11.5.502.110, sygnatura czasowa: 0x3b866bf0 Nazwa modułu powodującego błąd:
unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0xffffffff Identyfikator procesu powodującego błąd: 0x288 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cdd6e8f84802b0 Ścieżka aplikacji powodującej błąd:
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe Ścieżka modułu
powodującego błąd: unknown Identyfikator raportu: 35fa6990-42dc-11e2-9e40-bc5ff442264e

Error - 2012-12-10 11:13:55 | Computer Name = Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe, wersja: 5.1.0.0, sygnatura
czasowa: 0x3b866bf0 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16385,
sygnatura czasowa: 0x4a5bdb3b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00033915
Identyfikator
procesu powodującego błąd: 0xba8 Godzina uruchomienia aplikacji powodującej błąd:
0x01cdd6e8f84c4870 Ścieżka aplikacji powodującej błąd: C:\Windows\svchost.exe Ścieżka
modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll Identyfikator raportu: 35fc3e50-42dc-11e2-9e40-bc5ff442264e

Error - 2012-12-10 11:14:50 | Computer Name = Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: FlashPlayerPlugin_11_5_502_110.exe,
wersja: 11.5.502.110, sygnatura czasowa: 0x3b866bf0 Nazwa modułu powodującego błąd:
unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0xffffffff Identyfikator procesu powodującego błąd: 0x9b0 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cdd6e91933e5c0 Ścieżka aplikacji powodującej błąd:
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe Ścieżka modułu
powodującego błąd: unknown Identyfikator raportu: 56e206e0-42dc-11e2-9e40-bc5ff442264e

Error - 2012-12-10 11:14:50 | Computer Name = Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe, wersja: 5.1.0.0, sygnatura
czasowa: 0x3b866bf0 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16385,
sygnatura czasowa: 0x4a5bdb3b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00033915
Identyfikator
procesu powodującego błąd: 0xa48 Godzina uruchomienia aplikacji powodującej błąd:
0x01cdd6e91934a910 Ścieżka aplikacji powodującej błąd: C:\Windows\svchost.exe Ścieżka
modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll Identyfikator raportu: 56e33f60-42dc-11e2-9e40-bc5ff442264e

Error - 2012-12-11 14:39:11 | Computer Name = Komputer | Source = Application Hang | ID = 1002
Description = Program Steam.exe w wersji 1.0.1595.686 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 4a4 Godzina rozpoczęcia: 01cdd7ce9e36aab0 Godzina zakończenia:
0 Ścieżka aplikacji: C:\Program Files (x86)\Steam\Steam.exe Identyfikator raportu:
06e71c71-43c2-11e2-b5df-bc5ff442264e

Error - 2012-12-11 14:42:00 | Computer Name = Komputer | Source = Application Hang | ID = 1002
Description = Program Steam.exe w wersji 1.0.1595.686 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 80c Godzina rozpoczęcia: 01cdd7ced12b67d0 Godzina zakończenia:
16 Ścieżka aplikacji: C:\Program Files (x86)\Steam\Steam.exe Identyfikator raportu:
7197cb51-43c2-11e2-b5df-bc5ff442264e

Error - 2012-12-11 14:42:58 | Computer Name = Komputer | Source = Application Hang | ID = 1002
Description = Program Steam.exe w wersji 1.0.1595.686 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 7c0 Godzina rozpoczęcia: 01cdd7cf3cdf8c90 Godzina zakończenia:
0 Ścieżka aplikacji: C:\Program Files (x86)\Steam\Steam.exe Identyfikator raportu:
93b5ae51-43c2-11e2-b5df-bc5ff442264e

Error - 2012-12-13 15:15:21 | Computer Name = Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: setup.exe_Google Chrome, wersja:
23.0.1271.95, sygnatura czasowa: 0x3b866bf0 Nazwa modułu powodującego błąd: unknown,
wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0xffffffff Identyfikator procesu powodującego błąd: 0xdd8 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cdd96630dcba60 Ścieżka aplikacji powodującej błąd:
C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\Installer\setup.exe
Ścieżka
modułu powodującego błąd: unknown Identyfikator raportu: 700a76a0-4559-11e2-9c54-bc5ff442264e

Error - 2012-12-13 15:15:21 | Computer Name = Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: svchost.exe, wersja: 5.1.0.0, sygnatura
czasowa: 0x3b866bf0 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16385,
sygnatura czasowa: 0x4a5bdb3b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00033c8d
Identyfikator
procesu powodującego błąd: 0xcf0 Godzina uruchomienia aplikacji powodującej błąd:
0x01cdd9663101ce90 Ścieżka aplikacji powodującej błąd: C:\Windows\svchost.exe Ścieżka
modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll Identyfikator raportu: 700bd630-4559-11e2-9c54-bc5ff442264e

[ System Events ]
Error - 2012-12-14 18:31:09 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-15 03:58:45 | Computer Name = Komputer | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą Skype Updater.

Error - 2012-12-15 03:58:49 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-15 04:34:58 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-15 04:45:33 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-15 04:47:38 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-15 04:51:23 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-15 04:59:59 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-15 13:51:11 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-15 13:55:52 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom


< End of report >
[/log]



Coś jeszcze? Prosze o szybką pomoc !!! :(

Gość
komentarz
komentarz (edytowane)

[quote][color=#282828][font=helvetica, arial, sans-serif]PRC - [2001-08-24 19:00:00 | 000,036,352 | --S- | M] (Microsoft Corporation) -- [/font][/color][b][color=#ff0000][font=helvetica, arial, sans-serif]C:\Windows\svchost.exe[/font][/color][/b][/quote]
nie mam dobrych wieści to coś to paskudny wirus infekujący pliki wykonywalne [url="http://pc-com.pl/topic/8-poradnik-infekcje-w-plikach-wykonywalnych/"]"[b][color=#ff0000]Jeefo[/color][/b]"[/url]

Na początek tym szajsem sie zajmiemy
Robisz skan tą szczepionką [url="http://www.sophos.com/support/cleaners/jeefogui.com"]KLIK[/url] tyle razy aż szczeepionka nie zwróci 0 zainfekowanych plików

Po tym dajesz nowy log z OTL

  • Dobra wypowiedź 1
jnocctcop
komentarz
komentarz

Witam, zrobiłem format i po formacie wykryło po chwili 3 wirusy "Jeefo" po czym usunąłem je tak jak wcześniej i do tej pory się nie pokazuje, więc chyba na dobre wykurzyłem je Malwarebytes Anti-malware. :)

Czy jeśli ich już nie wykrywa to wszystko dobrze? Czy wykonać jakieś kroki?

Gość
komentarz
komentarz

możesz dać na wszelki wypadek loga z OTL

  • Dobra wypowiedź 1
jnocctcop
komentarz
komentarz (edytowane)

Kurde, zainstalowałem gg, robię skan i pojawiawia się z 15 wirusów, użyłem szczepionki Twojej z linku, wyskakiwały okienka z zapytaniem czy chcę naprawić te pliki, dałem yes to all, naprawiło, skanuję programem wcześniejszym i nie ma żadnego . Załatwiło sprawę? Daję logi po tych operacjach




[log]


OTL logfile created on: 2012-12-17 21:29:28 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Konrad\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,84 Gb Available Physical Memory | 71,01% Memory free
8,00 Gb Paging File | 6,57 Gb Available in Paging File | 82,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 47,73 Gb Free Space | 64,13% Space Free | Partition Type: NTFS

Computer Name: KOMPUTER | User Name: Konrad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-12-17 21:28:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Konrad\Downloads\OTL.exe
PRC - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-12-03 19:35:00 | 001,044,320 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-12-17 21:28:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Konrad\Downloads\OTL.exe
MOD - [2012-12-05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MOD - [2012-12-05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012-12-05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
MOD - [2012-12-05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012-12-05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012-12-05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012-12-05 02:14:27 | 009,963,112 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\icudt.dll
MOD - [2012-12-05 02:14:23 | 041,743,976 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\chrome.dll
MOD - [2012-12-05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012-12-05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012-12-05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012-12-03 19:35:00 | 001,044,320 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
MOD - [2012-12-03 19:32:40 | 000,434,176 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\Intl\EvernoteClipper.pl-PL.dll
MOD - [2012-10-02 23:21:00 | 015,309,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2012-10-02 23:21:00 | 002,428,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll
MOD - [2012-10-02 17:23:18 | 000,903,584 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MOD - [2012-09-08 12:16:32 | 000,258,048 | ---- | M] (Evernote Corporation, 333 West Evelyn Avenue, Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\LibPCRE.dll
MOD - [2012-09-08 12:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012-09-08 12:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012-07-06 06:43:46 | 000,284,160 | ---- | M] (Evernote Corporation) -- C:\Program Files (x86)\Evernote\Evernote\encrashrep.dll
MOD - [2010-05-26 11:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll
MOD - [2010-05-26 11:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll
MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 02:17:51 | 001,289,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009-07-14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2009-07-14 02:16:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 02:16:19 | 000,977,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2009-07-14 02:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2009-07-14 02:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 02:16:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2009-07-14 02:16:19 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2009-07-14 02:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 02:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009-07-14 02:16:18 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-07-14 02:16:17 | 001,224,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2009-07-14 02:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 02:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 02:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:15 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll
MOD - [2009-07-14 02:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 02:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2009-07-14 02:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 02:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 02:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 02:16:13 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009-07-14 02:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2009-07-14 02:16:13 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2009-07-14 02:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 02:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2009-07-14 02:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 02:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 02:16:12 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 02:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PeerDist.dll
MOD - [2009-07-14 02:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 02:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 02:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 02:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2009-07-14 02:15:44 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll
MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:43 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2009-07-14 02:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2009-07-14 02:15:42 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2009-07-14 02:15:41 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll
MOD - [2009-07-14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009-07-14 02:15:38 | 003,177,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 02:15:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2009-07-14 02:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2009-07-14 02:15:28 | 002,058,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 02:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2009-07-14 02:15:19 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2009-07-14 02:15:19 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 02:15:13 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:12 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 02:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2009-07-14 02:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009-07-14 02:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2009-07-14 02:15:08 | 001,826,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 02:15:07 | 001,151,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2009-07-14 02:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 02:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009-07-14 02:15:07 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 02:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 02:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:24 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2009-07-14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2009-07-14 02:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 02:11:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-07-14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009-07-14 02:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2011-06-14 21:42:48 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-12-17 21:23:04 | 000,155,136 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-11-19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-12-15 21:54:55 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2011-06-14 21:42:44 | 002,159,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2011-04-20 03:07:48 | 001,930,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)


[2012-12-17 21:17:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Konrad\AppData\Roaming\mozilla\Extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: Dysk Google = C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Konrad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - Startup: C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:[b]64bit:[/b] - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6020E4B-19F5-446A-B7FF-745E3CD71861}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFD0D7AB-BE2F-48DE-ADB9-F76C33E3D64D}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-12-17 21:18:08 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Adobe
[2012-12-17 21:18:03 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Macromedia
[2012-12-17 21:17:52 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Mozilla
[2012-12-17 21:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2012-12-17 21:17:33 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\GG
[2012-12-17 21:17:32 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\GG
[2012-12-17 14:21:41 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\2K Games
[2012-12-17 14:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2012-12-17 14:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2012-12-16 18:37:49 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\WMTools Downloaded Files
[2012-12-16 17:22:40 | 000,000,000 | ---D | C] -- C:\Muzyka
[2012-12-16 17:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2012-12-16 17:04:26 | 001,930,240 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athurx.sys
[2012-12-16 17:04:26 | 001,930,240 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athurx.sys
[2012-12-16 17:04:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK
[2012-12-16 10:39:56 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-12-16 10:35:37 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\NVIDIA
[2012-12-16 10:09:51 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012-12-16 10:02:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2012-12-16 10:02:17 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\BitTorrent
[2012-12-15 22:50:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker 2.6
[2012-12-15 22:34:10 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-12-15 22:33:29 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012-12-15 22:32:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2012-12-15 22:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012-12-15 22:32:34 | 000,085,504 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2012-12-15 22:32:34 | 000,083,968 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2012-12-15 22:15:17 | 000,000,000 | ---D | C] -- C:\Users\Konrad\Documents\Euro Truck Simulator 2
[2012-12-15 22:02:16 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Skype
[2012-12-15 22:02:13 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012-12-15 22:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-12-15 22:02:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-12-15 22:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012-12-15 21:56:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012-12-15 21:56:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012-12-15 21:56:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012-12-15 21:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-12-15 21:54:55 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-12-15 21:54:54 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\DAEMON Tools Lite
[2012-12-15 21:54:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012-12-15 21:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-12-15 21:52:13 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Evernote
[2012-12-15 21:52:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012-12-15 21:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2012-12-15 21:47:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012-12-15 21:47:38 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012-12-15 21:46:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-12-15 21:46:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-12-15 21:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-12-15 21:39:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-12-15 21:39:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-12-15 21:39:31 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-12-15 21:39:31 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-12-15 21:39:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012-12-15 21:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012-12-15 21:38:17 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-12-15 21:29:45 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Malwarebytes
[2012-12-15 21:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-12-15 21:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-12-15 21:29:37 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-12-15 21:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-12-15 21:16:00 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012-12-15 21:15:49 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\WinRAR
[2012-12-15 21:15:49 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-12-15 21:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-12-15 21:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-12-15 21:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-12-15 21:11:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-12-15 21:11:44 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Google
[2012-12-15 21:11:31 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Deployment
[2012-12-15 21:11:31 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Apps
[2012-12-15 21:01:09 | 000,000,000 | R--D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-12-15 21:01:09 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Searches
[2012-12-15 21:01:09 | 000,000,000 | R--D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-12-15 21:00:54 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Identities
[2012-12-15 21:00:48 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Contacts
[2012-12-15 21:00:46 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\VirtualStore
[2012-12-15 21:00:22 | 000,000,000 | --SD | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Videos
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Saved Games
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Pictures
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Music
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Links
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Favorites
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Downloads
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Documents
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\Desktop
[2012-12-15 21:00:22 | 000,000,000 | R--D | C] -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Ustawienia lokalne
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\AppData\Local\Temporary Internet Files
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Szablony
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\SendTo
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Recent
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\PrintHood
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\NetHood
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Documents\Moje wideo
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Documents\Moje obrazy
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Moje dokumenty
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Documents\Moja muzyka
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Menu Start
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\AppData\Local\Historia
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Dane aplikacji
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\AppData\Local\Dane aplikacji
[2012-12-15 21:00:22 | 000,000,000 | -HSD | C] -- C:\Users\Konrad\Cookies
[2012-12-15 21:00:22 | 000,000,000 | -H-D | C] -- C:\Users\Konrad\AppData
[2012-12-15 21:00:22 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Temp
[2012-12-15 21:00:22 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Local\Microsoft
[2012-12-15 21:00:22 | 000,000,000 | ---D | C] -- C:\Users\Konrad\AppData\Roaming\Media Center Programs
[2012-12-15 21:00:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-12-15 21:00:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-12-15 21:00:12 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012-12-15 21:00:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-12-15 21:00:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-12-15 21:00:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-12-15 21:00:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-12-15 21:00:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-12-15 21:00:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-12-15 21:00:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2012-12-15 20:57:21 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-12-15 20:54:39 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012-12-15 20:54:22 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-12-15 20:53:30 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-12-17 21:29:39 | 001,048,576 | -HS- | M] () -- C:\Users\Konrad\NTUSER.DAT
[2012-12-17 21:16:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-17 21:16:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-17 19:40:37 | 000,001,131 | ---- | M] () -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2012-12-17 14:20:16 | 000,002,105 | ---- | M] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2012-12-17 14:13:45 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-12-17 14:13:45 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-12-17 14:13:45 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-12-17 14:13:45 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-12-17 14:13:45 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-12-17 13:39:52 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-12-17 13:39:52 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-12-17 13:32:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-12-17 13:32:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-12-17 13:32:31 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-16 23:31:58 | 001,689,882 | -H-- | M] () -- C:\Users\Konrad\AppData\Local\IconCache.db
[2012-12-16 10:09:51 | 000,000,218 | ---- | M] () -- C:\Users\Konrad\Desktop\Counter-Strike.url
[2012-12-16 10:02:46 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012-12-15 22:33:13 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2012-12-15 22:02:13 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-12-15 21:56:07 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-12-15 21:55:13 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-12-15 21:54:55 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-12-15 21:52:08 | 000,000,936 | ---- | M] () -- C:\Users\Konrad\Desktop\Evernote.lnk
[2012-12-15 21:47:38 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2012-12-15 21:46:45 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-12-15 21:29:38 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-12-15 21:16:41 | 000,524,288 | -HS- | M] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012-12-15 21:16:41 | 000,524,288 | -HS- | M] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012-12-15 21:16:41 | 000,065,536 | -HS- | M] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012-12-15 21:08:04 | 000,057,560 | ---- | M] () -- C:\Users\Konrad\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-12-15 21:02:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-12-15 21:00:22 | 000,000,020 | -HS- | M] () -- C:\Users\Konrad\ntuser.ini
[2012-12-15 20:57:46 | 000,067,908 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012-12-15 20:57:46 | 000,067,908 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012-12-15 20:54:57 | 000,274,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-12-17 19:40:37 | 000,001,131 | ---- | C] () -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2012-12-17 14:20:16 | 000,002,105 | ---- | C] () -- C:\Users\Public\Desktop\Mafia II.lnk
[2012-12-16 17:04:26 | 000,027,040 | ---- | C] () -- C:\Windows\SysNative\netathurx.inf
[2012-12-16 17:04:26 | 000,008,820 | ---- | C] () -- C:\Windows\SysNative\athurextx.cat
[2012-12-16 10:09:51 | 000,000,218 | ---- | C] () -- C:\Users\Konrad\Desktop\Counter-Strike.url
[2012-12-16 10:02:46 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012-12-15 22:50:57 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
[2012-12-15 22:33:13 | 000,001,206 | ---- | C] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2012-12-15 22:33:12 | 000,001,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2012-12-15 22:02:13 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012-12-15 21:56:07 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-12-15 21:55:13 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-12-15 21:52:08 | 000,000,936 | ---- | C] () -- C:\Users\Konrad\Desktop\Evernote.lnk
[2012-12-15 21:47:38 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2012-12-15 21:46:45 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-12-15 21:38:50 | 000,016,127 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012-12-15 21:29:38 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-12-15 21:16:40 | 001,689,882 | -H-- | C] () -- C:\Users\Konrad\AppData\Local\IconCache.db
[2012-12-15 21:11:47 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-12-15 21:11:46 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-12-15 21:08:04 | 000,057,560 | ---- | C] () -- C:\Users\Konrad\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-12-15 21:02:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-12-15 21:01:18 | 000,001,421 | ---- | C] () -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012-12-15 21:01:11 | 000,001,455 | ---- | C] () -- C:\Users\Konrad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-12-15 21:00:22 | 001,048,576 | -HS- | C] () -- C:\Users\Konrad\NTUSER.DAT
[2012-12-15 21:00:22 | 000,524,288 | -HS- | C] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012-12-15 21:00:22 | 000,524,288 | -HS- | C] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012-12-15 21:00:22 | 000,065,536 | -HS- | C] () -- C:\Users\Konrad\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012-12-15 21:00:22 | 000,000,020 | -HS- | C] () -- C:\Users\Konrad\ntuser.ini
[2012-12-15 20:57:38 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012-12-15 20:57:32 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012-12-15 20:54:22 | 3220,627,456 | -HS- | C] () -- C:\hiberfil.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009-07-14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2012-12-17 21:24:52 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\BitTorrent
[2012-12-17 14:05:21 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\DAEMON Tools Lite
[2012-12-17 21:19:04 | 000,000,000 | ---D | M] -- C:\Users\Konrad\AppData\Roaming\GG

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2012-12-17 13:32:31 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-12-17 13:32:38 | 4294,172,672 | -HS- | M] () -- C:\pagefile.sys
[2012-12-17 21:23:42 | 000,012,190 | ---- | M] () -- C:\resolve.log

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012-09-29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< End of report >


[/log]

[log]


OTL Extras logfile created on: 2012-12-17 21:29:28 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Konrad\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,84 Gb Available Physical Memory | 71,01% Memory free
8,00 Gb Paging File | 6,57 Gb Available in Paging File | 82,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 47,73 Gb Free Space | 64,13% Space Free | Partition Type: NTFS

Computer Name: KOMPUTER | User Name: Konrad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{075EF319-632C-4F1C-A179-B6F111496581}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D1A5753-5C63-4342-A87C-1F664ABBF6AC}" = lport=139 | protocol=6 | dir=in | app=system |
"{102F4268-5359-46BF-B409-4FA73C09E29D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27C279CB-728E-488B-9CC4-16712C130373}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{474D8308-B08E-49AF-8B6A-43AB776508B7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{57383260-08A9-44EE-AB21-135581494E82}" = rport=10243 | protocol=6 | dir=out | app=system |
"{593B80B5-FF25-471B-B2AD-690B68D57EAE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DC88533-1834-4CB7-9FAC-45FA86282E6D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7BB24C82-32A2-4DF5-B4D0-963E6A227F85}" = rport=137 | protocol=17 | dir=out | app=system |
"{82BB589F-D0E1-45EB-A284-B5A3593D8E72}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{832E3F95-FA6D-4C06-AD5F-F94D43EDA1C4}" = rport=445 | protocol=6 | dir=out | app=system |
"{8432937F-2D1C-475C-AAF1-C10F5AE4AE0C}" = rport=138 | protocol=17 | dir=out | app=system |
"{8BB9258E-D22C-46CB-8E85-ABD472DC0A61}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A986D4AF-F487-4354-AA6A-8092D3F01A30}" = lport=137 | protocol=17 | dir=in | app=system |
"{ACA5F90A-9592-47D6-B770-14192A9D58DE}" = rport=139 | protocol=6 | dir=out | app=system |
"{B9C74C6F-863C-4551-91FA-C7224F7DF0E0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BB5C7AF4-36ED-4B8D-B64E-242C70418522}" = lport=138 | protocol=17 | dir=in | app=system |
"{BD6375BE-3EB4-4C51-B418-177E35E4B9B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE8F9660-2E38-4AD8-9A4F-42122CF98D3B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D1925668-D159-4D62-81BB-077C8C72CE0A}" = lport=445 | protocol=6 | dir=in | app=system |
"{FEB53D69-B592-4439-9EC0-3D4801282A9E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10A74549-02E9-4FFA-A9B4-EE118B1A7472}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2D25F3D6-9B00-4548-A187-A1509E9B0003}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{40D30D63-CE10-4C8C-B86C-96CC16770134}" = protocol=6 | dir=out | app=system |
"{47E1C642-D9B2-417D-B537-C4884699E991}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{51F6BE78-F7B0-46B6-9CE2-102FCDB761F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6001A4E6-F532-4B76-9395-95527F2CB3C2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{896A2D28-DD85-4589-B637-C78A362C7CD0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{8AD0AA77-FA5F-4B93-941E-2539CAF28244}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8EA9C992-485E-4E64-A984-5D586D54F9E9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8FBD4BBD-9DD8-4EB5-998E-A7513D6FF8FE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90602F26-2B57-4426-91C3-05DEC81F893C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{91AFB85A-709D-4943-B638-740109EABAC8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{935C7BBC-3A9D-46FA-84BC-183D8BE5C755}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{99622727-32D1-4D24-96D5-3010F993EC42}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A12B9C54-D928-4F5F-A4C5-FF9F649112FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A1B28D0F-4A52-4627-A6CA-2B18832E7248}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A4E43F11-12E1-4B37-85AE-03ADE33F11D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AEBF5687-1231-4764-B84D-A7E4421B5616}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B1E09984-8986-42E7-B2F1-521AF07DC68A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C662EBF1-1AD3-4A0A-8602-E9898BDB130F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC5D41DB-903C-42AE-9519-A621C122FF6A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D7BCB93C-A1E2-498A-82B6-9DBAB4A3F169}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E134880A-8FC3-444A-9CC7-65C9D5007052}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{ED40176A-8A07-43F4-9ECA-00F7065A600D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F522F88E-0E44-4CAF-BDE4-B4B4B6B05E97}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\bongomp3\counter-strike\hl.exe |
"{FA78C56B-AEA0-46E2-BD61-7F56CF45F40C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\bongomp3\counter-strike\hl.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.21
"WinRAR archiver" = WinRAR 4.20 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TL-WN721N/TL-WN722N Driver
"{A23AADDA-3DBF-11E2-A6F2-984BE15F174E}" = Evernote v. 4.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"BitTorrent" = BitTorrent
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Steam App 10" = Counter-Strike

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-12-15 17:15:51 | Computer Name = Komputer | Source = Application Hang | ID = 1002
Description = Program eurotrucks2.exe w wersji 1.1.41799.0 zatrzymał interakcję
z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej
informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania
Centrum akcji. Identyfikator procesu: 8f4 Godzina rozpoczęcia: 01cddb0948257f50 Godzina
zakończenia: 34 Ścieżka aplikacji: C:\Program Files (x86)\Euro Truck Simulator 2.v
1.1.1\bin\win_x86\eurotrucks2.exe Identyfikator raportu:

Error - 2012-12-15 17:18:43 | Computer Name = Komputer | Source = Application Hang | ID = 1002
Description = Program eurotrucks2.exe w wersji 1.1.41799.0 zatrzymał interakcję
z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej
informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania
Centrum akcji. Identyfikator procesu: 604 Godzina rozpoczęcia: 01cddb09b73fd1b0 Godzina
zakończenia: 42 Ścieżka aplikacji: C:\Program Files (x86)\Euro Truck Simulator 2.v
1.1.1\bin\win_x86\eurotrucks2.exe Identyfikator raportu:

[ Media Center Events ]
Error - 2012-12-15 17:38:12 | Computer Name = Komputer | Source = MCUpdate | ID = 0
Description = 22:38:12 - Nie można pobrać pakietu Directory (Błąd: Nie można połączyć
się z serwerem zdalnym)

[ System Events ]
Error - 2012-12-16 04:58:50 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-16 11:58:27 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-16 17:10:28 | Computer Name = Komputer | Source = volsnap | ID = 393252
Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie
można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.

Error - 2012-12-17 08:32:45 | Computer Name = Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: cdrom

Error - 2012-12-17 10:41:28 | Computer Name = Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2.

Error - 2012-12-17 10:41:29 | Computer Name = Komputer | Source = Disk | ID = 262155
Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2.

Error - 2012-12-17 16:21:58 | Computer Name = Komputer | Source = Service Control Manager | ID = 7034
Description = Usługa Power Manager niespodziewanie zakończyła pracę. Wystąpiło to
razy: 1.


< End of report >

[/log]

Pozdrawiam, proszę o szybką odpowiedź bo nie zasnę spokojnie :D


PS. Przy użyciu szczepionki ciągle teraz wyskakuje

http://zapodaj.net/bf9e5e64b5dd0.png.html

Gdy kliknę yes/yes to all to leci dalej ale nie naprawia tego, w Malwarebytes nie wykakuje informacja o żadnym wirusie, wiec chyba jest ok?

Gość
komentarz
komentarz

oprócz szczepionki możesz użyć na wszelki wypadek skanera Dr.web cureIT lub Kaspersky Virus removal tool a w logu aktywnego jeefo nie widziałem.
linki do tych skanerów masz w 2 poście po kliknięciu na [url="http://pc-com.pl/topic/8-poradnik-infekcje-w-plikach-wykonywalnych/"]"[b][color=#FF0000]Jeefo[/color][/b]"[/url]

  • Dobra wypowiedź 1

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.