x-kom hosting

Przycinka systemu az do kompletnego zawieszenia. Kontynuacja innego tematu.

Dawid_Dj

Dawid_Dj

utworzono
utworzono

Oto mój temat: http://www.forumpc.pl/topic/310982-regularna-przycinka-na-pare-sekud/
Daję logi do sprawdzenia.

 

OTL

[log]OTL logfile created on: 2014-02-11 10:24:19 - Run 4

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dawid\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,98 Gb Total Physical Memory | 4,75 Gb Available Physical Memory | 59,55% Memory free
15,96 Gb Paging File | 12,05 Gb Available in Paging File | 75,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 155,25 Gb Total Space | 18,09 Gb Free Space | 11,65% Space Free | Partition Type: NTFS
Drive D: | 155,16 Gb Total Space | 31,33 Gb Free Space | 20,19% Space Free | Partition Type: NTFS
Drive E: | 155,25 Gb Total Space | 19,02 Gb Free Space | 12,25% Space Free | Partition Type: NTFS
 
Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-02-02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-01-18 16:15:34 | 008,329,728 | ---- | M] (AQQ Sp. z o.o.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe
PRC - [2013-12-15 12:51:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dawid\Desktop\OTL.exe
PRC - [2013-12-08 11:33:48 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013-11-14 12:56:57 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-11-14 12:56:48 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-11-11 15:42:02 | 000,764,192 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
PRC - [2013-11-11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-10-25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013-10-25 12:07:00 | 000,878,368 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013-10-16 00:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013-04-23 08:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013-04-04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013-03-12 06:32:58 | 000,506,744 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012-01-18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-05-19 15:39:18 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011-05-19 15:39:14 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011-02-21 22:17:32 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010-12-02 03:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
PRC - [2010-11-03 10:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
PRC - [2010-10-21 10:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
PRC - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009-12-22 12:31:50 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
PRC - [2009-12-22 12:30:54 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
PRC - [2009-12-15 13:47:00 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-02-02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014-02-02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
MOD - [2014-02-02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014-02-02 00:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
MOD - [2014-02-02 00:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
MOD - [2014-02-02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2014-01-09 20:46:18 | 004,312,576 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll
MOD - [2014-01-09 09:42:44 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll
MOD - [2013-12-07 22:52:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013-12-07 22:52:54 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\41a3bd6011f301f808fac8eb53993206\IAStorCommon.ni.dll
MOD - [2013-12-07 22:52:53 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013-12-07 22:52:52 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d52b8823da05f910389b3d26bfe654c6\IAStorUtil.ni.dll
MOD - [2013-12-07 22:52:51 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013-12-07 22:52:47 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013-12-07 22:52:44 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013-12-07 22:52:42 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013-12-07 22:52:40 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013-12-07 22:52:37 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013-09-24 15:47:15 | 001,221,120 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\BirthdayReminder.dll
MOD - [2013-09-24 15:45:42 | 000,309,248 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\StealStatus.dll
MOD - [2013-09-24 15:45:21 | 000,309,248 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\Makra.dll
MOD - [2013-03-23 16:44:28 | 000,335,360 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\AQQRestarter.dll
MOD - [2013-02-02 21:39:22 | 000,095,232 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\OfflineNotify.dll
MOD - [2013-01-28 09:39:26 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll
MOD - [2013-01-15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
MOD - [2013-01-15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
MOD - [2013-01-15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
MOD - [2013-01-15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
MOD - [2012-12-16 11:34:52 | 002,831,872 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\offlinePictures.dll
MOD - [2012-12-16 11:34:21 | 000,872,448 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\Responder.dll
MOD - [2012-12-13 01:28:50 | 000,060,416 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\SpellChecker.dll
MOD - [2011-01-15 19:59:24 | 000,338,944 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\Archeolog.dll
MOD - [2010-11-13 03:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-12-22 12:31:50 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
MOD - [2009-12-22 12:30:54 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
MOD - [2009-12-22 12:30:36 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK.dll
MOD - [2009-12-22 12:30:34 | 000,065,536 | ---- | M] () -- C:\Windows\SysWOW64\LGErrorHandler.dll
MOD - [2009-12-22 12:30:28 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EngRes.dll
MOD - [2009-12-15 13:49:20 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-12-15 13:46:38 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009-04-19 16:42:06 | 000,186,880 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\QuickDel.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013-11-26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013-11-14 12:57:03 | 015,125,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013-10-13 11:02:56 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2013-06-29 22:37:42 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
SRV:64bit: - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012-12-14 14:22:32 | 003,302,536 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv)
SRV:64bit: - [2012-04-26 09:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV:64bit: - [2011-01-12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014-02-06 13:00:12 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-12-11 18:00:04 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-12-08 11:33:48 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013-11-14 12:56:48 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-11-11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-10-25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013-10-25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013-10-23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013-04-23 08:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-12-13 16:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2012-08-01 15:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-01-18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011-05-19 15:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011-03-01 17:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011-02-21 22:17:32 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2010-12-02 11:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010-12-02 03:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010-11-03 10:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc)
SRV - [2010-10-21 10:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013-11-14 12:57:13 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-11-14 12:57:05 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013-10-28 01:12:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013-10-28 01:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013-10-08 18:23:28 | 000,024,032 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:64bit: - [2013-08-29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013-07-16 11:33:04 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2013-06-28 11:45:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2013-04-23 16:30:52 | 000,093,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis)
DRV:64bit: - [2013-04-18 16:14:12 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012-12-24 16:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:64bit: - [2012-12-24 16:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtAudioBusSrv)
DRV:64bit: - [2012-12-24 16:42:26 | 000,031,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (IvtPanBusSrv)
DRV:64bit: - [2012-12-24 16:42:26 | 000,031,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)
DRV:64bit: - [2012-12-05 10:52:30 | 001,290,840 | ---- | M] (Agnitum Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\SandBox64.sys -- (SandBox)
DRV:64bit: - [2012-12-03 12:56:26 | 000,466,528 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore)
DRV:64bit: - [2012-09-03 20:27:18 | 000,040,544 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (afw)
DRV:64bit: - [2012-08-29 18:46:14 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1)
DRV:64bit: - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-06-27 14:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012-03-19 09:36:42 | 000,066,184 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Filt\ASWFilt64.dll -- (ASWFilt)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-09 07:06:36 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012-01-18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012-01-18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012-01-15 14:05:59 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-01-09 16:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012-01-09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012-01-09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012-01-09 16:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011-12-15 18:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-05-16 06:39:26 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011-05-10 17:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-24 10:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011-02-24 10:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010-12-21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010-12-21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010-12-21 13:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010-12-21 13:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010-12-21 13:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-10-19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010-09-21 11:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010-09-15 08:46:14 | 000,060,288 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MHIKEY10x64.sys -- (MHIKEY10)
DRV:64bit: - [2010-02-08 22:28:10 | 000,148,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hrmports.sys -- (HRMPORTS)
DRV:64bit: - [2010-02-08 22:28:10 | 000,133,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hrmcfgspc.sys -- (HRMCFGSPC)
DRV:64bit: - [2010-02-08 22:28:10 | 000,128,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hrmints.sys -- (HRMINTS)
DRV:64bit: - [2010-02-08 22:28:08 | 000,676,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dsfksvcs.sys -- (DSFKSVCS)
DRV:64bit: - [2010-02-08 22:28:08 | 000,035,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dsfroot.sys -- (dsfroot)
DRV:64bit: - [2010-02-08 20:58:56 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci_dsf.sys -- (usbehci_dsf)
DRV:64bit: - [2010-02-08 20:06:46 | 000,675,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\softusbk.sys -- (SOFTUSBK)
DRV:64bit: - [2010-02-08 20:06:46 | 000,366,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\softehci.sys -- (softehci)
DRV:64bit: - [2010-02-08 20:06:42 | 000,206,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\softhidusbk.sys -- (SOFTHIDUSBK)
DRV:64bit: - [2010-01-14 13:27:46 | 000,032,544 | R--- | M] (Realtek                                            ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010-01-14 13:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010-01-14 13:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010-01-14 13:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009-08-13 08:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-11-04 04:08:12 | 000,022,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GWHid.sys -- (GWHid)
DRV:64bit: - [2008-09-23 00:24:00 | 000,050,176 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\shbecr.sys -- (Tdsshbecr)
DRV:64bit: - [2008-03-30 03:16:46 | 000,031,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VL807.sys -- (VL807)
DRV - [2010-09-16 20:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009-12-22 12:30:46 | 000,019,456 | ---- | M] (LG Soft India) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\LGPII2CDriver.sys -- (LGII2CDevice)
DRV - [2009-12-22 12:30:36 | 000,016,384 | ---- | M] (LG Soft India) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\LGI2CDriver.sys -- (LGDDCDevice)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008-11-04 04:08:18 | 000,018,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GWHid.sys -- (GWHid)
DRV - [2008-03-30 03:17:18 | 000,025,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\VL807.sys -- (VL807)
DRV - [2008-02-15 16:30:48 | 000,015,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys -- (FLASHSYS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/ [binary data]
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes,DefaultScope = {01AA3507-BBE7-437F-B89A-A4E240EF067E}
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes\{01AA3507-BBE7-437F-B89A-A4E240EF067E}: "URL" = http://www.idg.pl?q={searchTerms}
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1008\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledAddons: SkipScreen%40SkipScreen:0.7.2
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: %7B3e0e7d2a-070f-4a47-b019-91fe5385ba79%7D:3.5.9
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: YoutubeDownloader%40PeterOlayev.com:2.2.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0:  File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.1: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Dawid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012-12-10 20:52:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-12-11 17:59:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-12-10 20:52:55 | 000,000,000 | ---D | M]
 
[2011-11-29 20:31:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Extensions
[2014-01-24 10:18:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions
[2013-01-07 11:31:47 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2013-08-27 11:06:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013-12-12 17:04:47 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\ascsurfingprotection@iobit.com
[2014-01-07 16:03:05 | 000,000,000 | ---D | M] (FullScreen+) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\FullScreen@muha.com
[2014-01-24 10:18:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\staged
[2014-01-16 15:40:35 | 000,252,696 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\jid0-8C9kZOXgcsBN95BaPPbaKdSHEpU@jetpack.xpi
[2013-06-20 21:59:29 | 000,255,232 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\jid1-GBYr3F9iI4n8IA@jetpack.xpi
[2013-12-05 14:20:23 | 000,703,930 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack.xpi
[2013-02-18 10:26:22 | 000,030,191 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\screensurfer@pjs.nl.xpi
[2013-07-21 08:57:20 | 000,071,038 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\SkipScreen@SkipScreen.xpi
[2013-02-04 10:44:31 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\translator@zoli.bod.xpi
[2013-01-30 16:47:08 | 000,021,356 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\uss-button@uploadscreenshot.com.xpi
[2014-01-24 10:18:54 | 000,072,997 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi
[2013-09-07 21:43:17 | 000,242,531 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi
[2013-08-02 11:11:22 | 000,224,035 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013-12-21 20:18:22 | 000,389,303 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi
[2014-01-16 21:25:40 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-12-11 17:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013-12-11 17:59:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013-12-11 17:59:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2013-12-11 17:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013-12-11 18:00:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Dokumenty Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\
CHR - Extension: Google Wallet = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012-02-26 15:44:09 | 000,000,867 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts:            127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL (IObit)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [TNOD UP] "C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe" /i File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (AQQ Sp. z o.o.)
O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [F.lux] C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1008..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableThumbnails = 0
O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  = 
O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A07E7B8-1FD9-4107-B093-43C81F346573}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook64.dll (Agnitum Ltd.)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll (Agnitum Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-06-26 21:38:36 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2013-07-24 13:54:55 | 000,000,000 | ---D | M] - E:\autocad -- [ NTFS ]
O32 - AutoRun File - [2013-06-29 23:51:50 | 000,000,000 | ---D | M] - E:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{30c971b1-15dd-11e2-b2eb-f46d04619414}\Shell - "" = AutoRun
O33 - MountPoints2\{30c971b1-15dd-11e2-b2eb-f46d04619414}\Shell\AutoRun\command - "" = K:\start.exe
O33 - MountPoints2\{706d8922-e23b-11e1-9d52-f46d04619414}\Shell - "" = AutoRun
O33 - MountPoints2\{706d8922-e23b-11e1-9d52-f46d04619414}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{ba2897de-8781-11e3-b0eb-f46d04619414}\Shell - "" = AutoRun
O33 - MountPoints2\{ba2897de-8781-11e3-b0eb-f46d04619414}\Shell\AutoRun\command - "" = L:\LG_PC_Programs.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-02-11 10:23:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dawid\Desktop\OTL.exe
[2014-02-09 11:13:03 | 000,000,000 | ---D | C] -- C:\Users\Dawid\Desktop\nadajace sie
[2014-02-06 13:01:32 | 000,000,000 | ---D | C] -- C:\Users\Dawid\Documents\K 57
[2014-01-30 16:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TNod User & Password Finder
[2014-01-22 16:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2014-01-22 16:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2014-01-21 18:07:30 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Datpol
[2014-01-21 17:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014-01-19 11:25:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2014-01-15 16:07:41 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014-01-15 16:07:41 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014-01-15 16:07:38 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
 
========== Files - Modified Within 30 Days ==========
 
[2014-02-11 10:12:52 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-11 10:00:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-02-11 09:48:44 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-11 09:48:35 | 000,000,494 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
[2014-02-11 09:48:01 | 000,032,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-02-11 09:48:00 | 000,032,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-02-11 09:40:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-02-11 09:40:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2014-02-11 09:40:08 | 2131,857,407 | -HS- | M] () -- C:\hiberfil.sys
[2014-02-10 19:44:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job
[2014-02-10 11:57:26 | 000,291,944 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014-02-10 11:57:26 | 000,291,944 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-02-09 14:37:48 | 000,291,944 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014-02-06 22:44:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job
[2014-02-06 13:04:23 | 003,722,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-02-06 13:04:23 | 001,430,882 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-02-06 13:04:23 | 001,290,900 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-02-06 13:04:23 | 000,544,654 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-02-06 13:04:23 | 000,424,572 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-02-06 13:00:11 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-02-06 13:00:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-02-02 09:36:24 | 000,000,098 | ---- | M] () -- C:\Windows\SysWow64\91207717.sys
[2014-02-01 17:02:17 | 000,001,112 | ---- | M] () -- C:\Users\Dawid\Desktop\glowny.m3u
[2014-01-26 18:12:09 | 015,547,343 | ---- | M] () -- C:\Users\Dawid\Desktop\Sunny, Tagir Sultanov - Legenda About Sunglasses At Night (Locco Lovers & Wojtala Pres. 'Develey Boyz' Bootleg) www.Electro-Blog.PL.mp3
[2014-01-16 13:52:35 | 005,148,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-01-13 22:13:27 | 000,000,132 | ---- | M] () -- C:\Users\Dawid\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
 
========== Files Created - No Company Name ==========
 
[2014-02-01 17:02:16 | 000,001,112 | ---- | C] () -- C:\Users\Dawid\Desktop\glowny.m3u
[2014-01-26 18:11:51 | 015,547,343 | ---- | C] () -- C:\Users\Dawid\Desktop\Sunny, Tagir Sultanov - Legenda About Sunglasses At Night (Locco Lovers & Wojtala Pres. 'Develey Boyz' Bootleg) www.Electro-Blog.PL.mp3
[2014-01-12 22:55:11 | 003,927,842 | ---- | C] () -- C:\Users\Dawid\Desktop\P1130015.JPG
[2013-12-28 18:09:11 | 000,000,916 | ---- | C] () -- C:\Windows\SysWow64\SHORTCUT.INI
[2013-12-28 18:08:59 | 000,000,104 | ---- | C] () -- C:\Windows\SysWow64\REMOTEDEVICE.INI
[2013-12-15 10:00:46 | 000,000,126 | ---- | C] () -- C:\Windows\wininit.ini
[2013-12-08 10:10:09 | 000,000,000 | ---- | C] () -- C:\Windows\QuickInstall.INI
[2013-12-07 23:04:54 | 000,038,418 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2013-12-07 23:04:52 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2013-12-05 16:12:26 | 000,070,904 | ---- | C] () -- C:\Windows\SysWow64\VMProtectSDK32.dll
[2013-12-05 16:11:44 | 000,311,032 | ---- | C] () -- C:\Windows\SysWow64\IVTCredentialProvider.dll
[2013-12-05 16:10:38 | 000,273,144 | ---- | C] () -- C:\Windows\SysWow64\Adpush.dll
[2013-12-01 23:23:33 | 000,000,132 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP
[2013-12-01 23:20:50 | 000,000,132 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2013-11-03 10:51:36 | 000,000,098 | ---- | C] () -- C:\Windows\SysWow64\91207717.sys
[2013-10-19 10:45:51 | 000,000,093 | ---- | C] () -- C:\Users\Dawid\AppData\Local\fusioncache.dat
[2013-06-29 22:38:42 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012-12-07 21:05:48 | 000,000,096 | ---- | C] () -- C:\Windows\BsMobileModel.ini
[2012-09-28 20:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011-12-21 13:44:05 | 000,007,645 | ---- | C] () -- C:\Users\Dawid\AppData\Local\resmon.resmoncfg
 
========== ZeroAccess Check ==========
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014-02-10 20:34:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIMP3
[2012-02-22 14:36:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIWI
[2011-12-18 16:05:40 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ashampoo
[2011-12-30 16:23:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ASUS WebStorage
[2013-11-03 10:53:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Audacity
[2013-06-29 23:33:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Autodesk
[2012-06-02 12:27:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\BANDISOFT
[2012-01-28 11:06:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2012-08-30 14:51:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CrystalIdea Software
[2012-03-29 16:09:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Lite
[2011-11-29 16:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Pro
[2012-10-20 16:48:05 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dexpot
[2014-02-04 09:17:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dropbox
[2011-12-17 20:07:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DxO Labs
[2012-01-22 19:10:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\e-pity
[2012-01-14 19:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ESET
[2012-06-09 16:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\EurekaLog
[2012-01-27 18:40:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gadu-Gadu 10
[2012-05-15 16:55:28 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GanymedeNet
[2014-01-19 20:19:29 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GG
[2013-12-14 09:28:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gholam_Inc
[2013-12-14 14:16:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\hdd_guardian
[2012-05-02 10:34:16 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HDRsoft
[2013-12-08 10:05:47 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HotSync
[2013-12-12 17:04:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IObit
[2013-10-20 11:48:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ipla
[2013-12-14 23:52:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IsolatedStorage
[2012-04-06 12:04:43 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Leadertech
[2013-12-14 18:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\LG Electronics
[2014-01-27 21:30:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\MOBILedit
[2012-12-10 18:29:23 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia
[2012-12-10 18:22:52 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia Suite
[2012-01-01 13:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nseries
[2013-04-14 17:21:31 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nvu
[2012-01-24 19:57:45 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\OpenFM
[2013-07-16 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Origin
[2011-12-17 20:06:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PACE Anti-Piracy
[2012-01-19 19:15:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PC Suite
[2013-12-24 18:44:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PearlMountain
[2011-12-24 16:59:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Personal
[2011-12-23 13:50:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PunkBuster
[2012-04-02 21:38:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Rovio
[2012-03-09 18:49:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\S.A.D
[2013-10-18 17:12:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Softativity
[2012-01-28 16:46:54 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-03-25 17:21:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SuperUtils.com
[2013-12-07 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TeamViewer
[2011-12-26 11:45:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Tific
[2014-01-18 22:37:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TS3Client
[2012-04-10 10:23:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ts3overlay
[2012-07-08 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TSNotifier
[2012-04-18 13:56:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TuneUp Software
[2012-06-07 17:35:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ubisoft
[2011-12-10 15:19:39 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ulead Systems
[2012-06-17 13:50:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinAVI
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< C:\*.* >
[2014-02-11 09:40:08 | 2131,857,407 | -HS- | M] () -- C:\hiberfil.sys
[2013-12-08 10:06:52 | 003,806,062 | ---- | M] () -- C:\HuskyInstallerLog.txt
[2014-02-11 09:40:10 | 4274,135,039 | -HS- | M] () -- C:\pagefile.sys
[2012-02-24 14:31:04 | 000,179,054 | ---- | M] () -- C:\TDSSKiller.2.7.13.0_24.02.2012_14.29.38_log.txt
[2012-03-18 12:32:45 | 000,090,740 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_18.03.2012_12.31.31_log.txt
[2012-03-18 16:39:16 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_18.03.2012_16.39.14_log.txt
[2012-02-24 14:35:44 | 000,091,570 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_24.02.2012_14.34.50_log.txt
[2012-02-26 13:14:01 | 000,092,604 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_26.02.2012_13.13.18_log.txt
[2012-03-18 16:47:27 | 000,090,740 | ---- | M] () -- C:\TDSSKiller.2.7.20.0_18.03.2012_16.46.10_log.txt
[2012-06-18 11:10:49 | 000,092,934 | ---- | M] () -- C:\TDSSKiller.2.7.20.0_18.06.2012_12.10.17_log.txt
[2009-07-14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009-07-14 06:08:49 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012-04-01 17:42:06 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012-04-11 21:02:43 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job
[2012-04-11 21:02:44 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job
[2012-07-06 16:17:38 | 000,001,042 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012-07-06 16:17:38 | 000,001,046 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013-10-20 11:41:50 | 000,000,410 | ---- | C] () -- C:\Windows\Tasks\RegCure Pro.job
[2013-10-20 11:41:52 | 000,000,494 | ---- | C] () -- C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
 
< D:\*.* >
[2012-01-24 17:23:59 | 000,258,492 | ---- | M] () -- D:\00-00-00.jpg
[2012-01-24 17:27:28 | 000,350,024 | ---- | M] () -- D:\00-00-00_et.jpg
[2012-01-24 17:23:59 | 000,256,656 | ---- | M] () -- D:\00-00-02.jpg
[2013-07-04 16:59:03 | 1557,383,068 | ---- | M] () -- D:\17 urodziny danona przejazd moto noca.avi
[2013-07-04 16:59:03 | 018,693,868 | ---- | M] () -- D:\17 urodziny danona przejazd moto noca~2.avi
[2013-07-04 16:53:17 | 000,011,264 | ---- | M] () -- D:\17 urodziny danona przejazdza moto.VSP
[2011-08-24 20:51:58 | 003,050,163 | ---- | M] () -- D:\2fotkiorygprzerobka_kolaz.jpg
[2011-08-24 20:52:54 | 002,784,026 | ---- | M] () -- D:\2fotkiorygprzerobka_kolaz22.jpg
[2011-04-02 09:47:29 | 957,273,448 | ---- | M] () -- D:\ACBSP 2011-04-02 10-43-51-23.avi
[2011-04-02 09:47:45 | 023,624,872 | ---- | M] () -- D:\ACBSP 2011-04-02 10-47-38-89.avi
[2013-11-29 19:06:05 | 000,647,626 | ---- | M] () -- D:\billing (2).txt
[2013-12-08 14:40:23 | 000,630,136 | ---- | M] () -- D:\billing (3).txt
[2013-12-14 22:55:11 | 000,192,065 | ---- | M] () -- D:\billing (4).txt
[2013-12-27 21:25:03 | 000,196,011 | ---- | M] () -- D:\billing (5).txt
[2014-01-18 20:04:57 | 000,536,412 | ---- | M] () -- D:\billing (6).txt
[2013-10-26 19:12:46 | 000,538,759 | ---- | M] () -- D:\billing.txt
[2011-02-27 15:19:06 | 559,481,986 | ---- | M] () -- D:\CoDMW2.wmv
[2012-12-17 15:43:30 | 050,040,832 | ---- | M] () -- D:\Credo Prawko B.iso
[2011-09-29 19:34:36 | 003,957,706 | ---- | M] () -- D:\crosskolaz1.jpg
[2013-03-31 19:02:38 | 004,249,281 | ---- | M] () -- D:\crosskolaz2.jpg
[2007-02-01 15:04:06 | 061,236,062 | ---- | M] () -- D:\CRYSpcVIDTRdx10.wmv
[2013-04-18 19:59:46 | 000,819,831 | ---- | M] () -- D:\dwe.mp4
[2013-12-12 18:01:19 | 000,011,007 | ---- | M] () -- D:\kontakty 07.12.2013.txt
[2013-12-12 21:00:27 | 000,014,558 | ---- | M] () -- D:\kontakty 07.12.2013.txt.docx
[2012-03-18 12:30:40 | 000,041,183 | ---- | M] () -- D:\KontaktyDawid_18.03.2012
[2012-02-24 14:26:06 | 000,041,837 | ---- | M] () -- D:\KontaktyggDawid_24.02.2012
[2012-07-04 14:54:27 | 000,041,618 | ---- | M] () -- D:\Kontakty_9207423_04.07.2012
[2012-05-15 18:15:38 | 000,040,493 | ---- | M] () -- D:\Kontakty_9207423_15.05.2012
[2012-07-29 22:16:42 | 000,041,069 | ---- | M] () -- D:\Kontakty_9207423_29.07.2012
[2012-06-17 14:09:04 | 000,927,188 | ---- | M] () -- D:\ludzie, lodożerca.mp3
[2010-02-16 18:53:20 | 000,052,070 | ---- | M] () -- D:\ludzie.amr
[2010-02-16 18:53:20 | 000,527,079 | ---- | M] () -- D:\ludzie.mp3
[2012-11-03 00:54:26 | 015,740,409 | ---- | M] () -- D:\MOV00321.3gp
[2012-11-05 21:45:27 | 2020,266,143 | ---- | M] () -- D:\Osiemnastka Danona.mp4
[2008-03-05 18:16:30 | 096,558,090 | ---- | M] () -- D:\P1010399.MOV
[2008-03-05 18:22:20 | 029,908,310 | ---- | M] () -- D:\P1010403.MOV
[2008-03-22 15:03:28 | 067,235,722 | ---- | M] () -- D:\P1020379.MOV
[2010-02-10 19:22:24 | 003,646,352 | ---- | M] () -- D:\P1080184.JPG
[2010-02-15 11:42:26 | 003,417,346 | ---- | M] () -- D:\P1080190.JPG
[2010-02-15 11:50:04 | 003,938,113 | ---- | M] () -- D:\P1080191.JPG
[2010-03-22 16:13:06 | 003,575,334 | ---- | M] () -- D:\P1080392.JPG
[2010-03-22 16:13:32 | 003,854,951 | ---- | M] () -- D:\P1080393.JPG
[2011-11-06 14:03:12 | 003,020,341 | ---- | M] () -- D:\P1160593.JPG
[2011-11-07 15:21:22 | 001,950,575 | ---- | M] () -- D:\P1160593_3.jpeg
[2011-11-27 16:39:40 | 002,506,626 | ---- | M] () -- D:\P1160754.JPG
[2011-11-27 17:19:26 | 000,773,794 | ---- | M] () -- D:\P1160754_2.jpg
[2011-11-27 17:37:50 | 000,787,302 | ---- | M] () -- D:\P1160754_3.jpeg
[2013-12-01 22:27:03 | 000,990,569 | ---- | M] () -- D:\Picture 28.jpg
[2011-10-16 17:13:10 | 000,070,941 | ---- | M] () -- D:\screen320.jpg
[2013-04-18 19:11:11 | 000,531,728 | ---- | M] () -- D:\Skok przez okno na lekcji GEOGRAFII.mp4
[2011-11-25 19:37:17 | 268,435,456 | -HS- | M] () -- D:\WinPEpge.sys
[2013-05-09 18:17:33 | 180,403,915 | ---- | M] () -- D:\wiosny - przypomnienie.psd
[2012-11-08 19:00:32 | 108,882,807 | ---- | M] () -- D:\Wojtas na Paka urodzinach.mp4
[2012-11-08 19:00:58 | 000,008,704 | ---- | M] () -- D:\Wojtas na urodzinach u Paka.VSP
 
< E:\*.* >
[2013-11-30 23:45:56 | 000,011,017 | ---- | M] () -- E:\00001.vcf
[2011-11-20 15:08:22 | 007,891,551 | ---- | M] (A.I.SOFT,INC.) -- E:\465-USB-WIN7-64-PNP-A-PL(1).EXE
[2012-06-05 18:57:45 | 094,039,935 | ---- | M] () -- E:\AC3 - Oficjalny zwiastun z E3 [PL].mp4
[2012-03-29 08:25:54 | 733,779,968 | ---- | M] () -- E:\american pie 6 beta house lektor pl.avi
[2012-04-02 21:32:34 | 034,995,726 | ---- | M] () -- E:\Angry Birds Space 1.0.0.THETA www.exsite.pl.rar
[2012-06-11 15:14:57 | 729,248,342 | ---- | M] () -- E:\bf3_2012_06_11_16_10_49_808.avi
[2012-10-07 12:00:23 | 071,831,387 | ---- | M] () -- E:\BF3_Premium_Guide02_EN_v2.pdf
[2012-12-30 12:28:09 | 090,682,025 | ---- | M] () -- E:\BF3_Premium_Guide03_EN.pdf
[2013-04-02 13:30:22 | 081,254,005 | ---- | M] () -- E:\BF3_Premium_Guide04_EN.pdf
[2013-12-14 22:55:11 | 000,192,065 | ---- | M] () -- E:\billing 05.12.2013 - 14.12.2013.txt
[2013-12-08 14:40:23 | 000,630,136 | ---- | M] () -- E:\billing 09.11.2013 - 08.12.2013.txt
[2014-01-18 20:04:57 | 000,536,412 | ---- | M] () -- E:\billing 20.12.2013 - 18.01.2014.txt
[2013-10-26 19:12:46 | 000,538,759 | ---- | M] () -- E:\billing 27.09.2013 - 26.10.2013.txt
[2013-12-27 21:25:03 | 000,196,011 | ---- | M] () -- E:\billing 28.11.2013 - 27.12.2013.txt
[2013-12-08 17:41:49 | 000,181,408 | ---- | M] () -- E:\billing 29.11-08.12.txt
[2013-11-29 19:06:05 | 000,647,626 | ---- | M] () -- E:\billing 31.10.2013 - 29.11.2013.txt
[2011-04-22 23:11:50 | 726,675,276 | ---- | M] () -- E:\cfy-newkids.avi
[2011-04-25 23:59:46 | 000,032,634 | ---- | M] () -- E:\cfy-newkids.txt
[2011-11-26 09:03:16 | 000,042,101 | ---- | M] () -- E:\Dawidkontakty_26.11.2011
[2012-11-02 09:56:54 | 000,000,680 | ---- | M] () -- E:\dedykacje.txt
[2012-06-03 12:39:43 | 108,508,108 | ---- | M] () -- E:\F1 2012 Monaco GP Official race edit.mp4
[2012-07-23 18:23:49 | 017,532,198 | ---- | M] () -- E:\iCEnhancer2_1FINAL.zip
[2011-07-01 18:45:10 | 000,000,198 | ---- | M] () -- E:\kod corel x4 video.txt
[2013-12-12 18:01:19 | 000,011,007 | ---- | M] () -- E:\kontakty 07.12.2013 (2).txt
[2013-12-12 18:01:19 | 000,011,007 | ---- | M] () -- E:\kontakty 07.12.2013.txt
[2013-12-12 21:00:27 | 000,014,558 | ---- | M] () -- E:\kontakty 07.12.2013.txt.docx
[2011-11-13 10:47:12 | 003,035,825 | ---- | M] () -- E:\livebox_USB_Vista_7_366825985.zip
[2013-12-15 12:50:09 | 000,003,752 | ---- | M] () -- E:\MBAM.txt
[2011-12-19 20:56:59 | 000,000,528 | R--- | M] () -- E:\MediaID.bin
[2012-05-31 15:56:34 | 011,042,294 | ---- | M] () -- E:\Nie pomalujesz ! To je amelinium (Oryginał HD)~1.mp4
[2013-12-09 16:26:56 | 000,000,020 | ---- | M] () -- E:\nieznajomy 2.txt
[2013-12-02 21:32:12 | 000,000,009 | ---- | M] () -- E:\nieznajomy.txt
[2010-03-20 17:11:58 | 068,484,620 | ---- | M] () -- E:\Opel_Omega_B_sam_naprawiam.pdf
[2012-11-07 19:30:03 | 155,786,365 | ---- | M] () -- E:\The_Origin_of_Battlefield_1942.pdf
[2013-10-12 10:05:17 | 002,823,266 | ---- | M] () -- E:\trasa.png
[2013-12-15 15:51:57 | 000,002,080 | ---- | M] () -- E:\ustawienia sim.txt
[2012-02-27 16:56:16 | 000,023,055 | ---- | M] () -- E:\video.pass
[2012-02-19 20:42:43 | 000,000,025 | ---- | M] () -- E:\wirus zawiecha.bat
[2013-01-10 21:03:40 | 322,319,705 | ---- | M] () -- E:\[nvmovies][archiwum prywatne] tough night 12'_13'.mp4
[1 E:\*.tmp files -> E:\*.tmp -> ]
 
< F:\*.* >
 
< G:\*.* >
 
< H:\*.* >
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %APPDATA%\*. >
[2012-05-05 12:49:30 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe
[2012-04-22 10:11:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe Mini Bridge CS5
[2012-01-28 16:46:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe Mini Bridge CS5.1
[2014-02-10 20:34:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIMP3
[2012-02-22 14:36:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIWI
[2013-11-02 14:26:13 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Apple Computer
[2011-12-18 16:05:40 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ashampoo
[2011-12-30 16:23:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ASUS WebStorage
[2013-11-03 10:53:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Audacity
[2013-06-29 23:33:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Autodesk
[2012-06-02 12:27:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\BANDISOFT
[2011-11-30 21:43:03 | 000,000,000 | R--D | M] -- C:\Users\Dawid\AppData\Roaming\Brother
[2012-01-28 11:06:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2011-12-10 15:11:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Corel
[2012-08-30 14:51:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CrystalIdea Software
[2012-01-01 18:50:36 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CyberLink
[2012-03-29 16:09:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Lite
[2011-11-29 16:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Pro
[2012-10-20 16:48:05 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dexpot
[2014-02-04 09:17:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dropbox
[2011-12-17 20:07:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DxO Labs
[2012-01-22 19:10:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\e-pity
[2012-01-14 19:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ESET
[2012-06-09 16:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\EurekaLog
[2012-01-27 18:40:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gadu-Gadu 10
[2012-05-15 16:55:28 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GanymedeNet
[2014-01-19 20:19:29 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GG
[2013-12-14 09:28:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gholam_Inc
[2013-12-14 14:16:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\hdd_guardian
[2012-05-02 10:34:16 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HDRsoft
[2013-12-08 10:05:47 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HotSync
[2011-11-29 15:51:59 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Identities
[2011-11-29 16:01:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\InstallShield
[2011-11-29 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Intel Corporation
[2013-12-12 17:04:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IObit
[2013-10-20 11:48:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ipla
[2013-12-14 23:52:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IsolatedStorage
[2012-04-06 12:04:43 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Leadertech
[2013-12-14 18:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\LG Electronics
[2011-11-29 17:46:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Macromedia
[2013-12-12 19:45:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Malwarebytes
[2011-04-12 14:32:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Media Center Programs
[2013-12-23 10:37:25 | 000,000,000 | --SD | M] -- C:\Users\Dawid\AppData\Roaming\Microsoft
[2014-01-27 21:30:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\MOBILedit
[2012-06-10 20:05:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Mozilla
[2012-12-10 18:29:23 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia
[2012-12-10 18:22:52 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia Suite
[2012-01-01 13:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nseries
[2011-12-10 15:18:51 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\NVIDIA
[2013-04-14 17:21:31 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nvu
[2012-01-24 19:57:45 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\OpenFM
[2013-07-16 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Origin
[2011-12-17 20:06:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PACE Anti-Piracy
[2012-01-19 19:15:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PC Suite
[2013-12-24 18:44:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PearlMountain
[2011-12-24 16:59:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Personal
[2011-12-23 13:50:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PunkBuster
[2012-04-02 21:38:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Rovio
[2012-03-09 18:49:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\S.A.D
[2011-12-10 19:08:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SecuROM
[2014-02-11 10:23:58 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Skype
[2013-10-18 17:12:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Softativity
[2012-01-28 16:46:54 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-03-25 17:21:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SuperUtils.com
[2013-12-07 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TeamViewer
[2011-12-26 11:45:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Tific
[2014-01-18 22:37:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TS3Client
[2012-04-10 10:23:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ts3overlay
[2012-07-08 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TSNotifier
[2012-04-18 13:56:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TuneUp Software
[2012-08-09 17:50:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\U3
[2012-06-07 17:35:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ubisoft
[2011-12-10 15:19:39 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ulead Systems
[2012-12-17 21:15:03 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\vlc
[2012-06-17 13:50:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinAVI
[2011-11-29 18:43:58 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinRAR
 
< %SYSTEMDRIVE%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
 
< MD5 for: BEEP.SYS  >
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
 
< MD5 for: EXPLORER.EXE  >
[2011-02-26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012-02-27 16:40:42 | 000,004,608 | ---- | M] () MD5=181066E31AD20869CF049262A0DB0BC2 -- C:\Users\Dawid\AppData\Local\Xenocode\ApplianceCaches\GameCamV2.exe_v049D98E1\Native\STUBEXE\@SYSTEM@\explorer.exe
[2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-02-26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010-11-21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010-11-21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: NTFS.SYS  >
[2010-11-21 04:23:55 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2011-03-11 07:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011-03-11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys
[2013-04-12 15:16:02 | 001,686,888 | ---- | M] (Microsoft Corporation) MD5=A6AE4551BF8EED09FA3B6FCDF472F3E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22297_none_04cd2f154ce71430\ntfs.sys
[2013-04-12 15:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\SysNative\drivers\ntfs.sys
[2013-04-12 15:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18127_none_048f41be3390b0cf\ntfs.sys
 
< MD5 for: SVCHOST.EXE  >
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013-04-04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013-04-04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< %systemroot%\system32\ws2_32.dll /md5 >
[2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\system32\ws2_32.dll
 
< %systemroot%\system32\kernel32.dll /md5 >
[2013-08-02 02:50:41 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=365A5034093AD9E04F433046C4CDF6AB -- C:\Windows\system32\kernel32.dll
 
< %systemroot%\system32\user32.dll /md5 >
[2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\system32\user32.dll
 
< %systemroot%\Tasks\*.* /lockedfiles >
[2014-01-30 14:18:12 | 000,032,608 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Restore Points Found ==========
 
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Users\All Users] ->  -> Unknown point type
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 117 bytes -> C:\Users\All Users\Temp:1C209B86
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:1C209B86
 
< End of report >
 

[/log]

 

 

Extras

[log]OTL Extras logfile created on: 2014-02-11 10:24:19 - Run 4

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dawid\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,98 Gb Total Physical Memory | 4,75 Gb Available Physical Memory | 59,55% Memory free
15,96 Gb Paging File | 12,05 Gb Available in Paging File | 75,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 155,25 Gb Total Space | 18,09 Gb Free Space | 11,65% Space Free | Partition Type: NTFS
Drive D: | 155,16 Gb Total Space | 31,33 Gb Free Space | 20,19% Space Free | Partition Type: NTFS
Drive E: | 155,25 Gb Total Space | 19,02 Gb Free Space | 12,25% Space Free | Partition Type: NTFS
 
Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{067202FA-FB20-4EB7-989C-3859D15A1A09}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{08617120-8914-4034-81A7-07F0E96341F7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0A0401B9-7C28-4978-92A1-F1C0DAB985F4}" = rport=137 | protocol=17 | dir=out | app=system | 
"{0C2D0C78-D8C8-44CF-A1A2-5238B6DA2BC9}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{15026F90-DF7B-4407-8E41-D8144DD71D21}" = lport=139 | protocol=6 | dir=in | app=system | 
"{1DF44B3D-2AEC-4987-8985-BC178E1854E6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{2056652C-64D8-406A-833D-6C60F4CAD105}" = lport=445 | protocol=6 | dir=in | app=system | 
"{34F6984E-9E3A-4CA0-AB14-89BFEB84E13B}" = rport=138 | protocol=17 | dir=out | app=system | 
"{455C4DD2-462D-41A9-B20B-8BB1CF806EC9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{55D70FE6-9318-4287-97A0-41A1C845C476}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{69ED7FA8-A8E7-4770-A760-869558C00481}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{6E8A9786-641D-4CEB-89C0-A492DAB26BDB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{72190C1D-61E2-4C6C-88ED-2D2E0504770D}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service | 
"{7508478E-8008-474A-889D-16DD679EFFDB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{84F9193D-E4CC-48B9-B414-FAEE61C4743E}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{8E8809CC-569C-4C58-9627-B36CD5BF1BBA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{940EE33A-50AB-4FD8-B12B-EC21CF159CE4}" = lport=137 | protocol=17 | dir=in | app=system | 
"{945C2275-D6D1-4012-9150-946901ED2278}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{95285DB7-1613-446F-8431-25FABB39FD48}" = rport=139 | protocol=6 | dir=out | app=system | 
"{98F4E4AC-F703-4428-A545-D1E34715706D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{AC8948A1-102B-4E2F-AB51-3CB8C250D943}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C3593B60-2EE2-451B-BF16-5A5B5DA71575}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{D38BC28C-53D5-4F97-A114-10921CE535E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E046E66E-2BA8-47E7-B241-14FB35D31792}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E16E2025-DAC2-4C81-A49F-A1F5AA7A7287}" = rport=445 | protocol=6 | dir=out | app=system | 
"{EDBC7A31-AD62-4076-8BDB-9C8A88A78691}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F65A4E17-26ED-4A02-AE9C-D2CE5AF2349B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{FA020FF2-3D82-4E52-A80C-B12396CD4BCC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FF2A64AB-D235-418C-8078-A91BC721692B}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0994B7F4-A440-43F3-A425-F5FB71A3C646}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{11AFD906-3D0C-4529-B2F7-E96D329F44D6}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{1547B707-677E-423F-963C-1BCD7E6ECA49}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{155B3876-96A3-4635-A945-41CBC093DA96}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{17408F70-A0BE-47E6-821B-4C78EF466E5D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{1923B629-1606-475F-8A22-4543D60282AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1BDBDD68-5592-481E-B245-B6EBE8125D51}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{211AC75A-4C3C-4AB0-B157-D032317CE3BC}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe | 
"{268D7F68-795E-4EDF-A3D0-38024AB63B31}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{27792FA4-ED21-426D-8B4A-07B6441308A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{314633D4-3B56-4999-B903-DE7D7749B1EF}" = protocol=17 | dir=in | app=c:\users\dawid\desktop\autocad_2014_polish_win_32-64bit_wi_pl-pl_setup(1).exe | 
"{349F502C-C633-4EF7-981D-8680E3DB882F}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{37B31DAF-F223-415F-B3BC-ABFC680CFF05}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{39BEEA53-78C3-4308-9752-8752A39A5F81}" = protocol=6 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe | 
"{3E582B93-96E3-4EBD-88BA-4F2D7136CBFD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3E5E3B04-9BB5-4D30-A074-CC4FE5E90979}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4B514292-0C6E-4BDC-9689-3DD074FCDCC5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{4D428C51-2BEE-4066-A114-0649CA63A237}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5329B928-7976-48ED-90ED-2111BD0BC075}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe | 
"{54E557F5-7305-41C0-88C4-2CD09C411590}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{557A165E-8394-4329-8B79-54D0E4E1635E}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{5860B855-191C-421A-BE61-3856368EC406}" = protocol=6 | dir=out | app=system | 
"{5E208D2A-D49F-428F-BEBC-62F13AA8DF47}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{5FC06493-E879-49B3-B8AF-70FB206C8244}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe | 
"{5FF66FF0-99C5-4943-868B-9B1D4DC5BCBF}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe | 
"{69CF4335-01A6-4CED-97E7-F5A2F4A035AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6A916F85-06B8-4F93-862B-CBADCBAC8B37}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{6BC4FC3B-0055-451D-B0F1-1CA4354C3430}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{6BD161BB-80B2-419A-84A0-C3DD6A2D53BA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{6FE05B75-77B9-4AC4-B3CF-73127C628181}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{71B4DF4C-E5F5-490B-A14B-528DB99F2FAB}" = protocol=6 | dir=in | app=c:\users\dawid\desktop\autocad_2014_polish_win_32-64bit_wi_pl-pl_setup(1).exe | 
"{72A68625-7110-4C80-A9B4-3A29FD75A4BD}" = dir=out | app=%programfiles%\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe | 
"{7540C063-5F62-4114-963B-03F2A6B3DCB6}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | 
"{7B48A4C2-5C13-41CF-9322-08B5F2005FFA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{7D0F0EB6-7DE4-4730-8A84-14A0C5FB9B5A}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe | 
"{804FCF24-CAF3-4EEE-9855-DC1777C862BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{81050B87-9B31-4BBE-862A-A0A0EEE91FA1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{82D90AD8-4023-44BE-A944-68D354B1CF37}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{856CCCDB-3FFA-4BC1-BF20-2E4C24F60028}" = protocol=6 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe | 
"{886950DC-2A5F-465E-9FCA-C70D06C22D15}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8CF69D1F-1869-427D-A08B-1789CAAFF66C}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{918512A2-A5F4-46CC-8F48-9FE8DAEAC9F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{972012F9-A2E9-4486-A0C6-CD8296E06ACF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A3B4FACB-2D8B-4947-BB51-F25C51C631DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{A6B25DF3-55A1-4EDA-9A0F-18AA6D2B17AC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{AA197DE7-2835-45D7-9199-51F1638D6F6F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{AC56FB77-6D62-40F8-89DC-6ED0EE5A99DA}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{ADB91B4E-26E2-4614-A154-E5391E0DE910}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{AF240F08-E43F-4284-9E1A-CDE86C3473A0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B08BF8EF-0172-405D-B245-493336237DF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B65E9A0B-01F4-4838-822C-32C66F19176E}" = protocol=17 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe | 
"{BDC8AED4-5753-4AF2-A3F1-A6C8EB066D35}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{C5A4A066-BCFA-4A67-AAFA-68CE3BE34B3B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{C9B3ADEC-EFED-462B-B888-1152FE7B5DF1}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe | 
"{D9A4E547-A2FA-4A47-B920-4A6050FB4DEF}" = dir=in | app=%programfiles%\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe | 
"{DA3FE40C-A3A2-4573-8984-B14BB46C3162}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{DB6C9C1C-1AA6-43EB-9EAE-BDA940C38114}" = protocol=17 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe | 
"{DBAFEFB0-F5C7-465D-BD9C-D72E7BEE9E38}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{DBCB690B-0D26-4EE8-8CD1-F916EC209E31}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleil_.exe | 
"{E23BF599-26BB-4BA7-86D7-38FCD4658758}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{E2D3E600-3393-469C-BD1C-8523FB809ADF}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | 
"{E506569D-F227-406C-891D-7A8DA3F00761}" = dir=in | app=%userprofile%\desktop\autocad_2014_polish_win_32-64bit_wi_pl-pl_setup(1).exe | 
"{EA8AB3D3-CE48-4B25-AE67-461BC640B2CA}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{EB0F49C9-F2CE-4318-836B-C6031828F82B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F24E0B31-0810-4AF2-9C22-CD751D32D5D8}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleil_.exe | 
"{F86C79D9-F2E2-4A38-8AF1-C7D7CF073B71}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
"{FE95D3EE-2BD6-4AB6-A481-1821AD85F5AE}" = dir=in | app=c:\users\dawid\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{FF1FDAEF-4032-4CAF-A83E-90BB02BC901D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{20E5E139-277F-4FE3-BD6A-9B8FAEF19923}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | 
"TCP Query User{31A581B6-EDDF-48A9-9744-9A780BDC3A47}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{4E045403-787D-4FA4-9FC1-6EE89CA8F79C}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | 
"TCP Query User{FA13BBD2-A698-4B79-A13D-76D8131243F1}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | 
"TCP Query User{FFD469CF-B67B-4D9E-BEB4-3E4C06DB7E4F}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{0D693FB2-E70D-4B2C-B438-406442314D17}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{4A72E3D2-B3EB-4A99-99B1-868AFC15C286}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | 
"UDP Query User{6611A0CD-E5E2-420C-9591-EC9600EA206F}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | 
"UDP Query User{78DEA512-3DC6-4CDD-8422-12AACEC967A7}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | 
"UDP Query User{AF5EAD91-35EB-4B38-9D64-F1886ACE2EAD}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English
"{33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}" = ESET Smart Security
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3DCF00F5-04A5-4543-A088-70548081120E}_is1" = Compiled Driver Disc (Full) 1.0
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK)
"{48BB9EBA-C929-4D7E-AF43-21B4427373EB}" = AIWI JoyStick
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish)
"{5783F2D7-D001-0415-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack – Polski (Polish)
"{5783F2D7-D001-0415-2102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{669A82E0-43E2-4645-8A2E-1A3DE78F8312}" = Adobe Photoshop Lightroom 4 64-bit
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 331.82
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.7.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 9.3.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.9
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{C7966AB3-A8D9-48D5-B7DF-922674C40098}" = Device Simulation Framework 1.0.1
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro 8.0
"AutoCAD 2014 — Polski (Polish)" = Autodesk AutoCAD 2014 — Polski (Polish)
"Autodesk ReCap" = Autodesk ReCap
"AutoHotkey" = AutoHotkey 1.1.13.01
"BurnInTest_is1" = BurnInTest v7.1 Pro
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"CyberGhost VPN_is1" = CyberGhost VPN Patch 4.7.19
"JottiQSetup_is1" = JottiQ v1.0.2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TNod" = TNod User & Password Finder
"WinRAR archiver" = WinRAR 4.11 (64-bitowy)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.5.0
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{266725C1-716F-43AC-BBFB-4201131ED656}" = EasySetPackage
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker
"{2E6044C5-3495-485F-91BC-46D1B6430E51}" = Windows 7 Logon Background Changer
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F6C0B68-F8CC-4F6A-8346-44E247A92CB6}_is1" = Multi AV wersja 1.0.1
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C35E42C-98B4-4A82-87C7-8E73FBDDFBCC}" = AIMP2 MegaPack v6 by UppeD
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8304}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8305}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8306}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8307}" = Grand Theft Auto IV
"{55031CEF-CE75-4A5C-8DEA-60577820529B}" = LG United Mobile Drivers
"{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}" = TS Notifier
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Oprogramowanie
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C4F2AE9-4D57-4A5D-B20A-B52DC24EC953}_is1" = Counter-Strike 1.6 v40
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit)
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}" = Machinery DEMO
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F196892-666A-4A40-8587-6AE38F78A5C2}" = FARO LS 1.1.501.0
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}" = Microsoft Keyboard Layout Creator 1.4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A864167F-970B-4673-8FD2-AA1FD7AF3C1C}" = DxO Optics Pro 7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}" = Speed-Link SL-6535 USB Pad
"{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI
"{B4008666-3C27-4B67-9D89-80B4E31FA685}" = Paraben's Device Seizure
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C547F361-5750-4CD1-9FB6-BC93827CB6C1}" = RegCure Pro
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1" = MOBILedit! Enterprise ver. 7.5.0.4173
"{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}" = Disk Unlocker
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40963EC-223E-4E65-8CF0-A60E9A227245}_is1" = Prawo Jazdy ABCDT - egzamin wewnętrzny 
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{FA1BD6B7-9740-4C9A-81EA-42D5196FA592}" = Angry Birds Space
"{FC274982-5AAD-4C20-848D-A9D60D18D757}_is1" = ScanMyReg 2.02
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"Afterburner" = MSI Afterburner 2.3.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.30
"AIMP3" = AIMP3
"AQQ" = WapSter AQQ
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3 v.3.20
"Ashampoo Snap 4_is1" = Ashampoo Snap 4 v.4.3.0
"ASUS WebStorage" = ASUS WebStorage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Audacity_is1" = Audacity 2.0.4
"Autodesk Content Service" = Autodesk Content Service
"Battlelog Web Plugins" = Battlelog Web Plugins
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"DFX for AIMP2 1.2.5" = DFX for AIMP2 1.2.5
"easyHDR_BASIC_2" = easyHDR BASIC 2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"ExifCleaner" = ExifCleaner 1.7
"FormatFactory" = FormatFactory 3.0.1
"FotoSender_is1" = FotoSender 3.0
"Fraps" = Fraps (remove only)
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"Google Chrome" = Google Chrome
"HD Tune Pro_is1" = HD Tune Pro 3.00
"Image Grabber II" = Image Grabber II
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"ipla" = ipla 2.6.2
"JDownloader" = JDownloader
"jv16 PowerTools_is1" = jv16 PowerTools 1.3
"KLiteCodecPack_is1" = K-Lite Codec Pack 10.0.5 Full
"Komputer Świat Plus_is1" = Komputer Świat Plus
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LAME_is1" = LAME v3.99.3 (for Windows)
"LG PC Suite" = LG PC Suite
"Lightning_is1" = Lightning
"Liveupdate4_is1" = Liveupdate4
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300
"Mozilla Firefox 24.0 (x86 pl)" = Mozilla Firefox 24.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Nvu_is1" = Nvu 1.0
"OCCT" = OCCT 4.2.0
"Origin" = Origin
"PC Alert 4" = PC Alert 4
"PowerISO" = PowerISO
"Protected Folder_is1" = Protected Folder
"PunkBusterSvc" = PunkBuster Services
"Silver Efex Pro 2" = Silver Efex Pro 2
"SM7192" = USB Cobra Joystick V4
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 8" = TeamViewer 8
"The KMPlayer" = The KMPlayer (remove only)
"Undelete 360_is1" = Undelete 360
"Uninstall Tool_is1" = Uninstall Tool
"Uplay" = Uplay
"Uplay Install 273" = Assassin's Creed IV Black Flag
"VCardExport_is1" = VCardExportTool
"Visual Watermark_is1" = Visual Watermark 2.9.30
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Podstawowe programy Windows Live
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dexpot" = Dexpot
"Flux" = f.lux
"GG" = GG
"KeyTurion" = KeyTurion version 2.8
"Polska lokalizacja Lightroom 4" = Polska lokalizacja Lightroom 4
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2014-02-09 13:40:32 | Computer Name = Dawid-Komputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10031
 
Error - 2014-02-09 13:40:32 | Computer Name = Dawid-Komputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10031
 
Error - 2014-02-09 13:40:33 | Computer Name = Dawid-Komputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 2014-02-09 13:40:33 | Computer Name = Dawid-Komputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11030
 
Error - 2014-02-09 13:40:33 | Computer Name = Dawid-Komputer | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11030
 
Error - 2014-02-10 05:15:56 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 2014-02-10 05:15:56 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 2014-02-10 05:17:01 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-02-11 04:40:50 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 2014-02-11 04:40:50 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description = 
 
Error - 2014-02-11 04:41:59 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 2012-01-10 12:31:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:31:51 - Błąd podczas nawiązywania połączenia z Internetem.  17:31:51
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-10 12:31:59 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:31:56 - Błąd podczas nawiązywania połączenia z Internetem.  17:31:56
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-11 13:15:09 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 18:15:09 - Błąd podczas nawiązywania połączenia z Internetem.  18:15:09
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-11 13:15:17 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 18:15:14 - Błąd podczas nawiązywania połączenia z Internetem.  18:15:14
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-12 12:01:15 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:01:15 - Błąd podczas nawiązywania połączenia z Internetem.  17:01:15
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-12 12:01:24 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:01:20 - Błąd podczas nawiązywania połączenia z Internetem.  17:01:20
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-13 11:45:32 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 16:45:32 - Błąd podczas nawiązywania połączenia z Internetem.  16:45:32
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-13 11:45:42 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 16:45:37 - Błąd podczas nawiązywania połączenia z Internetem.  16:45:37
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-14 10:05:39 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 15:05:39 - Błąd podczas nawiązywania połączenia z Internetem.  15:05:39
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-14 10:05:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 15:05:47 - Błąd podczas nawiązywania połączenia z Internetem.  15:05:47
 -     Nie można skontaktować się z serwerem..  
 
[ OSession Events ]
Error - 2014-01-06 11:09:30 | Computer Name = Dawid-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 2014-02-09 06:24:03 | Computer Name = Dawid-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 11:22:08 na ?2014-?02-?09 było 
nieoczekiwane.
 
Error - 2014-02-09 06:24:49 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego 
lub systemowego:   BTHidMgr
 
Error - 2014-02-09 06:25:57 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2014-02-09 15:34:47 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2014-02-10 05:15:48 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego 
lub systemowego:   BTHidMgr
 
Error - 2014-02-10 05:55:03 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2014-02-10 09:01:56 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2014-02-10 12:53:46 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2014-02-11 04:40:40 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego 
lub systemowego:   BTHidMgr
 
Error - 2014-02-11 04:48:40 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
 
< End of report >
 

[/log]

 

 

Gmer

[log]GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2014-02-11 10:50:22
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: gmer.exe; Driver: C:\Users\Dawid\AppData\Local\Temp\awddikob.sys
 
 
---- Kernel code sections - GMER 2.1 ----
 
.text   C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                                                                                 fffff960000f3e00 7 bytes [00, 96, F3, FF, 01, A1, F0]
.text   C:\Windows\System32\win32k.sys!W32pServiceTable + 8                                                                                                                                             fffff960000f3e08 3 bytes [C0, 06, 02]
.text   ...                                                                                                                                                                                             * 102
.text   C:\Windows\System32\win32k.sys!EngFindResource + 832                                                                                                                                            fffff960001bde20 14 bytes {JMP QWORD [RIP+0x0]}
.text   C:\Windows\System32\win32k.sys!XFORMOBJ_bApplyXform + 404                                                                                                                                       fffff96000218640 14 bytes {JMP QWORD [RIP+0x0]}
 
---- User code sections - GMER 2.1 ----
 
.text   C:\Windows\system32\wininit.exe[736] C:\Windows\SYSTEM32\ntdll.dll!NtCreateProcessEx                                                                                                            00000000771e1780 5 bytes [FF, 25, 6D, 14, 00]
.text   C:\Windows\system32\wininit.exe[736] C:\Windows\SYSTEM32\ntdll.dll!NtCreateProcess                                                                                                              00000000771e1cd0 5 bytes [FF, 25, 15, 0F, 00]
.text   C:\Windows\system32\wininit.exe[736] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess                                                                                                          00000000771e1d80 5 bytes [FF, 25, E1, 10, 00]
.text   C:\Windows\system32\wininit.exe[736] C:\Windows\SYSTEM32\ntdll.dll!NtWorkerFactoryWorkerReady + 11                                                                                              00000000771e2beb 16 bytes [D0, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\wininit.exe[736] C:\Windows\SYSTEM32\ntdll.dll!RtlZeroMemory + 7                                                                                                            00000000771e2e67 8 bytes {JMP 0x2b}
.text   C:\Windows\system32\wininit.exe[736] C:\Windows\system32\USER32.dll!UnregisterClassW + 212                                                                                                      000000007709d538 14 bytes [30, E0, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\wininit.exe[736] C:\Windows\system32\USER32.dll!SetWindowPos                                                                                                                00000000770a3c50 6 bytes {JMP QWORD [RIP+0xa0]}
.text   C:\Windows\system32\wininit.exe[736] C:\Windows\system32\USER32.dll!SetWindowPos + 166                                                                                                          00000000770a3cf6 8 bytes [A0, E0, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\wininit.exe[736] C:\Windows\system32\USER32.dll!mouse_event + 212                                                                                                           00000000770b3968 14 bytes {AND CL, 0xf1; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]}
.text   C:\Windows\system32\wininit.exe[736] C:\Windows\system32\USER32.dll!VkKeyScanW + 20                                                                                                             00000000770e06f8 14 bytes {LOOPZ 0xfffffffffffffff4; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]}
.text   C:\Windows\system32\services.exe[800] C:\Windows\SYSTEM32\ntdll.dll!NtCreateProcessEx                                                                                                           00000000771e1780 5 bytes [FF, 25, 6D, 14, 00]
.text   C:\Windows\system32\services.exe[800] C:\Windows\SYSTEM32\ntdll.dll!NtCreateProcess                                                                                                             00000000771e1cd0 5 bytes [FF, 25, 15, 0F, 00]
.text   C:\Windows\system32\services.exe[800] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess                                                                                                         00000000771e1d80 5 bytes [FF, 25, E1, 10, 00]
.text   C:\Windows\system32\services.exe[800] C:\Windows\SYSTEM32\ntdll.dll!NtWorkerFactoryWorkerReady + 11                                                                                             00000000771e2beb 16 bytes [D0, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\services.exe[800] C:\Windows\SYSTEM32\ntdll.dll!RtlZeroMemory + 7                                                                                                           00000000771e2e67 8 bytes {JMP 0x2b}
.text   C:\Windows\system32\services.exe[800] C:\Windows\system32\USER32.dll!UnregisterClassW + 212                                                                                                     000000007709d538 14 bytes [30, E0, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\services.exe[800] C:\Windows\system32\USER32.dll!SetWindowPos                                                                                                               00000000770a3c50 6 bytes {JMP QWORD [RIP+0xa0]}
.text   C:\Windows\system32\services.exe[800] C:\Windows\system32\USER32.dll!SetWindowPos + 166                                                                                                         00000000770a3cf6 8 bytes [A0, E0, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\services.exe[800] C:\Windows\system32\USER32.dll!mouse_event + 212                                                                                                          00000000770b3968 14 bytes {AND CL, 0xf1; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]}
.text   C:\Windows\system32\services.exe[800] C:\Windows\system32\USER32.dll!VkKeyScanW + 20                                                                                                            00000000770e06f8 14 bytes {LOOPZ 0xfffffffffffffff4; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]}
.text   C:\Windows\system32\winlogon.exe[836] C:\Windows\system32\USER32.dll!UnregisterClassW + 212                                                                                                     000000007709d538 14 bytes [30, E0, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\winlogon.exe[836] C:\Windows\system32\USER32.dll!SetWindowPos                                                                                                               00000000770a3c50 6 bytes {JMP QWORD [RIP+0xa0]}
.text   C:\Windows\system32\winlogon.exe[836] C:\Windows\system32\USER32.dll!SetWindowPos + 166                                                                                                         00000000770a3cf6 8 bytes [A0, E0, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\winlogon.exe[836] C:\Windows\system32\USER32.dll!mouse_event + 212                                                                                                          00000000770b3968 14 bytes {AND CL, 0xf1; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]}
.text   C:\Windows\system32\winlogon.exe[836] C:\Windows\system32\USER32.dll!VkKeyScanW + 20                                                                                                            00000000770e06f8 14 bytes {LOOPZ 0xfffffffffffffff4; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]}
.text   C:\Windows\system32\svchost.exe[976] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                       00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                              0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                       0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                  0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                  0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExW + 17                                                                  0000000076e91401 2 bytes JMP 000000010779a47c
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!EnumProcessModules + 17                                                                    0000000076e91419 2 bytes JMP 000000010779a494
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 17                                                                  0000000076e91431 2 bytes JMP 000000010779a4ac
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 42                                                                  0000000076e9144a 2 bytes JMP 0000000076f5fcc5
.text   ...                                                                                                                                                                                             * 9
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!EnumDeviceDrivers + 17                                                                     0000000076e914dd 2 bytes JMP 000000010779a558
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameA + 17                                                              0000000076e914f5 2 bytes JMP 000000010779a570
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSetEx + 17                                                                     0000000076e9150d 2 bytes JMP 000000010779a588
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameW + 17                                                              0000000076e91525 2 bytes JMP 000000010779a5a0
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameW + 17                                                                    0000000076e9153d 2 bytes JMP 000000010779a5b8
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!EnumProcesses + 17                                                                         0000000076e91555 2 bytes JMP 000000010779a5d0
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetProcessMemoryInfo + 17                                                                  0000000076e9156d 2 bytes JMP 000000010779a5e8
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetPerformanceInfo + 17                                                                    0000000076e91585 2 bytes JMP 000000010779a600
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSet + 17                                                                       0000000076e9159d 2 bytes JMP 000000010779a618
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameA + 17                                                                    0000000076e915b5 2 bytes JMP 000000010779a630
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExA + 17                                                                  0000000076e915cd 2 bytes JMP 000000015d37ce48
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 20                                                              0000000076e916b2 2 bytes JMP 000000010779a72d
.text   C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 31                                                              0000000076e916bd 2 bytes JMP 000000010779a738
.text   C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[648] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                            0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[648] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                     0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[648] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[648] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Windows\system32\svchost.exe[852] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                       00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\System32\svchost.exe[1100] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                      00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\System32\svchost.exe[1136] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                      00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\svchost.exe[1176] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                      00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\svchost.exe[1200] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                      00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1236] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                              0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1236] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                       0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1236] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                  0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1236] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                  0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Windows\system32\svchost.exe[1352] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                      00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\svchost.exe[1496] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                      00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\svchost.exe[1752] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                      00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Windows\system32\svchost.exe[1788] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                      00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe[1964] C:\Windows\system32\kernel32.dll!FindResourceW + 24                                                                                                  0000000076f89b78 14 bytes [00, F6, A9, 3F, 01, 00, 00, ...]
.text   C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe[1456] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                      0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe[1456] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                               0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe[1456] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                          0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe[1456] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                          0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe[1916] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                          0000000076b58e4e 5 bytes JMP 0000000100a20268
.text   C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe[1916] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                                   0000000076b7f170 5 bytes JMP 0000000100a2023c
.text   C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe[1916] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                              0000000076ba07d7 5 bytes JMP 0000000100a202ec
.text   C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe[1916] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                              0000000076bb6da0 5 bytes JMP 0000000100a202c0
.text   C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe[1164] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                     0000000076b58e4e 5 bytes JMP 00000001009c0268
.text   C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe[1164] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                              0000000076b7f170 5 bytes JMP 00000001009c023c
.text   C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe[1164] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                         0000000076ba07d7 5 bytes JMP 00000001009c02ec
.text   C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe[1164] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                         0000000076bb6da0 5 bytes JMP 00000001009c02c0
.text   C:\Program Files (x86)\Bonjour\mDNSResponder.exe[1928] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                              0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\Bonjour\mDNSResponder.exe[1928] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                                       0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\Bonjour\mDNSResponder.exe[1928] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                                  0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\Bonjour\mDNSResponder.exe[1928] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                                  0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Windows\system32\svchost.exe[2080] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                      00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                                       0000000076cf8769 4 bytes [C2, 04, 00, 00]
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                                                                            0000000076e91401 2 bytes JMP 000000010779a47c
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                                                                              0000000076e91419 2 bytes JMP 000000010779a494
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                                                                            0000000076e91431 2 bytes JMP 000000010779a4ac
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                                                                            0000000076e9144a 2 bytes JMP 0000000076f5fcc5
.text   ...                                                                                                                                                                                             * 9
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                                                                               0000000076e914dd 2 bytes JMP 000000010779a558
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                                                                        0000000076e914f5 2 bytes JMP 000000010779a570
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                                                                               0000000076e9150d 2 bytes JMP 000000010779a588
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                                                                        0000000076e91525 2 bytes JMP 000000010779a5a0
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                                                                              0000000076e9153d 2 bytes JMP 000000010779a5b8
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                                                                                   0000000076e91555 2 bytes JMP 000000010779a5d0
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                                                                            0000000076e9156d 2 bytes JMP 000000010779a5e8
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                                                                              0000000076e91585 2 bytes JMP 000000010779a600
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                                                                                 0000000076e9159d 2 bytes JMP 000000010779a618
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                                                                              0000000076e915b5 2 bytes JMP 000000010779a630
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                                                                            0000000076e915cd 2 bytes JMP 000000015d37ce48
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                                                                        0000000076e916b2 2 bytes JMP 000000010779a72d
.text   C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                                                                        0000000076e916bd 2 bytes JMP 000000010779a738
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                    0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                             0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                        0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                        0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                        0000000076e91401 2 bytes JMP 000000010779a47c
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                          0000000076e91419 2 bytes JMP 000000010779a494
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                        0000000076e91431 2 bytes JMP 000000010779a4ac
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                        0000000076e9144a 2 bytes JMP 0000000076f5fcc5
.text   ...                                                                                                                                                                                             * 9
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                           0000000076e914dd 2 bytes JMP 000000010779a558
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                    0000000076e914f5 2 bytes JMP 000000010779a570
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                           0000000076e9150d 2 bytes JMP 000000010779a588
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                    0000000076e91525 2 bytes JMP 000000010779a5a0
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                          0000000076e9153d 2 bytes JMP 000000010779a5b8
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                               0000000076e91555 2 bytes JMP 000000010779a5d0
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                        0000000076e9156d 2 bytes JMP 000000010779a5e8
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                          0000000076e91585 2 bytes JMP 000000010779a600
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                             0000000076e9159d 2 bytes JMP 000000010779a618
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                          0000000076e915b5 2 bytes JMP 000000010779a630
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                        0000000076e915cd 2 bytes JMP 000000015d37ce48
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                    0000000076e916b2 2 bytes JMP 000000010779a72d
.text   C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                    0000000076e916bd 2 bytes JMP 000000010779a738
.text   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe[2280] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                        0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe[2280] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                                 0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe[2280] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                            0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe[2280] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                            0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe[2316] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                           0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe[2316] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                    0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe[2316] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                               0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe[2316] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                               0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                             0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                      0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                 0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                 0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                 0000000076e91401 2 bytes JMP 000000010779a47c
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                   0000000076e91419 2 bytes JMP 000000010779a494
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                 0000000076e91431 2 bytes JMP 000000010779a4ac
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                 0000000076e9144a 2 bytes JMP 0000000076f5fcc5
.text   ...                                                                                                                                                                                             * 9
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                    0000000076e914dd 2 bytes JMP 000000010779a558
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                             0000000076e914f5 2 bytes JMP 000000010779a570
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                    0000000076e9150d 2 bytes JMP 000000010779a588
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                             0000000076e91525 2 bytes JMP 000000010779a5a0
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                   0000000076e9153d 2 bytes JMP 000000010779a5b8
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                        0000000076e91555 2 bytes JMP 000000010779a5d0
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                 0000000076e9156d 2 bytes JMP 000000010779a5e8
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                   0000000076e91585 2 bytes JMP 000000010779a600
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                      0000000076e9159d 2 bytes JMP 000000010779a618
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                   0000000076e915b5 2 bytes JMP 000000010779a630
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                 0000000076e915cd 2 bytes JMP 000000015d37ce48
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                             0000000076e916b2 2 bytes JMP 000000010779a72d
.text   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                             0000000076e916bd 2 bytes JMP 000000010779a738
.text   C:\Windows\SysWOW64\nlssrv32.exe[2424] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                                              0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Windows\SysWOW64\nlssrv32.exe[2424] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                                                       0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Windows\SysWOW64\nlssrv32.exe[2424] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                                                  0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Windows\SysWOW64\nlssrv32.exe[2424] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                                                  0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                      0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                               0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                          0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                          0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                          0000000076e91401 2 bytes JMP 000000010779a47c
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                            0000000076e91419 2 bytes JMP 000000010779a494
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                          0000000076e91431 2 bytes JMP 000000010779a4ac
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                          0000000076e9144a 2 bytes JMP 0000000076f5fcc5
.text   ...                                                                                                                                                                                             * 9
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                             0000000076e914dd 2 bytes JMP 000000010779a558
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                      0000000076e914f5 2 bytes JMP 000000010779a570
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                             0000000076e9150d 2 bytes JMP 000000010779a588
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                      0000000076e91525 2 bytes JMP 000000010779a5a0
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                            0000000076e9153d 2 bytes JMP 000000010779a5b8
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                 0000000076e91555 2 bytes JMP 000000010779a5d0
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                          0000000076e9156d 2 bytes JMP 000000010779a5e8
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                            0000000076e91585 2 bytes JMP 000000010779a600
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                               0000000076e9159d 2 bytes JMP 000000010779a618
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                            0000000076e915b5 2 bytes JMP 000000010779a630
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                          0000000076e915cd 2 bytes JMP 000000015d37ce48
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                      0000000076e916b2 2 bytes JMP 000000010779a72d
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                      0000000076e916bd 2 bytes JMP 000000010779a738
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                                              0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                                                       0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                                                  0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                                                  0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                                                                         0000000074c81a22 2 bytes [C8, 74]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                                                                         0000000074c81ad0 2 bytes [C8, 74]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                                                                         0000000074c81b08 2 bytes [C8, 74]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                                                                         0000000074c81bba 2 bytes [C8, 74]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                                                                         0000000074c81bda 2 bytes [C8, 74]
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                  0000000076e91401 2 bytes JMP 000000010779a47c
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                    0000000076e91419 2 bytes JMP 000000010779a494
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                  0000000076e91431 2 bytes JMP 000000010779a4ac
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                  0000000076e9144a 2 bytes JMP 0000000076f5fcc5
.text   ...                                                                                                                                                                                             * 9
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                     0000000076e914dd 2 bytes JMP 000000010779a558
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                              0000000076e914f5 2 bytes JMP 000000010779a570
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                     0000000076e9150d 2 bytes JMP 000000010779a588
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                              0000000076e91525 2 bytes JMP 000000010779a5a0
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                    0000000076e9153d 2 bytes JMP 000000010779a5b8
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                         0000000076e91555 2 bytes JMP 000000010779a5d0
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                  0000000076e9156d 2 bytes JMP 000000010779a5e8
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                    0000000076e91585 2 bytes JMP 000000010779a600
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                       0000000076e9159d 2 bytes JMP 000000010779a618
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                    0000000076e915b5 2 bytes JMP 000000010779a630
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                  0000000076e915cd 2 bytes JMP 000000015d37ce48
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                              0000000076e916b2 2 bytes JMP 000000010779a72d
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                              0000000076e916bd 2 bytes JMP 000000010779a738
.text   c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2792] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                 0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2792] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                          0000000076b7f170 5 bytes JMP 00000001100c023c
.text   c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2792] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                     0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2792] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                     0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe[3060] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                             0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe[3060] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                      0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe[3060] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                 0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe[3060] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                 0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Windows\system32\svchost.exe[3724] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                                                      00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...]
.text   C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3228] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                           0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3228] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                    0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3228] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                               0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3228] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                               0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe[948] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808                                                              00000000771b7ab8 14 bytes {SUB BYTE [RAX], 0x34; ADD [RAX], EAX; ADD [RAX], AL; JMP QWORD [RIP-0xe]}
.text   C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe[948] C:\Windows\system32\kernel32.dll!FindResourceW + 24                                                                               0000000076f89b78 14 bytes {XOR AL, 0x40; ADD [RAX], EAX; ADD [RAX], AL; JMP QWORD [RIP-0xe]}
.text   C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe[4412] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                            0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe[4412] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                                     0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe[4412] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                                0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe[4412] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                                0000000076bb6da0 5 bytes JMP 00000001100c02c0
.text   C:\Users\Dawid\Desktop\gmer.exe[5736] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                                               0000000076b58e4e 5 bytes JMP 00000001100c0268
.text   C:\Users\Dawid\Desktop\gmer.exe[5736] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                                                        0000000076b7f170 5 bytes JMP 00000001100c023c
.text   C:\Users\Dawid\Desktop\gmer.exe[5736] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW                                                                                                   0000000076ba07d7 5 bytes JMP 00000001100c02ec
.text   C:\Users\Dawid\Desktop\gmer.exe[5736] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA                                                                                                   0000000076bb6da0 5 bytes JMP 00000001100c02c0
 
---- Threads - GMER 2.1 ----
 
Thread  System [4:484]                                                                                                                                                                                  fffffa800bb1c4b0
Thread  C:\Windows\System32\svchost.exe [2820:3908]                                                                                                                                                     000007fef63f9688
Thread   [4624:4928]                                                                                                                                                                                    000000005983435c
Thread   [4624:4964]                                                                                                                                                                                    00000000704c786a
Thread   [4624:4148]                                                                                                                                                                                    00000000773c2e65
Thread   [4624:4252]                                                                                                                                                                                    000000005983d578
Thread  C:\Windows\SysWOW64\ntdll.dll [4888:4892]                                                                                                                                                       00000000013cf0ae
Thread  C:\Windows\SysWOW64\ntdll.dll [4888:4972]                                                                                                                                                       00000000704c786a
 
---- Registry - GMER 2.1 ----
 
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158315a310                                                                                                                     
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158315a310@5c57c848c229                                                                                                        0xF4 0x46 0x49 0xF4 ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158315a310 (not active ControlSet)                                                                                                 
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158315a310@5c57c848c229                                                                                                            0xF4 0x46 0x49 0xF4 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2}                                                                                 
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2}@jakcjdklmejkincploba                                                            0x62 0x61 0x66 0x65 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2}@jakcjdklmejkincplofa                                                            0x62 0x61 0x68 0x65 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}                                                                                 
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@jamhbmaoceodkhbochia                                                            0x62 0x61 0x6A 0x69 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@iamgmcekjdkjbknegc                                                              0x6B 0x61 0x62 0x6B ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@jamhbmaoceodkhbochmp                                                            0x62 0x61 0x61 0x6B ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@haaifjjkgcfhlmai                                                                0x70 0x61 0x70 0x68 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@japhoiniofgaomhkilij                                                            0x64 0x62 0x61 0x6B ...
Reg     HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Dawid\AppData\Local\Logitech\xae Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe  1
 
---- EOF - GMER 2.1 ----
 

[/log]

Zayfi

Zayfi

komentarz
komentarz

Ten temat nie ma związku z infekcją.

 

Na początek odinstaluj:

Asus WebStorage
IObit Malware Fighter_is1" = IObit Malware Fighter"
IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller

Format factory
Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

Odinstalowane. Po co mialem to zrobic? Format Factory zostawilem.

Zayfi

Zayfi

komentarz
komentarz
Po co mialem to zrobic?

 

A po co dałeś logi do sprawdzenia? Opisałeś problem?

Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz (edytowane)

Tak jak w tamtym temacie. Po pewnym czasie korzystania z internetu system mi sie przycina a pozniej zawiesza i musze skorzystac z resetu. Przy chromie (jak narazie) przycina sie rzadziej niz przy firefoxie.

 

edit:

Nie moge odinstalowac firefoxa i nie wiem dlaczego. Nic sie nie dzieje.

Edytowane przez Dawid_Dj
  • 3 tygodnie później...
Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

I jak??

  • 2 tygodnie później...
Zayfi

Zayfi

komentarz
komentarz

Wykonaj weryfikację plików systemowych

 

start > polecenie uruchom > cmd

 

wpisz komendę sfc /scannow

 

podaj jaki był końcowy komunikat.

Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

"Funkcja Ochrona zasobów systemu Windows nie znalazła naruszeń integralności."

  • 3 tygodnie później...
Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

co dalej??

  • 4 miesiące później...
Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

Swieze logi

 

OTL

[log]OTL logfile created on: 2014-08-21 21:39:50 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = E:\OTL
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,98 Gb Total Physical Memory | 5,30 Gb Available Physical Memory | 66,38% Memory free
15,96 Gb Paging File | 12,78 Gb Available in Paging File | 80,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 155,25 Gb Total Space | 8,88 Gb Free Space | 5,72% Space Free | Partition Type: NTFS
Drive D: | 155,16 Gb Total Space | 28,40 Gb Free Space | 18,30% Space Free | Partition Type: NTFS
Drive E: | 155,25 Gb Total Space | 30,87 Gb Free Space | 19,88% Space Free | Partition Type: NTFS
 
Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-08-07 05:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-06-29 11:55:38 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014-05-12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2013-12-15 13:51:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL\OTL.exe
PRC - [2013-12-10 04:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013-12-10 04:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-11-14 13:56:57 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-11-11 09:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-10-25 13:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013-10-16 01:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013-04-23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013-03-12 07:32:58 | 000,506,744 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-05-19 16:39:18 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011-05-19 16:39:14 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011-02-21 23:17:32 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2011-01-12 17:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010-12-02 04:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
PRC - [2010-11-03 11:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
PRC - [2010-10-21 11:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009-12-22 13:31:50 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
PRC - [2009-12-22 13:30:54 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
PRC - [2009-12-15 14:47:00 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-08-13 17:40:06 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3623483b5413fc2d685b42d0e703a923\IAStorUtil.ni.dll
MOD - [2014-08-13 17:40:06 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\48457c19cd74652246ac967b35d4956d\IAStorCommon.ni.dll
MOD - [2014-08-13 17:37:35 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4d2ee13655653e64c6b91238e6b351df\System.Runtime.Remoting.ni.dll
MOD - [2014-08-13 17:37:20 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\434e3a5de2f98ed740aac2b24c6d0890\System.Windows.Forms.ni.dll
MOD - [2014-08-13 17:37:17 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bce52f0521c930a2e305badb3ea07128\System.Drawing.ni.dll
MOD - [2014-08-13 17:37:14 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\abca6deea510151b5d8e51bdabd17bea\System.Xml.ni.dll
MOD - [2014-08-13 17:37:12 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce5e2af0775efc3c91ba62d5d26fb39\System.Configuration.ni.dll
MOD - [2014-08-13 17:37:06 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4aa535ef604745958a236cfbbbbf6297\WindowsBase.ni.dll
MOD - [2014-08-13 17:36:59 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ee90c95adb50b0e75b814fcb9d87f8e\System.ni.dll
MOD - [2014-08-13 17:36:53 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f8be9e33457f57805b4068f90099e428\mscorlib.ni.dll
MOD - [2014-08-07 05:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
MOD - [2014-08-07 05:20:54 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
MOD - [2014-08-07 05:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
MOD - [2014-08-07 05:20:49 | 000,718,152 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
MOD - [2014-08-07 05:20:47 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
MOD - [2014-08-07 05:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
MOD - [2010-11-13 04:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-12-22 13:31:50 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
MOD - [2009-12-22 13:30:54 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
MOD - [2009-12-22 13:30:36 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK.dll
MOD - [2009-12-22 13:30:34 | 000,065,536 | ---- | M] () -- C:\Windows\SysWOW64\LGErrorHandler.dll
MOD - [2009-12-22 13:30:28 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EngRes.dll
MOD - [2009-12-15 14:49:20 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-12-15 14:46:38 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014-07-25 15:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013-12-10 04:14:39 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013-10-13 12:02:56 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2013-06-29 23:37:42 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012-04-26 10:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV:64bit: - [2011-01-12 17:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011-01-12 17:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014-08-17 09:17:17 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-08-04 22:38:11 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-06-29 11:55:38 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014-03-21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013-12-10 04:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013-11-11 09:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-10-25 13:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-09-11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013-04-23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012-12-13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2012-08-01 16:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011-05-19 16:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011-03-01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011-02-21 23:17:32 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2010-12-02 12:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010-12-02 04:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010-11-03 11:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc)
SRV - [2010-10-21 11:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2014-08-21 21:26:31 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014-05-12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014-05-12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013-12-05 10:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-11-14 13:57:05 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013-10-28 02:12:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013-10-28 02:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013-10-08 19:23:28 | 000,024,032 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:64bit: - [2013-10-02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013-08-29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013-07-16 12:33:04 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2013-06-28 11:45:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2013-04-23 16:30:52 | 000,093,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis)
DRV:64bit: - [2013-04-18 16:14:12 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2013-04-18 16:12:26 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetadb.sys -- (andnetadb)
DRV:64bit: - [2012-12-24 17:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:64bit: - [2012-12-24 17:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtAudioBusSrv)
DRV:64bit: - [2012-12-24 17:42:26 | 000,031,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (IvtPanBusSrv)
DRV:64bit: - [2012-12-24 17:42:26 | 000,031,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs)
DRV:64bit: - [2012-08-29 19:46:14 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1)
DRV:64bit: - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-06-27 15:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-09 08:06:36 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012-01-18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012-01-18 08:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012-01-15 15:05:59 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-01-09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012-01-09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012-01-09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012-01-09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011-12-15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011-10-30 16:14:56 | 000,033,360 | ---- | M] (CrystalIdea Software) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CisUtMonitor.sys -- (CisUtMonitor)
DRV:64bit: - [2011-06-10 07:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-05-16 07:39:26 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011-05-10 18:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-24 11:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011-02-24 11:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010-12-21 16:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010-12-21 16:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010-12-21 14:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010-12-21 14:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010-12-21 14:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-10-19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010-09-21 12:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010-09-15 09:46:14 | 000,060,288 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MHIKEY10x64.sys -- (MHIKEY10)
DRV:64bit: - [2010-02-08 23:28:10 | 000,148,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hrmports.sys -- (HRMPORTS)
DRV:64bit: - [2010-02-08 23:28:10 | 000,133,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hrmcfgspc.sys -- (HRMCFGSPC)
DRV:64bit: - [2010-02-08 23:28:10 | 000,128,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hrmints.sys -- (HRMINTS)
DRV:64bit: - [2010-02-08 23:28:08 | 000,676,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dsfksvcs.sys -- (DSFKSVCS)
DRV:64bit: - [2010-02-08 23:28:08 | 000,035,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dsfroot.sys -- (dsfroot)
DRV:64bit: - [2010-02-08 21:58:56 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci_dsf.sys -- (usbehci_dsf)
DRV:64bit: - [2010-02-08 21:06:46 | 000,675,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\softusbk.sys -- (SOFTUSBK)
DRV:64bit: - [2010-02-08 21:06:46 | 000,366,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\softehci.sys -- (softehci)
DRV:64bit: - [2010-02-08 21:06:42 | 000,206,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\softhidusbk.sys -- (SOFTHIDUSBK)
DRV:64bit: - [2010-01-14 14:27:46 | 000,032,544 | R--- | M] (Realtek                                            ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010-01-14 14:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010-01-14 14:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010-01-14 14:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009-08-13 09:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008-11-04 05:08:12 | 000,022,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GWHid.sys -- (GWHid)
DRV:64bit: - [2008-09-23 01:24:00 | 000,050,176 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\shbecr.sys -- (Tdsshbecr)
DRV:64bit: - [2008-03-30 04:16:46 | 000,031,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VL807.sys -- (VL807)
DRV - [2010-09-16 21:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009-12-22 13:30:46 | 000,019,456 | ---- | M] (LG Soft India) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\LGPII2CDriver.sys -- (LGII2CDevice)
DRV - [2009-12-22 13:30:36 | 000,016,384 | ---- | M] (LG Soft India) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\LGI2CDriver.sys -- (LGDDCDevice)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008-11-04 05:08:18 | 000,018,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GWHid.sys -- (GWHid)
DRV - [2008-03-30 04:17:18 | 000,025,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\VL807.sys -- (VL807)
DRV - [2008-02-15 17:30:48 | 000,015,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys -- (FLASHSYS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/ [binary data]
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes,DefaultScope = {01AA3507-BBE7-437F-B89A-A4E240EF067E}
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes\{01AA3507-BBE7-437F-B89A-A4E240EF067E}: "URL" = http://www.idg.pl?q={searchTerms}
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledAddons: SkipScreen%40SkipScreen:0.7.2
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: %7B3e0e7d2a-070f-4a47-b019-91fe5385ba79%7D:3.5.9
FF - prefs.js..extensions.enabledAddons: YoutubeDownloader%40PeterOlayev.com:2.3.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..keyword.url: "http://isearch.avg.com/search?cid=%7B9b6f0ca3-7e12-4afe-b918-e1143ebfb52f%7D&mid=3c8acdbcac8547d095a0252442857de7-617abbcef06b250eea98b924de82af8847409f3a&ds=st011&v=11.1.0.7&lang=pl&pr=sa&d=2012-03-30%2017%3A42%3A10&sap=ku&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0:  File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.1: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Dawid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012-12-10 21:52:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014-08-04 22:38:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-12-10 21:52:55 | 000,000,000 | ---D | M]
 
[2011-11-29 21:31:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Extensions
[2014-08-20 10:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions
[2013-01-07 12:31:47 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2014-08-09 10:37:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014-02-20 17:41:09 | 000,000,000 | ---D | M] (FullScreen+) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\FullScreen@muha.com
[2014-07-19 20:59:17 | 000,000,000 | ---D | M] (Better Battlelog (BBLog)) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack
[2014-08-20 10:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\staged
[2014-01-16 16:40:35 | 000,252,696 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\jid0-8C9kZOXgcsBN95BaPPbaKdSHEpU@jetpack.xpi
[2013-06-20 22:59:29 | 000,255,232 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\jid1-GBYr3F9iI4n8IA@jetpack.xpi
[2013-02-18 11:26:22 | 000,030,191 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\screensurfer@pjs.nl.xpi
[2013-07-21 09:57:20 | 000,071,038 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\SkipScreen@SkipScreen.xpi
[2013-02-04 11:44:31 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\translator@zoli.bod.xpi
[2013-01-30 17:47:08 | 000,021,356 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\uss-button@uploadscreenshot.com.xpi
[2014-07-25 10:17:20 | 000,076,615 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi
[2013-09-07 22:43:17 | 000,242,531 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi
[2013-08-02 12:11:22 | 000,224,035 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2014-08-20 10:30:46 | 000,434,656 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi
[2014-07-24 20:55:00 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-08-04 22:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2014-08-04 22:38:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014-08-04 22:38:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2014-08-04 22:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-08-04 22:38:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Dysk Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014-05-26 12:28:17 | 000,000,903 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts:            127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (no name) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [TNOD UP] C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [F.lux] C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [Facebook Update] C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [GG] C:\Users\Dawid\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableThumbnails = 0
O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  =
O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A07E7B8-1FD9-4107-B093-43C81F346573}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-06-26 22:38:36 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2014-05-26 12:48:53 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013-07-24 14:54:55 | 000,000,000 | ---D | M] - E:\autocad -- [ NTFS ]
O32 - AutoRun File - [2013-06-30 00:51:50 | 000,000,000 | ---D | M] - E:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{30c971b1-15dd-11e2-b2eb-f46d04619414}\Shell - "" = AutoRun
O33 - MountPoints2\{30c971b1-15dd-11e2-b2eb-f46d04619414}\Shell\AutoRun\command - "" = K:\start.exe
O33 - MountPoints2\{366f53d7-d822-11e3-b078-f46d04619414}\Shell - "" = AutoRun
O33 - MountPoints2\{366f53d7-d822-11e3-b078-f46d04619414}\Shell\AutoRun\command - "" = L:\LG_PC_Programs.exe
O33 - MountPoints2\{706d8922-e23b-11e1-9d52-f46d04619414}\Shell - "" = AutoRun
O33 - MountPoints2\{706d8922-e23b-11e1-9d52-f46d04619414}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-08-13 17:11:00 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2014-08-13 17:11:00 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2014-08-13 17:11:00 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2014-08-13 17:11:00 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2014-08-13 17:10:58 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2014-08-13 17:10:58 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2014-08-13 17:10:08 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014-08-13 17:10:08 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014-08-13 17:09:01 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-08-13 17:09:01 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-08-13 17:09:01 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-08-13 17:09:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014-08-13 17:09:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014-08-13 17:09:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-08-13 17:09:00 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-08-13 17:08:59 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-08-13 17:08:59 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-08-13 17:08:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-08-13 17:08:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-08-13 17:08:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-08-13 17:08:58 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-08-13 17:08:58 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014-08-13 17:08:58 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-08-13 17:08:58 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-08-13 17:08:56 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-08-13 17:08:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-08-13 17:08:55 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014-08-13 17:08:55 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-08-13 17:08:55 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-08-13 17:08:54 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-08-13 17:08:54 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014-08-13 17:08:54 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-08-13 17:08:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014-08-13 17:08:53 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014-08-13 17:08:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-08-13 17:08:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014-08-13 17:08:51 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-08-13 17:08:51 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-08-13 17:08:51 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-08-13 17:08:50 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-08-13 17:08:50 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-08-13 17:08:50 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014-08-13 17:08:49 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014-08-13 17:08:42 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014-08-13 17:08:41 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014-08-13 17:08:41 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014-08-13 17:08:41 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014-08-13 17:08:41 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014-08-13 17:08:41 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2014-08-13 17:08:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2014-08-13 17:08:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2014-08-13 17:08:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2014-08-13 17:08:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2014-08-13 17:08:30 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014-08-13 17:08:25 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014-08-13 17:07:35 | 000,529,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014-08-13 17:07:35 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014-08-04 22:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014-08-03 19:40:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games
[2014-08-03 17:27:28 | 000,000,000 | ---D | C] -- C:\Users\Dawid\Desktop\Morze 2014
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014-08-21 21:37:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-08-21 21:32:25 | 000,032,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-08-21 21:32:25 | 000,032,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-08-21 21:30:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job
[2014-08-21 21:26:32 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-08-21 21:26:31 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-08-21 21:26:30 | 000,000,494 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
[2014-08-21 21:25:16 | 005,148,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-08-21 21:23:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-08-21 21:22:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2014-08-21 21:22:39 | 2131,857,407 | -HS- | M] () -- C:\hiberfil.sys
[2014-08-21 21:00:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-08-20 12:44:38 | 002,440,054 | ---- | M] () -- C:\Users\Dawid\Desktop\CAM00805.jpg
[2014-08-20 12:38:58 | 002,420,032 | ---- | M] () -- C:\Users\Dawid\Desktop\CAM00804.jpg
[2014-08-20 10:49:42 | 000,969,224 | ---- | M] () -- C:\Users\Dawid\Desktop\CAM00802.jpg
[2014-08-20 09:51:29 | 002,039,589 | ---- | M] () -- C:\Users\Dawid\Desktop\CAM00803.jpg
[2014-08-19 16:41:05 | 000,957,091 | ---- | M] () -- C:\Users\Dawid\Desktop\CAM00801.jpg
[2014-08-17 12:30:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job
[2014-08-17 09:17:16 | 000,699,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-08-17 09:17:16 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-08-16 14:46:35 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2014-08-16 14:46:35 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2014-08-16 11:59:06 | 003,722,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-08-16 11:59:06 | 001,430,882 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-08-16 11:59:06 | 001,290,900 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-08-16 11:59:06 | 000,544,654 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-08-16 11:59:06 | 000,424,572 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-08-07 04:06:41 | 000,529,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014-08-07 04:01:34 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014-07-28 13:21:52 | 000,016,694 | ---- | M] () -- C:\Users\Dawid\Desktop\imgres.htm
[2014-07-28 12:07:10 | 000,727,375 | ---- | M] () -- C:\Users\Dawid\Desktop\20140716_212642_2.jpg
[2014-07-28 12:02:34 | 000,639,667 | ---- | M] () -- C:\Users\Dawid\Desktop\20140716_212642.jpg
[2014-07-25 16:01:41 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-07-25 15:30:30 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-07-25 15:28:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-07-25 15:28:27 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-07-25 15:25:45 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014-07-25 15:10:00 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-07-25 15:03:50 | 000,598,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-07-25 15:00:51 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-07-25 15:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-07-25 14:59:28 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-07-25 14:47:25 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014-07-25 14:40:12 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014-07-25 14:34:49 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-07-25 14:33:08 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-07-25 14:30:32 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014-07-25 14:28:15 | 005,824,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-07-25 14:28:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014-07-25 14:19:18 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-07-25 14:17:33 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-07-25 14:17:26 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014-07-25 14:12:35 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-07-25 14:10:53 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014-07-25 14:10:15 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-07-25 14:08:47 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-07-25 13:47:50 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-07-25 13:43:16 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014-07-25 13:42:31 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-07-25 13:39:29 | 002,087,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-07-25 13:39:25 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014-07-25 13:36:30 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-07-25 13:34:04 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-07-25 13:07:49 | 002,001,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-07-25 13:07:10 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014-07-25 12:17:47 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-07-25 12:09:19 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-07-24 11:27:45 | 000,297,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014-07-24 11:27:45 | 000,297,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-07-24 11:27:17 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014-08-20 13:49:00 | 002,440,054 | ---- | C] () -- C:\Users\Dawid\Desktop\CAM00805.jpg
[2014-08-20 13:49:00 | 002,420,032 | ---- | C] () -- C:\Users\Dawid\Desktop\CAM00804.jpg
[2014-08-20 10:51:34 | 002,039,589 | ---- | C] () -- C:\Users\Dawid\Desktop\CAM00803.jpg
[2014-08-20 10:51:34 | 000,969,224 | ---- | C] () -- C:\Users\Dawid\Desktop\CAM00802.jpg
[2014-08-20 10:51:34 | 000,957,091 | ---- | C] () -- C:\Users\Dawid\Desktop\CAM00801.jpg
[2014-08-02 12:37:13 | 000,753,347 | ---- | C] () -- C:\Users\Dawid\Desktop\CV_Adam_Burak.pdf
[2014-07-28 13:21:52 | 000,016,694 | ---- | C] () -- C:\Users\Dawid\Desktop\imgres.htm
[2014-07-28 12:07:10 | 000,727,375 | ---- | C] () -- C:\Users\Dawid\Desktop\20140716_212642_2.jpg
[2014-07-28 12:06:41 | 000,639,667 | ---- | C] () -- C:\Users\Dawid\Desktop\20140716_212642.jpg
[2014-06-19 08:15:57 | 000,000,024 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\temp.ini
[2013-12-28 19:09:11 | 000,000,916 | ---- | C] () -- C:\Windows\SysWow64\SHORTCUT.INI
[2013-12-28 19:08:59 | 000,000,104 | ---- | C] () -- C:\Windows\SysWow64\REMOTEDEVICE.INI
[2013-12-15 11:00:46 | 000,000,126 | ---- | C] () -- C:\Windows\wininit.ini
[2013-12-08 11:10:09 | 000,000,000 | ---- | C] () -- C:\Windows\QuickInstall.INI
[2013-12-08 00:04:54 | 000,038,418 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2013-12-08 00:04:52 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2013-12-05 17:12:26 | 000,070,904 | ---- | C] () -- C:\Windows\SysWow64\VMProtectSDK32.dll
[2013-12-05 17:11:44 | 000,311,032 | ---- | C] () -- C:\Windows\SysWow64\IVTCredentialProvider.dll
[2013-12-05 17:10:38 | 000,273,144 | ---- | C] () -- C:\Windows\SysWow64\Adpush.dll
[2013-12-02 00:23:33 | 000,000,132 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP
[2013-12-02 00:20:50 | 000,000,132 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2013-11-03 11:51:36 | 000,000,098 | ---- | C] () -- C:\Windows\SysWow64\91207717.sys
[2013-10-19 11:45:51 | 000,000,093 | ---- | C] () -- C:\Users\Dawid\AppData\Local\fusioncache.dat
[2013-06-29 23:38:42 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012-12-07 22:05:48 | 000,000,096 | ---- | C] () -- C:\Windows\BsMobileModel.ini
[2012-09-28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2011-12-21 14:44:05 | 000,007,645 | ---- | C] () -- C:\Users\Dawid\AppData\Local\resmon.resmoncfg
 
========== ZeroAccess Check ==========
 
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-06-25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014-08-14 15:06:21 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIMP3
[2012-02-22 15:36:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIWI
[2011-12-18 17:05:40 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ashampoo
[2011-12-30 17:23:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ASUS WebStorage
[2013-11-03 11:53:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Audacity
[2013-06-30 00:33:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Autodesk
[2012-06-02 13:27:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\BANDISOFT
[2012-01-28 12:06:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2012-08-30 15:51:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CrystalIdea Software
[2012-03-29 17:09:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Lite
[2011-11-29 17:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Pro
[2012-10-20 17:48:05 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dexpot
[2014-02-04 10:17:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dropbox
[2011-12-17 21:07:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DxO Labs
[2012-01-22 20:10:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\e-pity
[2012-01-14 20:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ESET
[2012-06-09 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\EurekaLog
[2012-01-27 19:40:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gadu-Gadu 10
[2012-05-15 17:55:28 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GanymedeNet
[2014-08-21 21:27:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GG
[2013-12-14 10:28:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gholam_Inc
[2013-12-14 15:16:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\hdd_guardian
[2012-05-02 11:34:16 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HDRsoft
[2013-12-08 11:05:47 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HotSync
[2014-02-11 15:10:21 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IObit
[2014-05-19 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ipla
[2013-12-15 00:52:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IsolatedStorage
[2012-04-06 13:04:43 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Leadertech
[2013-12-14 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\LG Electronics
[2014-05-27 10:59:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Logs
[2014-01-27 22:30:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\MOBILedit
[2012-12-10 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia
[2012-12-10 19:22:52 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia Suite
[2012-01-01 14:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nseries
[2013-04-14 18:21:31 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nvu
[2012-01-24 20:57:45 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\OpenFM
[2013-07-16 13:17:32 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Origin
[2011-12-17 21:06:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PACE Anti-Piracy
[2012-01-19 20:15:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PC Suite
[2013-12-24 19:44:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PearlMountain
[2011-12-24 17:59:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Personal
[2011-12-23 14:50:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PunkBuster
[2014-03-16 10:12:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Radmin
[2012-04-02 22:38:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Rovio
[2012-03-09 19:49:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\S.A.D
[2013-10-18 18:12:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Softativity
[2012-01-28 17:46:54 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-03-25 18:21:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SuperUtils.com
[2013-12-07 23:26:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TeamViewer
[2011-12-26 12:45:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Tific
[2014-06-23 22:16:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TS3Client
[2012-04-10 11:23:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ts3overlay
[2012-07-08 22:10:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TSNotifier
[2012-04-18 14:56:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TuneUp Software
[2012-06-07 18:35:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ubisoft
[2011-12-10 16:19:39 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ulead Systems
[2012-06-17 14:50:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinAVI
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< C:\*.* >
[2014-05-26 12:48:53 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014-08-21 21:22:39 | 2131,857,407 | -HS- | M] () -- C:\hiberfil.sys
[2013-12-08 11:06:52 | 003,806,062 | ---- | M] () -- C:\HuskyInstallerLog.txt
[2014-08-21 21:22:47 | 4274,135,039 | -HS- | M] () -- C:\pagefile.sys
[2012-02-24 15:31:04 | 000,179,054 | ---- | M] () -- C:\TDSSKiller.2.7.13.0_24.02.2012_14.29.38_log.txt
[2012-03-18 13:32:45 | 000,090,740 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_18.03.2012_12.31.31_log.txt
[2012-03-18 17:39:16 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_18.03.2012_16.39.14_log.txt
[2012-02-24 15:35:44 | 000,091,570 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_24.02.2012_14.34.50_log.txt
[2012-02-26 14:14:01 | 000,092,604 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_26.02.2012_13.13.18_log.txt
[2012-03-18 17:47:27 | 000,090,740 | ---- | M] () -- C:\TDSSKiller.2.7.20.0_18.03.2012_16.46.10_log.txt
[2012-06-18 12:10:49 | 000,092,934 | ---- | M] () -- C:\TDSSKiller.2.7.20.0_18.06.2012_12.10.17_log.txt
[2009-07-14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009-07-14 07:08:49 | 000,032,604 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012-04-01 18:42:06 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012-04-11 22:02:43 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job
[2012-04-11 22:02:44 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job
[2012-07-06 17:17:38 | 000,001,042 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012-07-06 17:17:38 | 000,001,046 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013-10-20 12:41:50 | 000,000,410 | ---- | C] () -- C:\Windows\Tasks\RegCure Pro.job
[2013-10-20 12:41:52 | 000,000,494 | ---- | C] () -- C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
 
< D:\*.* >
[2012-01-24 18:23:59 | 000,258,492 | ---- | M] () -- D:\00-00-00.jpg
[2012-01-24 18:27:28 | 000,350,024 | ---- | M] () -- D:\00-00-00_et.jpg
[2012-01-24 18:23:59 | 000,256,656 | ---- | M] () -- D:\00-00-02.jpg
[2013-07-04 17:59:03 | 1557,383,068 | ---- | M] () -- D:\17 urodziny danona przejazd moto noca.avi
[2013-07-04 17:59:03 | 018,693,868 | ---- | M] () -- D:\17 urodziny danona przejazd moto noca~2.avi
[2013-07-04 17:53:17 | 000,011,264 | ---- | M] () -- D:\17 urodziny danona przejazdza moto.VSP
[2011-08-24 21:51:58 | 003,050,163 | ---- | M] () -- D:\2fotkiorygprzerobka_kolaz.jpg
[2011-08-24 21:52:54 | 002,784,026 | ---- | M] () -- D:\2fotkiorygprzerobka_kolaz22.jpg
[2011-04-02 10:47:29 | 957,273,448 | ---- | M] () -- D:\ACBSP 2011-04-02 10-43-51-23.avi
[2011-04-02 10:47:45 | 023,624,872 | ---- | M] () -- D:\ACBSP 2011-04-02 10-47-38-89.avi
[2014-04-30 18:18:41 | 000,836,091 | ---- | M] () -- D:\billing (10).txt
[2014-05-30 18:24:23 | 000,918,791 | ---- | M] () -- D:\billing (11).txt
[2014-06-19 17:24:34 | 001,137,296 | ---- | M] () -- D:\billing (12).txt
[2013-11-29 20:06:05 | 000,647,626 | ---- | M] () -- D:\billing (2).txt
[2013-12-08 15:40:23 | 000,630,136 | ---- | M] () -- D:\billing (3).txt
[2013-12-14 23:55:11 | 000,192,065 | ---- | M] () -- D:\billing (4).txt
[2013-12-27 22:25:03 | 000,196,011 | ---- | M] () -- D:\billing (5).txt
[2014-01-18 21:04:57 | 000,536,412 | ---- | M] () -- D:\billing (6).txt
[2014-02-23 15:32:24 | 000,502,561 | ---- | M] () -- D:\billing (7).txt
[2014-03-16 17:29:56 | 000,776,098 | ---- | M] () -- D:\billing (8).txt
[2014-04-05 16:55:04 | 000,912,228 | ---- | M] () -- D:\billing (9).txt
[2013-10-26 20:12:46 | 000,538,759 | ---- | M] () -- D:\billing.txt
[2011-02-27 16:19:06 | 559,481,986 | ---- | M] () -- D:\CoDMW2.wmv
[2012-12-17 16:43:30 | 050,040,832 | ---- | M] () -- D:\Credo Prawko B.iso
[2011-09-29 20:34:36 | 003,957,706 | ---- | M] () -- D:\crosskolaz1.jpg
[2013-03-31 20:02:38 | 004,249,281 | ---- | M] () -- D:\crosskolaz2.jpg
[2007-02-01 16:04:06 | 061,236,062 | ---- | M] () -- D:\CRYSpcVIDTRdx10.wmv
[2013-04-18 20:59:46 | 000,819,831 | ---- | M] () -- D:\dwe.mp4
[2014-03-06 17:03:47 | 000,014,635 | ---- | M] () -- D:\kontakty 07.12.2013 - update 06.03.2014.docx
[2013-12-12 19:01:19 | 000,011,007 | ---- | M] () -- D:\kontakty 07.12.2013.txt
[2012-03-18 13:30:40 | 000,041,183 | ---- | M] () -- D:\KontaktyDawid_18.03.2012
[2012-02-24 15:26:06 | 000,041,837 | ---- | M] () -- D:\KontaktyggDawid_24.02.2012
[2012-07-04 15:54:27 | 000,041,618 | ---- | M] () -- D:\Kontakty_9207423_04.07.2012
[2012-05-15 19:15:38 | 000,040,493 | ---- | M] () -- D:\Kontakty_9207423_15.05.2012
[2012-07-29 23:16:42 | 000,041,069 | ---- | M] () -- D:\Kontakty_9207423_29.07.2012
[2012-06-17 15:09:04 | 000,927,188 | ---- | M] () -- D:\ludzie, lodożerca.mp3
[2010-02-16 19:53:20 | 000,052,070 | ---- | M] () -- D:\ludzie.amr
[2010-02-16 19:53:20 | 000,527,079 | ---- | M] () -- D:\ludzie.mp3
[2012-11-03 01:54:26 | 015,740,409 | ---- | M] () -- D:\MOV00321.3gp
[2014-04-06 11:57:50 | 000,010,104 | ---- | M] () -- D:\nr do usuniecia.docx
[2012-11-05 22:45:27 | 2020,266,143 | ---- | M] () -- D:\Osiemnastka Danona.mp4
[2008-03-05 19:16:30 | 096,558,090 | ---- | M] () -- D:\P1010399.MOV
[2008-03-05 19:22:20 | 029,908,310 | ---- | M] () -- D:\P1010403.MOV
[2008-03-22 16:03:28 | 067,235,722 | ---- | M] () -- D:\P1020379.MOV
[2010-02-10 20:22:24 | 003,646,352 | ---- | M] () -- D:\P1080184.JPG
[2010-02-15 12:42:26 | 003,417,346 | ---- | M] () -- D:\P1080190.JPG
[2010-02-15 12:50:04 | 003,938,113 | ---- | M] () -- D:\P1080191.JPG
[2010-03-22 17:13:06 | 003,575,334 | ---- | M] () -- D:\P1080392.JPG
[2010-03-22 17:13:32 | 003,854,951 | ---- | M] () -- D:\P1080393.JPG
[2011-11-06 15:03:12 | 003,020,341 | ---- | M] () -- D:\P1160593.JPG
[2011-11-07 16:21:22 | 001,950,575 | ---- | M] () -- D:\P1160593_3.jpeg
[2011-11-27 17:39:40 | 002,506,626 | ---- | M] () -- D:\P1160754.JPG
[2011-11-27 18:19:26 | 000,773,794 | ---- | M] () -- D:\P1160754_2.jpg
[2011-11-27 18:37:50 | 000,787,302 | ---- | M] () -- D:\P1160754_3.jpeg
[2013-12-01 23:27:03 | 000,990,569 | ---- | M] () -- D:\Picture 28.jpg
[2011-10-16 18:13:10 | 000,070,941 | ---- | M] () -- D:\screen320.jpg
[2013-04-18 20:11:11 | 000,531,728 | ---- | M] () -- D:\Skok przez okno na lekcji GEOGRAFII.mp4
[2011-11-25 20:37:17 | 268,435,456 | -HS- | M] () -- D:\WinPEpge.sys
[2013-05-09 19:17:33 | 180,403,915 | ---- | M] () -- D:\wiosny - przypomnienie.psd
[2012-11-08 20:00:32 | 108,882,807 | ---- | M] () -- D:\Wojtas na Paka urodzinach.mp4
[2012-11-08 20:00:58 | 000,008,704 | ---- | M] () -- D:\Wojtas na urodzinach u Paka.VSP
 
< E:\*.* >
[2013-12-01 00:45:56 | 000,011,017 | ---- | M] () -- E:\00001.vcf
[2014-05-30 18:24:23 | 000,918,791 | ---- | M] () -- E:\01.05.-30.05.2014.txt
[2011-11-20 16:08:22 | 007,891,551 | ---- | M] (A.I.SOFT,INC.) -- E:\465-USB-WIN7-64-PNP-A-PL(1).EXE
[2012-06-05 19:57:45 | 094,039,935 | ---- | M] () -- E:\AC3 - Oficjalny zwiastun z E3 [PL].mp4
[2012-03-29 09:25:54 | 733,779,968 | ---- | M] () -- E:\american pie 6 beta house lektor pl.avi
[2012-04-02 22:32:34 | 034,995,726 | ---- | M] () -- E:\Angry Birds Space 1.0.0.THETA www.exsite.pl.rar
[2012-06-11 16:14:57 | 729,248,342 | ---- | M] () -- E:\bf3_2012_06_11_16_10_49_808.avi
[2012-10-07 13:00:23 | 071,831,387 | ---- | M] () -- E:\BF3_Premium_Guide02_EN_v2.pdf
[2012-12-30 13:28:09 | 090,682,025 | ---- | M] () -- E:\BF3_Premium_Guide03_EN.pdf
[2013-04-02 14:30:22 | 081,254,005 | ---- | M] () -- E:\BF3_Premium_Guide04_EN.pdf
[2014-05-30 18:24:23 | 000,918,791 | ---- | M] () -- E:\billing 01.05-30.05.2014.txt
[2013-12-14 23:55:11 | 000,192,065 | ---- | M] () -- E:\billing 05.12.2013 - 14.12.2013.txt
[2014-04-05 16:55:04 | 000,912,228 | ---- | M] () -- E:\billing 07.03-05.04.2014.txt
[2013-12-08 15:40:23 | 000,630,136 | ---- | M] () -- E:\billing 09.11.2013 - 08.12.2013.txt
[2014-03-16 17:29:56 | 000,776,098 | ---- | M] () -- E:\billing 15.02-16.03.2014.txt
[2014-01-18 21:04:57 | 000,536,412 | ---- | M] () -- E:\billing 20.12.2013 - 18.01.2014.txt
[2014-06-19 17:24:34 | 001,137,296 | ---- | M] () -- E:\billing 21.05-19.06.2014.txt
[2014-02-23 15:32:24 | 000,502,561 | ---- | M] () -- E:\billing 25.01.2014 - 23.02.2014.txt
[2013-10-26 20:12:46 | 000,538,759 | ---- | M] () -- E:\billing 27.09.2013 - 26.10.2013.txt
[2013-12-27 22:25:03 | 000,196,011 | ---- | M] () -- E:\billing 28.11.2013 - 27.12.2013.txt
[2013-12-08 18:41:49 | 000,181,408 | ---- | M] () -- E:\billing 29.11-08.12.txt
[2013-11-29 20:06:05 | 000,647,626 | ---- | M] () -- E:\billing 31.10.2013 - 29.11.2013.txt
[2011-04-23 00:11:50 | 726,675,276 | ---- | M] () -- E:\cfy-newkids.avi
[2011-04-26 00:59:46 | 000,032,634 | ---- | M] () -- E:\cfy-newkids.txt
[2011-11-26 10:03:16 | 000,042,101 | ---- | M] () -- E:\Dawidkontakty_26.11.2011
[2012-11-02 10:56:54 | 000,000,680 | ---- | M] () -- E:\dedykacje.txt
[2014-02-11 11:34:34 | 000,104,372 | ---- | M] () -- E:\Extras.Txt
[2012-06-03 13:39:43 | 108,508,108 | ---- | M] () -- E:\F1 2012 Monaco GP Official race edit.mp4
[2014-04-12 13:15:58 | 001,232,077 | ---- | M] () -- E:\Fuelio v1.21.0.apk
[2014-05-30 18:24:23 | 000,918,791 | ---- | M] () -- E:\h5.txt
[2012-07-23 19:23:49 | 017,532,198 | ---- | M] () -- E:\iCEnhancer2_1FINAL.zip
[2014-04-07 18:03:15 | 003,012,325 | ---- | M] () -- E:\Just 6 Weeks v1.8.3.apk
[2011-07-01 19:45:10 | 000,000,198 | ---- | M] () -- E:\kod corel x4 video.txt
[2013-12-12 19:01:19 | 000,011,007 | ---- | M] () -- E:\kontakty 07.12.2013 (2).txt
[2014-07-08 20:42:17 | 000,014,898 | ---- | M] () -- E:\kontakty 07.12.2013 up 08.07.2014.txt.docx
[2013-12-12 19:01:19 | 000,011,007 | ---- | M] () -- E:\kontakty 07.12.2013.txt
[2011-11-13 11:47:12 | 003,035,825 | ---- | M] () -- E:\livebox_USB_Vista_7_366825985.zip
[2013-12-15 13:50:09 | 000,003,752 | ---- | M] () -- E:\MBAM.txt
[2011-12-19 21:56:59 | 000,000,528 | R--- | M] () -- E:\MediaID.bin
[2012-05-31 16:56:34 | 011,042,294 | ---- | M] () -- E:\Nie pomalujesz ! To je amelinium (Oryginał HD)~1.mp4
[2013-12-09 17:26:56 | 000,000,020 | ---- | M] () -- E:\nieznajomy 2.txt
[2013-12-02 22:32:12 | 000,000,009 | ---- | M] () -- E:\nieznajomy.txt
[2010-03-20 18:11:58 | 068,484,620 | ---- | M] () -- E:\Opel_Omega_B_sam_naprawiam.pdf
[2014-02-11 11:33:53 | 000,193,000 | ---- | M] () -- E:\OTL.Txt
[2014-04-07 17:58:13 | 004,528,228 | ---- | M] () -- E:\Rayman Jungle Run.apk
[2014-08-11 22:00:54 | 000,000,064 | ---- | M] () -- E:\rgh.txt
[2000-06-17 13:32:10 | 000,049,168 | ---- | M] () -- E:\Super Mario Bros. (PC10).nes
[2014-04-12 13:16:10 | 006,718,315 | ---- | M] () -- E:\SwiftKey 3 Keyboard.apk
[2012-11-07 20:30:03 | 155,786,365 | ---- | M] () -- E:\The_Origin_of_Battlefield_1942.pdf
[2013-10-12 11:05:17 | 002,823,266 | ---- | M] () -- E:\trasa.png
[2013-12-15 16:51:57 | 000,002,080 | ---- | M] () -- E:\ustawienia sim.txt
[2012-02-27 17:56:16 | 000,023,055 | ---- | M] () -- E:\video.pass
[2012-02-19 21:42:43 | 000,000,025 | ---- | M] () -- E:\wirus zawiecha.bat
[2014-04-07 16:04:39 | 005,009,234 | ---- | M] () -- E:\Worms 2 Armageddon v1.3.apk
[2013-01-10 22:03:40 | 322,319,705 | ---- | M] () -- E:\[nvmovies][archiwum prywatne] tough night 12'_13'.mp4
[1 E:\*.tmp files -> E:\*.tmp -> ]
 
< F:\*.* >
 
< G:\*.* >
 
< H:\*.* >
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %APPDATA%\*. >
[2012-05-05 13:49:30 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe
[2012-04-22 11:11:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe Mini Bridge CS5
[2012-01-28 17:46:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe Mini Bridge CS5.1
[2014-08-14 15:06:21 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIMP3
[2012-02-22 15:36:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIWI
[2013-11-02 15:26:13 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Apple Computer
[2011-12-18 17:05:40 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ashampoo
[2011-12-30 17:23:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ASUS WebStorage
[2013-11-03 11:53:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Audacity
[2013-06-30 00:33:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Autodesk
[2012-06-02 13:27:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\BANDISOFT
[2011-11-30 22:43:03 | 000,000,000 | R--D | M] -- C:\Users\Dawid\AppData\Roaming\Brother
[2012-01-28 12:06:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2011-12-10 16:11:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Corel
[2012-08-30 15:51:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CrystalIdea Software
[2012-01-01 19:50:36 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CyberLink
[2012-03-29 17:09:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Lite
[2011-11-29 17:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Pro
[2012-10-20 17:48:05 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dexpot
[2014-02-04 10:17:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dropbox
[2011-12-17 21:07:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DxO Labs
[2012-01-22 20:10:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\e-pity
[2012-01-14 20:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ESET
[2012-06-09 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\EurekaLog
[2012-01-27 19:40:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gadu-Gadu 10
[2012-05-15 17:55:28 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GanymedeNet
[2014-08-21 21:27:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GG
[2013-12-14 10:28:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gholam_Inc
[2013-12-14 15:16:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\hdd_guardian
[2012-05-02 11:34:16 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HDRsoft
[2013-12-08 11:05:47 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HotSync
[2011-11-29 16:51:59 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Identities
[2011-11-29 17:01:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\InstallShield
[2011-11-29 17:24:50 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Intel Corporation
[2014-02-11 15:10:21 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IObit
[2014-05-19 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ipla
[2013-12-15 00:52:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IsolatedStorage
[2012-04-06 13:04:43 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Leadertech
[2013-12-14 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\LG Electronics
[2014-05-27 10:59:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Logs
[2011-11-29 18:46:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Macromedia
[2014-05-20 14:36:34 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Malwarebytes
[2011-04-12 15:32:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Media Center Programs
[2014-02-23 20:53:57 | 000,000,000 | --SD | M] -- C:\Users\Dawid\AppData\Roaming\Microsoft
[2014-05-28 09:49:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Microsoft FxCop
[2014-01-27 22:30:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\MOBILedit
[2012-06-10 21:05:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Mozilla
[2012-12-10 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia
[2012-12-10 19:22:52 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia Suite
[2012-01-01 14:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nseries
[2011-12-10 16:18:51 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\NVIDIA
[2013-04-14 18:21:31 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nvu
[2012-01-24 20:57:45 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\OpenFM
[2013-07-16 13:17:32 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Origin
[2011-12-17 21:06:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PACE Anti-Piracy
[2012-01-19 20:15:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PC Suite
[2013-12-24 19:44:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PearlMountain
[2011-12-24 17:59:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Personal
[2011-12-23 14:50:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PunkBuster
[2014-03-16 10:12:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Radmin
[2012-04-02 22:38:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Rovio
[2012-03-09 19:49:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\S.A.D
[2011-12-10 20:08:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SecuROM
[2014-08-21 21:44:44 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Skype
[2013-10-18 18:12:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Softativity
[2012-01-28 17:46:54 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-03-25 18:21:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SuperUtils.com
[2013-12-07 23:26:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TeamViewer
[2011-12-26 12:45:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Tific
[2014-06-23 22:16:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TS3Client
[2012-04-10 11:23:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ts3overlay
[2012-07-08 22:10:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TSNotifier
[2012-04-18 14:56:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TuneUp Software
[2012-08-09 18:50:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\U3
[2012-06-07 18:35:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ubisoft
[2011-12-10 16:19:39 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ulead Systems
[2012-12-17 22:15:03 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\vlc
[2012-06-17 14:50:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinAVI
[2011-11-29 19:43:58 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinRAR
 
< %SYSTEMDRIVE%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
 
< MD5 for: BEEP.SYS  >
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
 
< MD5 for: EXPLORER.EXE  >
[2011-02-26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012-02-27 17:40:42 | 000,004,608 | ---- | M] () MD5=181066E31AD20869CF049262A0DB0BC2 -- C:\Users\Dawid\AppData\Local\Xenocode\ApplianceCaches\GameCamV2.exe_v049D98E1\Native\STUBEXE\@SYSTEM@\explorer.exe
[2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011-02-26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010-11-21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010-11-21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: NTFS.SYS  >
[2010-11-21 05:23:55 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2014-01-24 04:37:55 | 001,684,928 | ---- | M] (Microsoft Corporation) MD5=1A29A59A4C5BA6F8C85062A613B7E2B2 -- C:\Windows\SysNative\drivers\ntfs.sys
[2014-01-24 04:37:55 | 001,684,928 | ---- | M] (Microsoft Corporation) MD5=1A29A59A4C5BA6F8C85062A613B7E2B2 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18378_none_045a363833b85029\ntfs.sys
[2014-01-24 04:40:06 | 001,684,416 | ---- | M] (Microsoft Corporation) MD5=48B6047F82D5A8D0AEC71593F4ACD79B -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22580_none_04d102ad4ce53e53\ntfs.sys
[2011-03-11 08:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2011-03-11 08:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys
[2013-04-12 16:16:02 | 001,686,888 | ---- | M] (Microsoft Corporation) MD5=A6AE4551BF8EED09FA3B6FCDF472F3E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22297_none_04cd2f154ce71430\ntfs.sys
[2013-04-12 16:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18127_none_048f41be3390b0cf\ntfs.sys
 
< MD5 for: SVCHOST.EXE  >
[2014-05-12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2010-11-21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010-11-21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010-11-21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010-11-21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2014-05-12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010-11-21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014-03-04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014-03-04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014-03-04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
 
< %systemroot%\system32\ws2_32.dll /md5 >
[2010-11-21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\system32\ws2_32.dll
 
< %systemroot%\system32\kernel32.dll /md5 >
[2014-03-04 11:16:17 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=76161B9D78A275F8F28DD67436013110 -- C:\Windows\system32\kernel32.dll
 
< %systemroot%\system32\user32.dll /md5 >
[2010-11-21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\system32\user32.dll
 
< %systemroot%\Tasks\*.* /lockedfiles >
[2014-08-21 10:25:47 | 000,032,604 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Restore Points Found ==========
 
========== Files - Unicode (All) ==========
[2014-03-16 11:51:51 | 000,000,923 | ---- | M] ()(C:\Users\Dawid\Desktop\Un?nstall Tool.lnk) -- C:\Users\Dawid\Desktop\Unіnstall Tool.lnk
[2014-03-16 11:16:40 | 000,000,923 | ---- | C] ()(C:\Users\Dawid\Desktop\Un?nstall Tool.lnk) -- C:\Users\Dawid\Desktop\Unіnstall Tool.lnk
 
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Users\All Users] ->  -> Unknown point type
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 117 bytes -> C:\Users\All Users\Temp:1C209B86
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:1C209B86

< End of report >

[/log]

 

 

Extras

[log]OTL Extras logfile created on: 2014-08-21 21:39:50 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = E:\OTL
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,98 Gb Total Physical Memory | 5,30 Gb Available Physical Memory | 66,38% Memory free
15,96 Gb Paging File | 12,78 Gb Available in Paging File | 80,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 155,25 Gb Total Space | 8,88 Gb Free Space | 5,72% Space Free | Partition Type: NTFS
Drive D: | 155,16 Gb Total Space | 28,40 Gb Free Space | 18,30% Space Free | Partition Type: NTFS
Drive E: | 155,25 Gb Total Space | 30,87 Gb Free Space | 19,88% Space Free | Partition Type: NTFS
 
Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051EB8ED-D2FD-415D-9713-F60F230D90E6}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{067202FA-FB20-4EB7-989C-3859D15A1A09}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{08617120-8914-4034-81A7-07F0E96341F7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A0401B9-7C28-4978-92A1-F1C0DAB985F4}" = rport=137 | protocol=17 | dir=out | app=system |
"{0C2D0C78-D8C8-44CF-A1A2-5238B6DA2BC9}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{15026F90-DF7B-4407-8E41-D8144DD71D21}" = lport=139 | protocol=6 | dir=in | app=system |
"{1DF44B3D-2AEC-4987-8985-BC178E1854E6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2056652C-64D8-406A-833D-6C60F4CAD105}" = lport=445 | protocol=6 | dir=in | app=system |
"{2B376A50-0512-41D1-8CC5-B5190EC6FE20}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{345020B2-A6F4-4AB1-A39F-F9A8857A5CBB}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{34F6984E-9E3A-4CA0-AB14-89BFEB84E13B}" = rport=138 | protocol=17 | dir=out | app=system |
"{3A177BE4-2F2D-483C-B806-AD6C37691043}" = lport=4899 | protocol=17 | dir=in | name=4899 udp |
"{455C4DD2-462D-41A9-B20B-8BB1CF806EC9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4806CE93-4785-4088-A35D-F0D42392E2C0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{4AA1072B-DCC4-48B2-AE67-67B1477A29EF}" = rport=4899 | protocol=6 | dir=out | name=4899 tcp |
"{55D70FE6-9318-4287-97A0-41A1C845C476}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{69ED7FA8-A8E7-4770-A760-869558C00481}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6E8A9786-641D-4CEB-89C0-A492DAB26BDB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{72190C1D-61E2-4C6C-88ED-2D2E0504770D}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{7508478E-8008-474A-889D-16DD679EFFDB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{84F9193D-E4CC-48B9-B414-FAEE61C4743E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8E8809CC-569C-4C58-9627-B36CD5BF1BBA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{940EE33A-50AB-4FD8-B12B-EC21CF159CE4}" = lport=137 | protocol=17 | dir=in | app=system |
"{945C2275-D6D1-4012-9150-946901ED2278}" = lport=2869 | protocol=6 | dir=in | app=system |
"{95285DB7-1613-446F-8431-25FABB39FD48}" = rport=139 | protocol=6 | dir=out | app=system |
"{98F4E4AC-F703-4428-A545-D1E34715706D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9C922B2A-0969-4E4B-B299-CFA441A5BC38}" = rport=4899 | protocol=17 | dir=out | name=4899 udp |
"{9F8A8BE1-C517-4F0C-89CE-290641E28AF1}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{AC8948A1-102B-4E2F-AB51-3CB8C250D943}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AE097083-C0CD-42ED-96B5-9F0CD79E122C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C3593B60-2EE2-451B-BF16-5A5B5DA71575}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C6C7D2AE-61F4-4174-9637-89440067F051}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{D38BC28C-53D5-4F97-A114-10921CE535E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E046E66E-2BA8-47E7-B241-14FB35D31792}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E16E2025-DAC2-4C81-A49F-A1F5AA7A7287}" = rport=445 | protocol=6 | dir=out | app=system |
"{E9B4CBEA-AB89-4C05-B2B9-5E6BA84B4988}" = lport=4899 | protocol=6 | dir=in | name=4899 tcp |
"{EDBC7A31-AD62-4076-8BDB-9C8A88A78691}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F65A4E17-26ED-4A02-AE9C-D2CE5AF2349B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FA020FF2-3D82-4E52-A80C-B12396CD4BCC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF2A64AB-D235-418C-8078-A91BC721692B}" = lport=138 | protocol=17 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0994B7F4-A440-43F3-A425-F5FB71A3C646}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{11AFD906-3D0C-4529-B2F7-E96D329F44D6}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{1547B707-677E-423F-963C-1BCD7E6ECA49}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{155B3876-96A3-4635-A945-41CBC093DA96}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{17408F70-A0BE-47E6-821B-4C78EF466E5D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{1923B629-1606-475F-8A22-4543D60282AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1BDBDD68-5592-481E-B245-B6EBE8125D51}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1BE72711-CC5A-4EE9-B097-B69DEFFC04EB}" = dir=in | app=%programfiles% (x86)\radmin viewer 3\radmin.exe |
"{211AC75A-4C3C-4AB0-B157-D032317CE3BC}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe |
"{27792FA4-ED21-426D-8B4A-07B6441308A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2BFEDC87-A56D-4849-A748-C191E70E6302}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{32444DDF-A6A7-4E3C-A2C9-8D6738892FE5}" = dir=in | app=c:\users\dawid\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{39BEEA53-78C3-4308-9752-8752A39A5F81}" = protocol=6 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe |
"{3E582B93-96E3-4EBD-88BA-4F2D7136CBFD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E5E3B04-9BB5-4D30-A074-CC4FE5E90979}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4868991E-81C1-4315-80A4-BB013C873438}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4B514292-0C6E-4BDC-9689-3DD074FCDCC5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4D428C51-2BEE-4066-A114-0649CA63A237}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54E557F5-7305-41C0-88C4-2CD09C411590}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5860B855-191C-421A-BE61-3856368EC406}" = protocol=6 | dir=out | app=system |
"{5FF66FF0-99C5-4943-868B-9B1D4DC5BCBF}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe |
"{69CF4335-01A6-4CED-97E7-F5A2F4A035AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6A916F85-06B8-4F93-862B-CBADCBAC8B37}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{6BC4FC3B-0055-451D-B0F1-1CA4354C3430}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{6BD161BB-80B2-419A-84A0-C3DD6A2D53BA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7540C063-5F62-4114-963B-03F2A6B3DCB6}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{7B48A4C2-5C13-41CF-9322-08B5F2005FFA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{7D0F0EB6-7DE4-4730-8A84-14A0C5FB9B5A}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe |
"{804FCF24-CAF3-4EEE-9855-DC1777C862BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{81050B87-9B31-4BBE-862A-A0A0EEE91FA1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{82D90AD8-4023-44BE-A944-68D354B1CF37}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{856CCCDB-3FFA-4BC1-BF20-2E4C24F60028}" = protocol=6 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe |
"{886950DC-2A5F-465E-9FCA-C70D06C22D15}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{918512A2-A5F4-46CC-8F48-9FE8DAEAC9F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{972012F9-A2E9-4486-A0C6-CD8296E06ACF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A3B4FACB-2D8B-4947-BB51-F25C51C631DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A6B25DF3-55A1-4EDA-9A0F-18AA6D2B17AC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{AA197DE7-2835-45D7-9199-51F1638D6F6F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{ADB91B4E-26E2-4614-A154-E5391E0DE910}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AF240F08-E43F-4284-9E1A-CDE86C3473A0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B08BF8EF-0172-405D-B245-493336237DF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B65E9A0B-01F4-4838-822C-32C66F19176E}" = protocol=17 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe |
"{BDC8AED4-5753-4AF2-A3F1-A6C8EB066D35}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{C5A4A066-BCFA-4A67-AAFA-68CE3BE34B3B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C9B3ADEC-EFED-462B-B888-1152FE7B5DF1}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe |
"{CB0C6A3F-A2C3-4219-82AA-448C62008318}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DA3FE40C-A3A2-4573-8984-B14BB46C3162}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{DB6C9C1C-1AA6-43EB-9EAE-BDA940C38114}" = protocol=17 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe |
"{DBAFEFB0-F5C7-465D-BD9C-D72E7BEE9E38}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E2D3E600-3393-469C-BD1C-8523FB809ADF}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{E40E3999-C599-42E6-817F-8FD13F0378A0}" = dir=out | app=%programfiles% (x86)\radmin viewer 3\radmin.exe |
"{EA8AB3D3-CE48-4B25-AE67-461BC640B2CA}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{EB0F49C9-F2CE-4318-836B-C6031828F82B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F9F5A550-BB7D-4A49-8501-FA20EA7991F9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FF1FDAEF-4032-4CAF-A83E-90BB02BC901D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{20E5E139-277F-4FE3-BD6A-9B8FAEF19923}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe |
"TCP Query User{7AE8B3D8-FA66-43F9-A4C6-2DEF69EE1250}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe |
"TCP Query User{C77753D0-38F6-4969-8210-F4461D9652B5}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{FFD469CF-B67B-4D9E-BEB4-3E4C06DB7E4F}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe |
"UDP Query User{0D693FB2-E70D-4B2C-B438-406442314D17}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe |
"UDP Query User{437E473F-B055-4E34-94AD-AFE7B32BF217}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{6611A0CD-E5E2-420C-9591-EC9600EA206F}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe |
"UDP Query User{6EAB7657-AF00-4803-8661-D5AC9125F2C4}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English
"{33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}" = ESET Smart Security
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3DCF00F5-04A5-4543-A088-70548081120E}_is1" = Compiled Driver Disc (Full) 1.0
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK)
"{48BB9EBA-C929-4D7E-AF43-21B4427373EB}" = AIWI JoyStick
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish)
"{5783F2D7-D001-0415-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack – Polski (Polish)
"{5783F2D7-D001-0415-2102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{669A82E0-43E2-4645-8A2E-1A3DE78F8312}" = Adobe Photoshop Lightroom 4 64-bit
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 331.82
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{C7966AB3-A8D9-48D5-B7DF-922674C40098}" = Device Simulation Framework 1.0.1
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"AutoCAD 2014 — Polski (Polish)" = Autodesk AutoCAD 2014 — Polski (Polish)
"Autodesk ReCap" = Autodesk ReCap
"AutoHotkey" = AutoHotkey 1.1.13.01
"BurnInTest_is1" = BurnInTest v7.1 Pro
"CCleaner" = CCleaner
"CCleaner_is1" = CCleaner wersja 4.14.4707
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"CyberGhost VPN_is1" = CyberGhost VPN Patch 4.7.19
"JottiQSetup_is1" = JottiQ v1.0.2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TNod" = TNod User & Password Finder
"Uninstall Tool_is1" = Uninstall Tool
"WinRAR archiver" = WinRAR 4.11 (64-bitowy)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.5.0
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{199127DC-7BDB-41AB-825B-4229A86F8F0D}" = Radmin Viewer 3.5
"{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{266725C1-716F-43AC-BBFB-4201131ED656}" = EasySetPackage
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2E6044C5-3495-485F-91BC-46D1B6430E51}" = Windows 7 Logon Background Changer
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F6C0B68-F8CC-4F6A-8346-44E247A92CB6}_is1" = Multi AV wersja 1.0.1
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C35E42C-98B4-4A82-87C7-8E73FBDDFBCC}" = AIMP2 MegaPack v6 by UppeD
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8304}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8305}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8306}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8307}" = Grand Theft Auto IV
"{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}" = TS Notifier
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Oprogramowanie
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C4F2AE9-4D57-4A5D-B20A-B52DC24EC953}_is1" = Counter-Strike 1.6 v40
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit)
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}" = Machinery DEMO
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F196892-666A-4A40-8587-6AE38F78A5C2}" = FARO LS 1.1.501.0
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}" = Microsoft Keyboard Layout Creator 1.4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A781940-AC41-4D5E-8E1E-76A04B916FB9}" = Helium
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A864167F-970B-4673-8FD2-AA1FD7AF3C1C}" = DxO Optics Pro 7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF549236-6258-4AC6-A043-5B5B89C6EB61}" = SpyHunter
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}" = Speed-Link SL-6535 USB Pad
"{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI
"{B4008666-3C27-4B67-9D89-80B4E31FA685}" = Paraben's Device Seizure
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1" = MOBILedit! Enterprise ver. 7.5.0.4173
"{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}" = Disk Unlocker
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40963EC-223E-4E65-8CF0-A60E9A227245}_is1" = Prawo Jazdy ABCDT - egzamin wewnętrzny
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{FA1BD6B7-9740-4C9A-81EA-42D5196FA592}" = Angry Birds Space
"{FC274982-5AAD-4C20-848D-A9D60D18D757}_is1" = ScanMyReg 2.02
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Afterburner" = MSI Afterburner 2.3.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.30
"AIMP3" = AIMP3
"AQQ" = WapSter AQQ
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3 v.3.20
"Ashampoo Snap 4_is1" = Ashampoo Snap 4 v.4.3.0
"ASUS WebStorage" = ASUS WebStorage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Audacity_is1" = Audacity 2.0.4
"Autodesk Content Service" = Autodesk Content Service
"Battlelog Web Plugins" = Battlelog Web Plugins
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DFX for AIMP2 1.2.5" = DFX for AIMP2 1.2.5
"easyHDR_BASIC_2" = easyHDR BASIC 2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ExifCleaner" = ExifCleaner 1.7
"FormatFactory" = FormatFactory 3.0.1
"FotoSender_is1" = FotoSender 3.0
"Fraps" = Fraps (remove only)
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"Google Chrome" = Google Chrome
"HD Tune Pro_is1" = HD Tune Pro 3.00
"Image Grabber II" = Image Grabber II
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"ipla" = ipla 2.7
"JDownloader" = JDownloader
"jv16 PowerTools_is1" = jv16 PowerTools 1.3
"KLiteCodecPack_is1" = K-Lite Codec Pack 10.0.5 Full
"Komputer Świat Plus_is1" = Komputer Świat Plus
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LAME_is1" = LAME v3.99.3 (for Windows)
"LG PC Suite" = LG PC Suite
"Lightning_is1" = Lightning
"Liveupdate4_is1" = Liveupdate4
"Logitech Vid" = Logitech Vid HD
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.2.1012
"Mozilla Firefox 24.0 (x86 pl)" = Mozilla Firefox 24.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Nvu_is1" = Nvu 1.0
"OCCT" = OCCT 4.2.0
"Origin" = Origin
"PC Alert 4" = PC Alert 4
"PowerISO" = PowerISO
"Project 64_is1" = Project 64 version 2.1.0.1
"Protected Folder_is1" = Protected Folder
"PunkBusterSvc" = PunkBuster Services
"Silver Efex Pro 2" = Silver Efex Pro 2
"SM7192" = USB Cobra Joystick V4
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 8" = TeamViewer 8
"The KMPlayer" = The KMPlayer (remove only)
"Undelete 360_is1" = Undelete 360
"Uninstall Tool_is1" = Uninstall Tool
"Uplay" = Uplay
"Uplay Install 273" = Assassin's Creed IV Black Flag
"VCardExport_is1" = VCardExportTool
"Visual Watermark_is1" = Visual Watermark 2.9.30
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Podstawowe programy Windows Live
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dexpot" = Dexpot
"Flux" = f.lux
"GG" = GG
"KeyTurion" = KeyTurion version 2.8
"Polska lokalizacja Lightroom 4" = Polska lokalizacja Lightroom 4
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2014-08-21 11:31:12 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-08-21 11:31:12 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-08-21 11:31:25 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2013-08-21 12:10:29 | Computer Name = Dawid-Komputer | Source = SideBySide | ID = 16842832
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\LG
 Electronics\LG PC Suite\LGPCSuite.exe”. Błąd w pliku manifestu lub w pliku zasad
 „” w wierszu .  Wersja składnika wymagana przez aplikację powoduje konflikt z inną
 wersją składnika, która jest już aktywna.  Składniki powodujące konflikt:  Składnik
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Składnik
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 2014-08-21 13:45:44 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-08-21 13:45:44 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-08-21 13:46:11 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-08-21 15:24:15 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-08-21 15:24:15 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-08-21 15:24:33 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description =
 
[ Media Center Events ]
Error - 2012-01-10 12:31:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:31:51 - Błąd podczas nawiązywania połączenia z Internetem.  17:31:51
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-10 12:31:59 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:31:56 - Błąd podczas nawiązywania połączenia z Internetem.  17:31:56
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-11 13:15:09 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 18:15:09 - Błąd podczas nawiązywania połączenia z Internetem.  18:15:09
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-11 13:15:17 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 18:15:14 - Błąd podczas nawiązywania połączenia z Internetem.  18:15:14
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-12 12:01:15 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:01:15 - Błąd podczas nawiązywania połączenia z Internetem.  17:01:15
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-12 12:01:24 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:01:20 - Błąd podczas nawiązywania połączenia z Internetem.  17:01:20
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-13 11:45:32 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 16:45:32 - Błąd podczas nawiązywania połączenia z Internetem.  16:45:32
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-13 11:45:42 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 16:45:37 - Błąd podczas nawiązywania połączenia z Internetem.  16:45:37
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-14 10:05:39 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 15:05:39 - Błąd podczas nawiązywania połączenia z Internetem.  15:05:39
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-14 10:05:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 15:05:47 - Błąd podczas nawiązywania połączenia z Internetem.  15:05:47
 -     Nie można skontaktować się z serwerem..  
 
[ OSession Events ]
Error - 2014-01-06 11:09:30 | Computer Name = Dawid-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 2014-08-21 11:40:26 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2014-08-21 11:51:50 | Computer Name = Dawid-Komputer | Source = nvlddmkm | ID = 11141134
Description =
 
Error - 2014-08-21 13:44:34 | Computer Name = Dawid-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 18:17:08 na ?2014-?08-?21 było
nieoczekiwane.
 
Error - 2014-08-21 13:44:30 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi sbapifs z powodu następującego błędu:   %%2
 
Error - 2014-08-21 13:45:38 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   BTHidMgr
 
Error - 2014-08-21 13:54:28 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2014-08-21 14:57:16 | Computer Name = Dawid-Komputer | Source = nvlddmkm | ID = 11141134
Description =
 
Error - 2014-08-21 15:23:02 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi sbapifs z powodu następującego błędu:   %%2
 
Error - 2014-08-21 15:24:09 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   BTHidMgr
 
Error - 2014-08-21 15:26:56 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
 
< End of report >

[/log]

 

 

Gmer

[log]GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2014-08-21 22:01:49
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: gmer.exe; Driver: C:\Users\Dawid\AppData\Local\Temp\awddikob.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                                                                              fffff800037be000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                                                                              fffff800037be02f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1824] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                                       0000000075738791 4 bytes [C2, 04, 00, 00]
.text     C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1824] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                                                            0000000075bd1465 2 bytes [BD, 75]
.text     C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1824] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                                                           0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2
.text     C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                        0000000075bd1465 2 bytes [BD, 75]
.text     C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                       0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2
.text     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                0000000075bd1465 2 bytes [BD, 75]
.text     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                               0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                                                                         0000000072081a22 2 bytes [08, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                                                                         0000000072081ad0 2 bytes [08, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                                                                         0000000072081b08 2 bytes [08, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                                                                         0000000072081bba 2 bytes [08, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                                                                         0000000072081bda 2 bytes [08, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                  0000000075bd1465 2 bytes [BD, 75]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                 0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2
.text     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[3216] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                         0000000075bd1465 2 bytes [BD, 75]
.text     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[3216] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                        0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                               0000000075bd1465 2 bytes [BD, 75]
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                              0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe[4404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                           0000000075bd1465 2 bytes [BD, 75]
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe[4404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                          0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2
.text     C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe[4860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                           0000000075bd1465 2 bytes [BD, 75]
.text     C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe[4860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                          0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                      0000000075bd1465 2 bytes [BD, 75]
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                     0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35                                                                                              00000000734e11a8 2 bytes [4E, 73]
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21                                                                                        00000000734e13a8 2 bytes [4E, 73]
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21                                                                                            00000000734e1422 2 bytes [4E, 73]
.text     C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19                                                                                     00000000734e1498 2 bytes [4E, 73]
.text     C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                        0000000075bd1465 2 bytes [BD, 75]
.text     C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                       0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe[5616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                  0000000075bd1465 2 bytes [BD, 75]
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe[5616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                 0000000075bd14bb 2 bytes [BD, 75]
.text     ...                                                                                                                                                                                             * 2

---- Threads - GMER 2.1 ----

Thread    System [4:468]                                                                                                                                                                                  fffffa800bc25360
Thread    C:\Windows\System32\svchost.exe [3144:3364]                                                                                                                                                     000007fef49e9688

---- Registry - GMER 2.1 ----

Reg       HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2}                                                                                 
Reg       HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2}@jakcjdklmejkincploba                                                            0x62 0x61 0x66 0x65 ...
Reg       HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2}@jakcjdklmejkincplofa                                                            0x62 0x61 0x66 0x65 ...
Reg       HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}                                                                                 
Reg       HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@jamhbmaoceodkhbochia                                                            0x62 0x61 0x6A 0x69 ...
Reg       HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@iamgmcekjdkjbknegc                                                              0x6B 0x61 0x62 0x6B ...
Reg       HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@jamhbmaoceodkhbochmp                                                            0x62 0x61 0x61 0x6B ...
Reg       HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@haaifjjkgcfhlmai                                                                0x70 0x61 0x70 0x68 ...
Reg       HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@japhoiniofgaomhkilij                                                            0x64 0x62 0x61 0x6B ...
Reg       HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Dawid\AppData\Local\Logitech\xae Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe  1

---- EOF - GMER 2.1 ----

[/log]

 


FRST

[log]Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2014
Ran by Dawid (administrator) on DAWID-KOMPUTER on 21-08-2014 22:04:12
Running from C:\Users\Dawid\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Flux Software LLC) C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\ESP64Proxy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Duplex Secure Ltd.) C:\Users\Dawid\Desktop\SPTDinst-v186-x64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TNOD UP] => C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe [1028800 2014-05-27] (Tukero[X]Team)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2918656 2011-01-12] (ESET)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-04-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-19] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe [734544 2011-04-11] (ecareme)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Run: [F.lux] => C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Run: [Facebook Update] => C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-03-15] (Facebook Inc.)
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Run: [GG] => C:\Users\Dawid\AppData\Local\GG\Application\gghub.exe [4023360 2014-07-13] (GG Network S.A.)
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.)
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Policies\Explorer: [DisableThumbnails] 0
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\MountPoints2: {30c971b1-15dd-11e2-b2eb-f46d04619414} - K:\start.exe
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\MountPoints2: {366f53d7-d822-11e3-b078-f46d04619414} - L:\LG_PC_Programs.exe
HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\MountPoints2: {706d8922-e23b-11e1-9d52-f46d04619414} - K:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EasySetPackage.lnk
ShortcutTarget: EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe ()
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: GGDriveOverlay1 -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: GGDriveOverlay2 -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: GGDriveOverlay3 -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: GGDriveOverlay4 -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: Outpost -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {01AA3507-BBE7-437F-B89A-A4E240EF067E} URL = http://www.idg.pl?q={searchTerms}
SearchScopes: HKCU - {01AA3507-BBE7-437F-B89A-A4E240EF067E} URL = http://www.idg.pl?q={searchTerms}
BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.pl/
FF Keyword.URL: hxxp://isearch.avg.com/search?cid=%7B9b6f0ca3-7e12-4afe-b918-e1143ebfb52f%7D&mid=3c8acdbcac8547d095a0252442857de7-617abbcef06b250eea98b924de82af8847409f3a&ds=st011&v=11.1.0.7&lang=pl&pr=sa&d=2012-03-30%2017%3A42%3A10&sap=ku&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dawid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: FullScreen+ - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\FullScreen@muha.com [2014-02-20]
FF Extension: Better Battlelog (BBLog) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack [2014-07-19]
FF Extension: No Name - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\staged [2013-10-18]
FF Extension: AddThis - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2013-01-07]
FF Extension: DownloadHelper - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-09]
FF Extension: SeenBlock - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\jid0-8C9kZOXgcsBN95BaPPbaKdSHEpU@jetpack.xpi [2014-01-16]
FF Extension: SoundCloud Sounds in Google Mail™ - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\jid1-GBYr3F9iI4n8IA@jetpack.xpi [2013-05-03]
FF Extension: Screen Surfer - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\screensurfer@pjs.nl.xpi [2013-01-30]
FF Extension: SkipScreen - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\SkipScreen@SkipScreen.xpi [2013-01-30]
FF Extension: Google Translator for Firefox - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\translator@zoli.bod.xpi [2013-02-03]
FF Extension: UploadScreenshot.com Capture - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\uss-button@uploadscreenshot.com.xpi [2013-01-30]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013-10-29]
FF Extension: Abduction! - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi [2013-01-30]
FF Extension: Easy YouTube Video Downloader - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012-06-12]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2013-03-02]
FF Extension: Adblock Plus - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-08-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2014-08-04]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-12-10]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR StartupUrls: "hxxp://google.pl/"
CHR Extension: (Dokumenty Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21]
CHR Extension: (Dysk Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21]
CHR Extension: (YouTube) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21]
CHR Extension: (Szukaj w Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21]
CHR Extension: (Google Wallet) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (Gmail) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [258688 2010-12-02] (ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S3 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [42360 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [810144 2011-01-12] (ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-08-16] (Hewlett-Packard Company) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-02-21] (Nalpeiron Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-10-13] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-29] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24032 2013-10-08] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
S3 CisUtMonitor; C:\Windows\System32\DRIVERS\CisUtMonitor.sys [33360 2011-10-30] (CrystalIdea Software)
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-01-15] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [170640 2010-12-21] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [34144 2010-12-21] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2010-12-21] (ESET)
S3 FLASHSYS; C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [15192 2008-02-15] ()
S3 GWHid; C:\Windows\System32\DRIVERS\GWHid.sys [22576 2008-11-04] (Microsoft Corporation)
S3 GWHid; C:\Windows\SysWOW64\DRIVERS\GWHid.sys [18992 2008-11-04] (Microsoft Corporation)
S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
S3 LGDDCDevice; C:\Windows\SysWOW64\LGI2CDriver.sys [16384 2009-12-22] (LG Soft India) [File not signed]
S3 LGII2CDevice; C:\Windows\SysWOW64\LGPII2CDriver.sys [19456 2009-12-22] (LG Soft India) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2013-07-16] (Sony Ericsson Mobile Communications)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-21] (Duplex Secure Ltd.)
S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)
R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [43136 2010-09-21] (ASUSTeK Computer Inc.)
S3 VL807; C:\Windows\System32\DRIVERS\VL807.sys [31848 2008-03-30] () [File not signed]
S3 VL807; C:\Windows\SysWOW64\DRIVERS\VL807.sys [25064 2008-03-30] () [File not signed]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
U3 DfSdkS;
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 gfiark; system32\drivers\gfiark.sys [X]
S3 HRMACPI; SYSTEM32\DRIVERS\HRMACPI.SYS [X]
S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X]
S3 MSICDSetup; \??\F:\CDriver64.sys [X]
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
S3 SOFTUSBTESTHUB; SYSTEM32\DRIVERS\SOFTUSBTESTHUB.SYS [X]
S3 SOFTWADP; SYSTEM32\DRIVERS\SOFTWADP.SYS [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 WSOFTUSBK; SYSTEM32\DRIVERS\WSOFTUSBK.SYS [X]
U3 awddikob; \??\C:\Users\Dawid\AppData\Local\Temp\awddikob.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\Drivers\lgandnetadb.sys 8769A70C4E7648D1885BECF0119AEA1C
C:\Windows\System32\DRIVERS\lgandnetdiag64.sys B46840E5BDAEE0C749A3E5778F65EBE4
C:\Windows\System32\DRIVERS\lgandnetmodem64.sys 130701C53E4DF44B54FED8C3892150F5
C:\Windows\System32\DRIVERS\lgandnetndis64.sys E3EC070581BBE36BA9F48BBB04E74FAC
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys 2921131F9A111FD6C6D2C5E1E5B6B75C
C:\Windows\SysWow64\drivers\AsIO.sys FEF9DD9EA587F8886ADE43C1BEFBDAFE
C:\Windows\System32\DRIVERS\asmthub3.sys 954950D11ADA98AC1B7EE3C770E4622C
C:\Windows\System32\DRIVERS\asmtxhci.sys 01DBB05DB1DB95803E3C9F2B49AFE79C
C:\Windows\SysWow64\drivers\AsUpIO.sys 1392B92179B07B672720763D9B1028A5
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthAvrcp.sys 832B121E4532919CC49F2438F1DCAA21
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\System32\Drivers\BtHidBus.sys D386D98652F5951E83C055102932EA98
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\Drivers\btnetBus.sys 9CBE73FA49C2C9ACFF162D40ABD9E54F
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CisUtMonitor.sys 887A9970E711232E2C93F0FD343A1C9D
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\dfx11_1x64.sys 51D50A9A72C18E4629891BF381D123BA
C:\Windows\System32\DRIVERS\ssudbus.sys 955FFE2B1D74A9E0E3E0E558E6A17F3B
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dsfksvcs.sys 4C639A503201E3F9FB001B840B934A3F
C:\Windows\System32\DRIVERS\dsfroot.sys 13699BA0680D8EEEF67945F5A405610C
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 400582B09E0BB557D0EC28A945150EEB
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\eamonm.sys ACA3FE4F18A945B7BF2618A79F6F670B
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ehdrv.sys 6672438BDCBFD87250D22112D458294D
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\epfw.sys 443805B5B11C859AC8CA35297648FF0C
C:\Windows\System32\DRIVERS\Epfwndis.sys 66E61BC6C9F519A99275EB0F0E530BF4
C:\Windows\System32\DRIVERS\epfwwfp.sys F72C97F3D34EA5EC919C73E3901266BB
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys 5B314CC7640D091DE8F3BC822490DA28
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GWHid.sys 5C2CD67845D77E3BC968EF84E1090754
C:\Windows\SysWOW64\DRIVERS\GWHid.sys 090301084BDA33DA327C6FAAE2BB12B9
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HRMCFGSPC.SYS 1696A06C0EF55DFCD540B32556D3819A
C:\Windows\System32\DRIVERS\HRMINTS.SYS F58F8F2A11CE4A695C9333C416D0321F
C:\Windows\System32\DRIVERS\HRMPORTS.SYS 6BC42DC759D42A4EDCA7452B4D08D870
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys D1E30259353E7D8D1B713A76CDDEB88B
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\ICCWDT.sys C1010ADD3DDAE1196ED21057AF7B2AAE
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 589B94A9B73A0E819FF873743A480834
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\Drivers\IvtBtBus.sys 689B5432F82705BDE9652A4BB1A5AF7D
C:\Windows\System32\Drivers\IvtBtBus.sys 689B5432F82705BDE9652A4BB1A5AF7D
C:\Windows\System32\Drivers\btnetBus.sys 9CBE73FA49C2C9ACFF162D40ABD9E54F
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\SysWOW64\LGI2CDriver.sys ED2536079D6A7E9DB6864CF1029B6D39
C:\Windows\SysWOW64\LGPII2CDriver.sys 02D2A421D7D49E07617CA4A090592616
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lvrs64.sys 0C85B2B6FB74B36A251792D45E0EF860
C:\Windows\System32\DRIVERS\lvuvc64.sys FF3A488924B0032B1A9CA6948C1FA9E8
C:\Windows\system32\drivers\mbam.sys F92B0E478C0FAA6D6661E6E977247E60
C:\Windows\system32\drivers\MBAMSwissArmy.sys 8A50D5304E6AE48664CF5838EC32F647
C:\Windows\system32\drivers\mwac.sys 15E8ABC06843672955CE26A009533BAD
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\Drivers\MHIKEY10x64.sys BA7E071E855D4C502916164A31B05D4D
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\drivers\ccdcmbx64.sys 5FE6F8C05F0769BBB74AFAC11453B182
C:\Windows\System32\drivers\ccdcmbox64.sys 73C929945C0850B8D1FE2FEA05FDF05D
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys 554964B900AE2954B8B589B6287034AC
C:\Windows\System32\DRIVERS\nvlddmkm.sys F554291C0A11F5B713B54C5886D4AA31
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\drivers\nvvad64v.sys 09216A70CC364D0974F606F6F2109210
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\DRIVERS\pccsmcfdx64.sys 3FDE033DFB0D07F8B7D5C9A3044AA121
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0
C:\Windows\System32\DRIVERS\RtNdPt60.sys E16B7C030A05EF649B18FAB0A93D871F
C:\Windows\System32\DRIVERS\RtTeam60.sys 1DE78F5008120CD79B34C12394DCD493
C:\Windows\System32\DRIVERS\RtVlan60.sys B1018AA1B5735F5FA89FD4DADF4BEA7A
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SCDEmu.sys C81EB41E9FFC35560E5025891DC01A6E
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\seehcri.sys EDE7A1D2715AAC2190D51DC07AFD44E3
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\softehci.sys 5DA8039E58B3A557C6A744E476CDEB7F
C:\Windows\System32\DRIVERS\SOFTHIDUSBK.SYS 26D2B0FF718219809C0BC3A8B061C6EC
C:\Windows\System32\DRIVERS\SOFTUSBK.SYS E1702BBE8D31B6EDD5C6881C80F123A8
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 74D30C2EF66C2EB19F17ED5423AA8038
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys BB94A5E2CEE5FD83BA5A72A37AECADDF
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901.sys F9BE29D5E097F03F81D3CD12B794CB66
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\shbecr.sys 03E62CD83A62859F4F796434EE6C385E
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RtTeam60.sys 1DE78F5008120CD79B34C12394DCD493
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys 34AFB83C7BBA370E404E52CC2290350C
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbehci_dsf.sys DC2B97B8865042FC17C82381AC426D1C
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\drivers\usbser.sys B57B4F0BEC4270A281B9F8537EB2FA04
C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys AA75E1EFBEE7186B4CBAAACF1F15E6CA
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\DRIVERS\VDiskBus64.sys 1D3D716E05CAA17122DE65D0DBA4F6D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\VL807.sys F6627D3BDD1E4747EBB0B5E9F2FCB706
C:\Windows\SysWOW64\DRIVERS\VL807.sys 0222F745A991F5D15EEC2726D58CA14D
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 22:04 - 2014-08-21 22:04 - 00049115 _____ () C:\Users\Dawid\Desktop\FRST.txt
2014-08-21 22:03 - 2014-08-21 22:04 - 00000000 ____D () C:\FRST
2014-08-21 22:02 - 2014-08-21 22:03 - 02101760 _____ (Farbar) C:\Users\Dawid\Desktop\FRST64.exe
2014-08-21 22:01 - 2014-08-21 22:01 - 00013495 _____ () C:\Users\Dawid\Desktop\gmer log 2.log
2014-08-21 21:54 - 2014-08-21 21:54 - 00623224 _____ (Duplex Secure Ltd.) C:\Users\Dawid\Desktop\SPTDinst-v186-x64.exe
2014-08-21 21:54 - 2014-08-21 21:54 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-08-13 17:11 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 17:11 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 17:11 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 17:11 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 17:10 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 17:10 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 17:10 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 17:10 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 17:09 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 17:09 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 17:09 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 17:09 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 17:09 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 17:09 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 17:09 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 17:09 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 17:09 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 17:09 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 17:09 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 17:08 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 17:08 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 17:08 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 17:08 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 17:08 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 17:08 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 17:08 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 17:08 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 17:08 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 17:08 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 17:08 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 17:08 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 17:08 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 17:08 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 17:08 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 17:08 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 17:08 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 17:08 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 17:08 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 17:08 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 17:08 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 17:08 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 17:08 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 17:08 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 17:08 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 17:08 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 17:08 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 17:08 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 17:08 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 17:08 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 17:08 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 17:08 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 17:08 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 17:08 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 17:08 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 17:08 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 17:08 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 17:08 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 17:08 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 17:08 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 17:08 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 17:08 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 17:08 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 17:08 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 17:08 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 17:08 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 17:08 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 17:08 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 17:08 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 17:08 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 17:08 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 17:08 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 17:08 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 17:08 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 17:08 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 17:08 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 17:08 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 17:08 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 17:08 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 17:08 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 17:08 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 17:08 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 17:08 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 17:08 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 17:08 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 17:08 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 17:08 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 17:08 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 17:08 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 17:08 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 17:08 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 17:08 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 17:08 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 17:08 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 17:07 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 17:07 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-04 22:38 - 2014-08-04 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 19:40 - 2014-08-03 19:40 - 00000000 ____D () C:\Users\Public\Documents\EA Games
2014-08-03 17:40 - 2014-08-03 17:40 - 00928346 _____ () C:\Users\Dawid\Desktop\billing.txt
2014-08-03 17:27 - 2014-08-03 19:35 - 00000000 ____D () C:\Users\Dawid\Desktop\Morze 2014
2014-07-28 13:21 - 2014-07-28 13:21 - 00016694 _____ () C:\Users\Dawid\Desktop\imgres.htm
2014-07-24 10:39 - 2014-08-21 21:31 - 00000071 _____ () C:\Users\Dawid\Desktop\NIEZNANE.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 22:04 - 2014-08-21 22:04 - 00049115 _____ () C:\Users\Dawid\Desktop\FRST.txt
2014-08-21 22:04 - 2014-08-21 22:03 - 00000000 ____D () C:\FRST
2014-08-21 22:03 - 2014-08-21 22:02 - 02101760 _____ (Farbar) C:\Users\Dawid\Desktop\FRST64.exe
2014-08-21 22:01 - 2014-08-21 22:01 - 00013495 _____ () C:\Users\Dawid\Desktop\gmer log 2.log
2014-08-21 22:01 - 2012-06-17 15:40 - 00000000 ____D () C:\Users\Dawid\AppData\Roaming\Skype
2014-08-21 22:00 - 2012-04-01 18:42 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 21:54 - 2014-08-21 21:54 - 00623224 _____ (Duplex Secure Ltd.) C:\Users\Dawid\Desktop\SPTDinst-v186-x64.exe
2014-08-21 21:54 - 2014-08-21 21:54 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-08-21 21:47 - 2011-11-29 16:47 - 01733484 _____ () C:\Windows\WindowsUpdate.log
2014-08-21 21:37 - 2012-07-06 17:17 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-21 21:32 - 2009-07-14 06:45 - 00032096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 21:32 - 2009-07-14 06:45 - 00032096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 21:31 - 2014-07-24 10:39 - 00000071 _____ () C:\Users\Dawid\Desktop\NIEZNANE.txt
2014-08-21 21:30 - 2012-04-11 22:02 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job
2014-08-21 21:27 - 2012-07-29 10:46 - 00000000 ____D () C:\Users\Dawid\AppData\Roaming\GG
2014-08-21 21:26 - 2014-05-20 14:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 21:26 - 2013-10-20 12:41 - 00000494 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-08-21 21:26 - 2012-07-06 17:17 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-21 21:25 - 2009-07-14 06:45 - 05148816 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 21:23 - 2013-10-20 13:05 - 00003941 _____ () C:\Windows\setupact.log
2014-08-21 21:23 - 2013-01-26 11:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-21 21:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-21 21:22 - 2012-04-06 13:04 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-08-21 18:16 - 2011-11-29 17:50 - 00000000 ____D () C:\ProgramData\Temp
2014-08-21 10:25 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-20 19:27 - 2013-12-12 18:04 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-20 13:45 - 2012-05-16 20:29 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{17034A08-9999-4798-B2F8-CCEC11624C3F}
2014-08-20 10:52 - 2014-06-04 09:36 - 00000000 ____D () C:\Users\Dawid\Desktop\fociaki
2014-08-17 14:25 - 2011-12-03 17:02 - 00000000 ____D () C:\ProgramData\Origin
2014-08-17 12:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-17 12:30 - 2012-04-11 22:02 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job
2014-08-17 11:04 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-17 10:30 - 2012-06-11 12:37 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-17 09:17 - 2012-04-01 18:42 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-17 09:17 - 2012-04-01 18:42 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-17 09:17 - 2012-02-21 18:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-16 14:46 - 2013-10-20 13:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-16 14:46 - 2011-12-29 18:17 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-08-16 14:46 - 2011-12-29 18:17 - 00001908 _____ () C:\Windows\diagerr.xml
2014-08-16 11:59 - 2011-04-12 15:21 - 01430882 _____ () C:\Windows\system32\perfh015.dat
2014-08-16 11:59 - 2011-04-12 15:21 - 00544654 _____ () C:\Windows\system32\perfc015.dat
2014-08-16 11:59 - 2009-07-14 07:13 - 03722082 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-14 15:06 - 2012-02-22 14:40 - 00000000 ____D () C:\Users\Dawid\AppData\Roaming\AIMP3
2014-08-13 17:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 17:25 - 2011-11-29 19:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 17:21 - 2013-07-11 15:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 17:15 - 2011-11-30 21:35 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 17:09 - 2014-04-28 20:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 12:50 - 2011-11-29 19:22 - 00000000 ____D () C:\Users\Dawid\AppData\Local\CrashDumps
2014-08-10 11:26 - 2013-06-30 00:33 - 00727873 _____ () C:\Windows\system32\webservice4.log
2014-08-07 04:06 - 2014-08-13 17:07 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 17:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 12:37 - 2012-06-10 21:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 22:38 - 2014-08-04 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 19:40 - 2014-08-03 19:40 - 00000000 ____D () C:\Users\Public\Documents\EA Games
2014-08-03 19:40 - 2012-03-18 18:02 - 00000000 ____D () C:\Users\Dawid\Documents\EA Games
2014-08-03 19:35 - 2014-08-03 17:27 - 00000000 ____D () C:\Users\Dawid\Desktop\Morze 2014
2014-08-03 17:40 - 2014-08-03 17:40 - 00928346 _____ () C:\Users\Dawid\Desktop\billing.txt
2014-08-01 01:41 - 2014-08-13 17:08 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 17:08 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-28 13:21 - 2014-07-28 13:21 - 00016694 _____ () C:\Users\Dawid\Desktop\imgres.htm
2014-07-25 16:52 - 2014-08-13 17:08 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-13 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-13 17:08 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-13 17:09 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-13 17:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-13 17:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:28 - 2014-08-13 17:08 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-13 17:08 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-13 17:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-13 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-13 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-13 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-13 17:08 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-13 17:08 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-13 17:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-13 17:08 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-13 17:08 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-13 17:08 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-13 17:08 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-13 17:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-13 17:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-13 17:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-13 17:09 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:28 - 2014-08-13 17:08 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:21 - 2014-08-13 17:08 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-13 17:08 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-13 17:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-13 17:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:17 - 2014-08-13 17:08 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:12 - 2014-08-13 17:08 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-13 17:08 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-13 17:08 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-13 17:09 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-13 17:08 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-13 17:09 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-13 17:08 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-13 17:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-13 17:08 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-13 17:08 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-13 17:08 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-13 17:08 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-13 17:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-13 17:08 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-13 17:08 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-13 17:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-13 17:08 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-13 17:08 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-13 17:08 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-13 17:08 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-13 17:08 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-13 17:08 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-13 17:08 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-13 17:08 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-13 17:09 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 16:53 - 2012-03-19 18:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 16:52 - 2012-03-19 18:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 12:20 - 2012-03-19 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 11:27 - 2011-12-03 19:14 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-24 11:27 - 2011-12-03 18:12 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-24 11:27 - 2011-12-03 18:12 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0

ZeroAccess:
C:\Users\Dawid\AppData\Local\Temp
C:\Users\Dawid\AppData\Local\Temp\adminlevel.ini
C:\Users\Dawid\AppData\Local\Temp\au-descriptor-1.7.0_67-b01.xml
C:\Users\Dawid\AppData\Local\Temp\cc3data_init.xml
C:\Users\Dawid\AppData\Local\Temp\chrome_installer.log
C:\Users\Dawid\AppData\Local\Temp\Cleaning.ico
C:\Users\Dawid\AppData\Local\Temp\CLW9F16.tmp
C:\Users\Dawid\AppData\Local\Temp\Donate.ico
C:\Users\Dawid\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Dawid\AppData\Local\Temp\EsgScanner.inf
C:\Users\Dawid\AppData\Local\Temp\ESGScanner.sys
C:\Users\Dawid\AppData\Local\Temp\esnA00.tmp
C:\Users\Dawid\AppData\Local\Temp\etilqs_4nY5ikseuJeeqmB
C:\Users\Dawid\AppData\Local\Temp\etilqs_7DgC4k2ZRdvDBcr
C:\Users\Dawid\AppData\Local\Temp\etilqs_9gWDeL3l62hjlux
C:\Users\Dawid\AppData\Local\Temp\etilqs_A1TnDIeHLQgci5P
C:\Users\Dawid\AppData\Local\Temp\etilqs_a3e46vfeaYp31vd
C:\Users\Dawid\AppData\Local\Temp\etilqs_b2yCba1Rf9z2yxS
C:\Users\Dawid\AppData\Local\Temp\etilqs_d1x3hA3NI44cQry
C:\Users\Dawid\AppData\Local\Temp\etilqs_Fi6vpR6q9cTTuqg
C:\Users\Dawid\AppData\Local\Temp\etilqs_G5slpSHaCm4fzE5
C:\Users\Dawid\AppData\Local\Temp\etilqs_IM0j05Li8n8P1LK
C:\Users\Dawid\AppData\Local\Temp\etilqs_ldPCYdtnXqT3Wxs
C:\Users\Dawid\AppData\Local\Temp\etilqs_mdar7DIwmHrkOKp
C:\Users\Dawid\AppData\Local\Temp\etilqs_OdvnEAOjYhsuSIX
C:\Users\Dawid\AppData\Local\Temp\etilqs_OVgDYJzqFwgjAqd
C:\Users\Dawid\AppData\Local\Temp\etilqs_Pfvhkjkx7w4P0bP
C:\Users\Dawid\AppData\Local\Temp\etilqs_qqMGrZnpnD9P6XL
C:\Users\Dawid\AppData\Local\Temp\etilqs_SOpkfVPmAv71qhy
C:\Users\Dawid\AppData\Local\Temp\etilqs_TefLjm0Pi1yPk0J
C:\Users\Dawid\AppData\Local\Temp\etilqs_Tzeut0gmPV4KVzx
C:\Users\Dawid\AppData\Local\Temp\etilqs_xS8aORhs7UBghqf
C:\Users\Dawid\AppData\Local\Temp\etilqs_y8zrmlfTrTf1y7n
C:\Users\Dawid\AppData\Local\Temp\etilqs_ZIoQRHJoBzhhuKc
C:\Users\Dawid\AppData\Local\Temp\etilqs_zTFqdRd0tThfNEE
C:\Users\Dawid\AppData\Local\Temp\eulNlY188.tmp
C:\Users\Dawid\AppData\Local\Temp\FXSAPIDebugLogFile.txt
C:\Users\Dawid\AppData\Local\Temp\ggdrive-menu.exe
C:\Users\Dawid\AppData\Local\Temp\ggdrive-overlay.exe
C:\Users\Dawid\AppData\Local\Temp\installstats.exe
C:\Users\Dawid\AppData\Local\Temp\JavaDeployReg.log
C:\Users\Dawid\AppData\Local\Temp\jusched.log
C:\Users\Dawid\AppData\Local\Temp\KMP_3.9.0.124.exe
C:\Users\Dawid\AppData\Local\Temp\LGAutoRun_C.Log
C:\Users\Dawid\AppData\Local\Temp\LGAutoRun_L.Log
C:\Users\Dawid\AppData\Local\Temp\manaem188.tmp
C:\Users\Dawid\AppData\Local\Temp\MSI19dd5.LOG
C:\Users\Dawid\AppData\Local\Temp\MSI1eaeb.LOG
C:\Users\Dawid\AppData\Local\Temp\others
C:\Users\Dawid\AppData\Local\Temp\Quarantine.exe
C:\Users\Dawid\AppData\Local\Temp\reboot.exe
C:\Users\Dawid\AppData\Local\Temp\Report.ico
C:\Users\Dawid\AppData\Local\Temp\Scan.ico
C:\Users\Dawid\AppData\Local\Temp\SHSetup.exe
C:\Users\Dawid\AppData\Local\Temp\TWAIN.LOG
C:\Users\Dawid\AppData\Local\Temp\Twain001.Mtx
C:\Users\Dawid\AppData\Local\Temp\Twunk001.MTX
C:\Users\Dawid\AppData\Local\Temp\Twunk002.MTX
C:\Users\Dawid\AppData\Local\Temp\Uninstall.ico
C:\Users\Dawid\AppData\Local\Temp\vsimage.bmp
C:\Users\Dawid\AppData\Local\Temp\WC9EF6.tmp
C:\Users\Dawid\AppData\Local\Temp\WER4C83.tmp.resp.erc.xml
C:\Users\Dawid\AppData\Local\Temp\WER7C60.tmp.WERInternalMetadata.xml
C:\Users\Dawid\AppData\Local\Temp\wmplog00.sqm
C:\Users\Dawid\AppData\Local\Temp\wmplog01.sqm
C:\Users\Dawid\AppData\Local\Temp\wmsetup.log
C:\Users\Dawid\AppData\Local\Temp\~DF0078A8FB9D8693C7.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF01BF70128AFDCF5F.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF02B06A3B4B6F29C0.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF049979314B5331C8.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF0508EEEFD550E6C7.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF05C59B3198AE8BE2.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF068D5EEC0139E271.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF06D52939439BC54D.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF0730E12EF6AC7E70.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF08D89C11C18B2E89.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF0EE0A0DD3CBE32FB.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF10891EBE2A77DE03.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF128D0D6F115AEC22.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF161FF93094954CFD.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF179408EBD7CC9429.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF18DA4B137A27C1D0.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF195C7FA7E51A7C48.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF1B43108942F5A674.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF20311FF9B8B16E7F.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF2653E13B42978DD2.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF27846BD59DF77D56.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF2A043EC47F9870C3.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF2E4E5BF49C6C5AF6.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF32B5C91EF2F54BD5.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF32F01E8503ACCD79.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF3681A451A656A32E.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF36BB78C377E53B06.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF37041CD453D3F663.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF390302973A14A6E7.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF3B09773FC61A1A29.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF3BF7A0B8E208D807.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF3EA66D6FB7180EE4.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF3FDB5D3CE255E71C.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF431DF4EFF5F99472.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF469C492D8D678D17.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF485BB2CC9517A620.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF48773AA75C4C7CF6.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF4C88DF5D8B52A4FA.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF4CB932029A56F353.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF4D878B13BE8732AE.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF4DDFDAF7B2B6E31F.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF51E320347D7750B9.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF5447F750ED759338.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF5463E0D083A605F6.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF555D4B1C00DA4405.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF568071D2D1D8CD6B.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF5A76B38199CFEC2E.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF5B340934C8AFCF0C.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF5B5698C9CD6ECA08.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF5B762CFFC412EDB2.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF5C64DC10D5960219.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF5D6B473F38F9EC4B.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF5EB2947BBFF2110B.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF634E44B3F87CEC8C.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF64AFD953BBB1FB3D.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF6596D879F9B628B8.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF6687A04FCA8B0ED0.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF6A45B0A09957C95A.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF6D52BF908399027D.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF6D96AC6A1C2EFBF4.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF707770E9B6477C98.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF7226B11D5F37E0A1.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF735C51F1C8ED1AE8.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF7760246334550910.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF77E5F2D1D8334D07.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF790E990EBB66C13E.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF7AB87F50ECE87FA5.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF7ADEBB91D24775EE.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF7B49CA76C1F9174E.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF7BA00028A776EF1D.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF7C2C703ACB9443AF.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF7D41D193C9B0B006.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF7F8BF5E652D83D78.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF7FC3B4CCE8B56D00.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF80DC647900D49D0A.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF812B4EFEA874F631.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF8291233E9D4F346D.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF833FDC9957F1A168.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF8CAAB64ECADFBC56.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF8E0E219C82317F51.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF8EDC3ABFE727E497.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF92318B1751680747.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF9469D7102C35B9B6.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF951F921FBBB80370.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF952D2ED6EB0CA657.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF9949B5AC31E5DECD.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF9C858B8B9028CAA6.TMP
C:\Users\Dawid\AppData\Local\Temp\~DF9E552759102EDEED.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFA06F4DBC3F6055E4.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFA276BED331BDFAEF.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFA93DD5D47995D142.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFAC3D7836BD1E350D.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFAD4AB7B80F0ACC02.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFB0C22590ABCE8C59.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFB1C793A5B7D0A98C.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFB233821B6D8759B1.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFB292C7F3504F2EA7.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFB29851DE14E258F5.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFB33870FFDB3F8D3C.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFB5BC022646F4CA65.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFBE6A8BF20B436CA5.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFBEEBF7C1EDA8E86E.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFC167F49937E004EF.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFC1F5D7D2EE0DA229.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFC3B1918ED56477ED.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFC3CC2B81427BC304.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFC75CC0A55D218F94.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFC8386FCE25D808E7.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFC85393B59C633AB0.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFC915969686E6E106.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFCB313679B1A67EE3.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFCB8F7A181E501C1F.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFD17E8663CED2BD3A.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFD36A201E33A9334D.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFD5B2685B9F4457BB.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFD8409BE9E4DA8790.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFD9DCF9A4E7A66C1C.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFDA669967D9E79857.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFDB77B4A48BB977AB.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFDDE6EE2A6347BE99.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFDF15B3B258334CC7.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFDF4B0298FFE0D4A9.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFE481D3CF4DD34F81.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFE591D44847B8D1FB.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFEAE2B96640F92674.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFEB42C78A4B0D6E17.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFEB64EC105ED8C58A.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFECA8B27D89A0CCDC.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFECE890B1B9316E07.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFED860AEA76F173B0.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFF17DDD7FDDC8CB27.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFF21CBCD347846A5F.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFF4CB3967C5FDDD1D.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFF54905ED636B512E.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFF5E37E600BC42439.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFF6F7EF8145057639.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFF9303AC9882B21F5.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFF95785F0F1628A10.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFF97DAEDFF5886DCC.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFFAE345462CE6784B.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFFDD697C0419B8B1B.TMP
C:\Users\Dawid\AppData\Local\Temp\~DFFF12F5B9C1C6AC7C.TMP
C:\Users\Dawid\AppData\Local\Temp\~PIC707.tmp
C:\Users\Dawid\AppData\Local\Temp\~PIC708.tmp
C:\Users\Dawid\AppData\Local\Temp\Skype\DbTemp\temp-jTnOmhGTvGeB8cGFRKDEkmhL
C:\Users\Dawid\AppData\Local\Temp\Skype\DbTemp\temp-U86h6tNuo2DP0xgy0T0cTOkd
C:\Users\Dawid\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml
C:\Users\Dawid\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx
C:\Users\Dawid\AppData\Local\Temp\L\config.ini
C:\Users\Dawid\AppData\Local\Temp\L\LG_PC_Programs.exe
C:\Users\Dawid\AppData\Local\Temp\L\P5_LGPsLvDlChk.dll
C:\Users\Dawid\AppData\Local\Temp\L\Progress.avi
C:\Users\Dawid\AppData\Local\Temp\L\SendScsiCmd.dll
C:\Users\Dawid\AppData\Local\Temp\chrome_BITS_5892_2753\BIT38AD.tmp

Some content of TEMP:
====================
C:\Users\Dawid\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Dawid\AppData\Local\Temp\ggdrive-menu.exe
C:\Users\Dawid\AppData\Local\Temp\ggdrive-overlay.exe
C:\Users\Dawid\AppData\Local\Temp\installstats.exe
C:\Users\Dawid\AppData\Local\Temp\KMP_3.9.0.124.exe
C:\Users\Dawid\AppData\Local\Temp\Quarantine.exe
C:\Users\Dawid\AppData\Local\Temp\reboot.exe
C:\Users\Dawid\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Menedľer rozruchu systemu Windows
---------------------------------
Identyfikator              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  pl-PL
inherit                 {globalsettings}
default                 {current}
resumeobject            {8d7e95a3-1a98-11e1-a0a1-c2bbabc01381}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Modu adujĄcy rozruchu systemu Windows
---------------------------------------
Identyfikator              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  pl-PL
inherit                 {bootloadersettings}
recoverysequence        {8d7e95a5-1a98-11e1-a0a1-c2bbabc01381}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {8d7e95a3-1a98-11e1-a0a1-c2bbabc01381}
nx                      OptOut

Modu adujĄcy rozruchu systemu Windows
---------------------------------------
Identyfikator              {8d7e95a5-1a98-11e1-a0a1-c2bbabc01381}
device                  ramdisk=[C:]\Recovery\8d7e95a5-1a98-11e1-a0a1-c2bbabc01381\Winre.wim,{8d7e95a6-1a98-11e1-a0a1-c2bbabc01381}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\8d7e95a5-1a98-11e1-a0a1-c2bbabc01381\Winre.wim,{8d7e95a6-1a98-11e1-a0a1-c2bbabc01381}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Wznawianie ze stanu hibernacji
------------------------------
Identyfikator              {8d7e95a3-1a98-11e1-a0a1-c2bbabc01381}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  pl-PL
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Modu testujĄcy pami©† systemu Windows
--------------------------------------
Identyfikator              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Diagnostyka pami©ci systemu Windows
locale                  pl-PL
inherit                 {globalsettings}
badmemoryaccess         Yes

Ustawienia usug EMS
--------------------
Identyfikator              {emssettings}
bootems                 Yes

Ustawienia debugera
-------------------
Identyfikator              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

Uszkodzenia pami©ci RAM
-----------------------
Identyfikator              {badmemory}

Ustawienia globalne
-------------------
Identyfikator              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Ustawienia moduu adujĄcego rozruchu
-------------------------------------
Identyfikator              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Ustawienia funkcji hypervisor
-----------------------------
Identyfikator              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Ustawienia moduu adujĄcego wznawiania
---------------------------------------
Identyfikator              {resumeloadersettings}
inherit                 {globalsettings}

Opcje urzĄdzenia
----------------
Identyfikator              {8d7e95a6-1a98-11e1-a0a1-c2bbabc01381}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\8d7e95a5-1a98-11e1-a0a1-c2bbabc01381\boot.sdi



LastRegBack: 2014-08-17 10:59

==================== End Of Log ============================[/log]

 

 

Addition

[log]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2014
Ran by Dawid at 2014-08-21 22:04:35
Running from C:\Users\Dawid\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Zapora osobista (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4 64-bit (HKLM\...\{669A82E0-43E2-4645-8A2E-1A3DE78F8312}) (Version: 4.0.1 - Adobe)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
AIDA64 Extreme Edition v2.30 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.30 - FinalWire Ltd.)
AIMP2 MegaPack v6 by UppeD (HKLM-x32\...\{4C35E42C-98B4-4A82-87C7-8E73FBDDFBCC}) (Version: 1.00.0000 - EXSite.pl)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1345, 26.03.2014 - AIMP DevTeam)
AIWI (HKLM-x32\...\InstallShield_{B3E74336-F275-40D9-BFAB-2FCB765609F5}) (Version: 1.1.0.9291 - Aibelive Co., Ltd.)
AIWI (x32 Version: 1.1.0.9291 - Aibelive Co., Ltd.) Hidden
AIWI JoyStick (HKLM\...\{48BB9EBA-C929-4D7E-AF43-21B4427373EB}) (Version: 1.0.0 - aibelive)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version:  - Microsoft)
Aktualizacje NVIDIA 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
Angry Birds Space (HKLM-x32\...\{FA1BD6B7-9740-4C9A-81EA-42D5196FA592}) (Version: 1.2.2 - Rovio)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Ashampoo Internet Accelerator 3 v.3.20 (HKLM-x32\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 4 v.4.3.0 (HKLM-x32\...\Ashampoo Snap 4_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.94.193 - eCareme Technologies, Inc.)
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
AutoCAD 2014 — Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack – Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 — Polski (Polish) (HKLM\...\AutoCAD 2014 — Polski (Polish)) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Brother MFL-Pro Suite (HKLM-x32\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.00 - Brother Industries, Ltd.)
BurnInTest v7.1 Pro (HKLM\...\BurnInTest_is1) (Version: 7.1 - Passmark Software)
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
CCleaner wersja 4.14.4707 (HKLM\...\CCleaner_is1) (Version: 4.14.4707 - )
Common (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Compiled Driver Disc (Full) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-70548081120E}_is1) (Version: 1.0.8.1 - COMPELSON Labs)
Contents (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Corel VideoStudio Pro X4 (HKLM-x32\...\_{AA902C31-B49D-4608-BCCF-2519EB77722D}) (Version: 14.3.0.5 - Corel Corporation)
Counter-Strike 1.6 v40 (HKLM-x32\...\{7C4F2AE9-4D57-4A5D-B20A-B52DC24EC953}_is1) (Version:  - Exe Games PL)
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CyberGhost VPN Patch 4.7.19 (HKLM\...\CyberGhost VPN_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Simulation Framework 1.0.1 (HKLM\...\{C7966AB3-A8D9-48D5-B7DF-922674C40098}) (Version: 1.0.1 - Microsoft)
DeviceIO (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Dexpot (HKCU\...\Dexpot) (Version: 1.6.3 - Dexpot GbR)
DFX for AIMP2 1.2.5 (HKLM-x32\...\DFX for AIMP2 1.2.5) (Version:  - )
Disk Unlocker (HKLM-x32\...\{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}) (Version: 2.0.6 - ASUS)
DxO Optics Pro 7 (HKLM-x32\...\{A864167F-970B-4673-8FD2-AA1FD7AF3C1C}) (Version: 7.0.0 - DxO Labs)
easyHDR BASIC 2 (HKLM-x32\...\easyHDR_BASIC_2) (Version: 2.13.3 - SIMPARTEK - Bartlomiej Okonek)
EasySetPackage (HKLM-x32\...\{266725C1-716F-43AC-BBFB-4201131ED656}) (Version: 2.4 - LG Soft India)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Smart Security (HKLM\...\{33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}) (Version: 4.2.71.2 - ESET, spol. s r.o.)
ExifCleaner 1.7 (HKLM-x32\...\ExifCleaner) (Version: 1.7 - SuperUtils.com Software)
f.lux (HKCU\...\Flux) (Version:  - )
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.501.0 (HKLM-x32\...\{8F196892-666A-4A40-8587-6AE38F78A5C2}) (Version: 5.1.0.30630 - FARO Scanner Production)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
FotoSender 3.0 (HKLM-x32\...\FotoSender_is1) (Version:  - Foto-Kontakt)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation)
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameDesire-Pool & Snooker (HKLM-x32\...\GameDesire-Pool & Snooker) (Version:  - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GG (HKCU\...\GG) (Version: 12 - GG Network S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HD Tune Pro 3.00 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
ICA (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Image Grabber II (HKLM-x32\...\Image Grabber II) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.1.1001 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
ipla 2.7 (HKLM-x32\...\ipla) (Version: 2.7 - Redefine Sp z o.o.)
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JDownloader (HKLM-x32\...\JDownloader) (Version:  - AppWork UG (haftungsbeschränkt))
JottiQ v1.0.2 (HKLM\...\JottiQSetup_is1) (Version: 1.0.2 - Gholam, Inc.)
jv16 PowerTools 1.3 (HKLM-x32\...\jv16 PowerTools_is1) (Version:  - )
KeyTurion version 2.8 (HKCU\...\KeyTurion) (Version:  - Datpol)
K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Komputer Świat Plus (HKLM-x32\...\Komputer Świat Plus_is1) (Version: 1.4.5.110 - Komputer Świat)
LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LG CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3109 - CyberLink Corp.)
LG CyberLink LabelPrint (x32 Version: 2.5.3109 - CyberLink Corp.) Hidden
LG CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.)
LG CyberLink Power2Go (x32 Version: 6.2.4009 - CyberLink Corp.) Hidden
LG CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.5529 - CyberLink Corp.)
LG CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304a - CyberLink Corp.)
LG CyberLink YouCam (x32 Version: 2.0.3304a - CyberLink Corp.) Hidden
LG ODD Auto Oprogramowanie (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.14.20140117 - LG Electronics)
LG Power Tools (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.)
LG Power Tools (x32 Version: 6.0.3316 - CyberLink Corp.) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
Lightning (HKLM-x32\...\Lightning_is1) (Version:  - MSI, Inc.)
LightScribe System Software (HKLM-x32\...\{705B639E-FAAF-40D7-AD58-C445321C7C3F}) (Version: 1.18.18.1 - LightScribe)
Liveupdate4 (HKLM-x32\...\Liveupdate4_is1) (Version:  - MSI, Inc.)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.50.862.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.50.859.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.50.861.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Machinery DEMO (HKLM-x32\...\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}) (Version: 1.5.5 - Maszyneria)
Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MOBILedit! Enterprise ver. 7.5.0.4173 (HKLM-x32\...\{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1) (Version: 7.5.0.4173 - COMPELSON Labs)
MOBILedit! Support Libraries (HKLM-x32\...\{1A834332-A9EE-440C-9505-2D07F445F05A}) (Version: 4.0.0 - COMPELSON Labs)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 24.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 pl)) (Version: 24.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi AV wersja 1.0.1 (HKLM-x32\...\{3F6C0B68-F8CC-4F6A-8346-44E247A92CB6}_is1) (Version: 1.0.1 - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.5.34.0 - Nokia)
Nokia Suite (x32 Version: 3.5.34.0 - Nokia) Hidden
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Oprogramowanie systemu PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden
NVIDIA Sterownik 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version:  - Linspire Inc.)
OCCT 4.2.0 (HKLM-x32\...\OCCT) (Version: 4.2.0 - Ocbase.com)
Origin (HKLM-x32\...\Origin) (Version: 8.6.0.357 - Electronic Arts, Inc.)
Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Panel sterowania NVIDIA 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
Paraben's Device Seizure (HKLM-x32\...\{B4008666-3C27-4B67-9D89-80B4E31FA685}) (Version: 6.1.4925.28192 - Paraben Corporation)
PC Alert 4 (HKLM-x32\...\PC Alert 4) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{7390478C-8581-415E-92E9-2997D9306B81}) (Version: 12.0.32.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.201.0 - Tracker Software Products Ltd.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Polska lokalizacja Lightroom 4 (HKCU\...\Polska lokalizacja Lightroom 4) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.0 - Power Software Ltd)
Prawo Jazdy ABCDT - egzamin wewnętrzny  (HKLM-x32\...\{F40963EC-223E-4E65-8CF0-A60E9A227245}_is1) (Version:  - Grupa IMAGE sp. z o.o.)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version:  - IObit)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
PureHD (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Radmin Viewer 3.5 (HKLM-x32\...\{199127DC-7BDB-41AB-825B-4229A86F8F0D}) (Version: 3.50.0000 - Famatech)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
ScanMyReg 2.02 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-A9D60D18D757}_is1) (Version:  - YL Computing, Inc)
Setup (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Share (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Share64 (Version: 14.0.0.342 - Corel Corporation) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Silver Efex Pro 2 (HKLM-x32\...\Silver Efex Pro 2) (Version: 2.0.0.0 - Nik Software, Inc.)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
Speed-Link SL-6535 USB Pad (HKLM-x32\...\{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}) (Version: 1.00.0000 - GASIA)
SpyHunter (HKLM-x32\...\{AF549236-6258-4AC6-A043-5B5B89C6EB61}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version:  - )
TNod User & Password Finder (HKLM\...\TNod) (Version: 1.4.1.0 - Tukero[X]Team)
TS Notifier (HKLM-x32\...\{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}) (Version: 1.5.1000 - Andreas Gebert)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version:  - File Recovery Ltd.)
Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.3.3 - CrystalIDEA Software, Inc.)
Uninstall Tool (HKLM-x32\...\Uninstall Tool_is1) (Version: 2.9.6 - CrystalIdea Software, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{840D15BD-72E8-4710-ABDD-8E883B88BD5D}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
USB Cobra Joystick V4 (HKLM-x32\...\SM7192) (Version:  - )
VCardExportTool (HKLM-x32\...\VCardExport_is1) (Version:  - )
VIO (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Visual Watermark 2.9.30 (HKLM-x32\...\Visual Watermark_is1) (Version:  - VisualWatermark.com)
VSClassic (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
VSPro (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
WapSter AQQ (HKLM-x32\...\AQQ) (Version: 2.6.0.10 - Creative Team S.A.)
Windows 7 Logon Background Changer (HKLM-x32\...\{2E6044C5-3495-485F-91BC-46D1B6430E51}) (Version: 1.5.2 - Julien MANICI)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 4.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1744233449-2869872091-3771974885-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> E:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1744233449-2869872091-3771974885-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> E:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1744233449-2869872091-3771974885-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> E:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1744233449-2869872091-3771974885-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> E:\Autodesk\AutoCAD 2014\pl-PL\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1744233449-2869872091-3771974885-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Dawid\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Restore Points  =========================

05-08-2014 15:46:25 Windows Update
13-08-2014 15:09:14 Windows Update
19-08-2014 07:30:33 Windows Update
21-08-2014 19:54:25 SPTD setup V1.86

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-05-26 12:28 - 00000903 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
           127.0.0.1 activate.adobe.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {013955AA-C72C-4158-A62C-4F6A7BA0A5AE} - System32\Tasks\Usługa aktualizacji oprogramowania InstallShield => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13] (InstallShield Software Corporation)
Task: {0FFE709B-8DF8-4281-89E8-808F978397AE} - System32\Tasks\{5E9AC45C-DE48-4BCB-8CFF-FB041950E0F8} => Firefox.exe http://ui.skype.com/ui/0/5.8.0.158/pl/abandoninstall?page=tsMain
Task: {113E2C28-0C8B-4972-9C3E-9B6C3F481C50} - System32\Tasks\{7244E1F3-F0F4-4A65-BF61-315ED40D683F} => C:\Program Files (x86)\FotoSender\FotoSender.exe [2011-09-27] ()
Task: {162F4B70-1EF2-4C52-9904-D171AC54737C} - System32\Tasks\Symantec\Norton Error Analyzer 18.6.0.29 => C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\SymErr.exe
Task: {1743582A-55EA-44D4-A6B5-BB862A128C62} - System32\Tasks\{7AB85007-EA04-4668-8CBE-65DB1D6207C9} => F:\Prawko.exe
Task: {1D697B95-1997-439D-9010-2D947771E590} - System32\Tasks\{81DB0962-961C-4F69-9186-98A2925783C4} => Firefox.exe http://ui.skype.com/ui/0/5.8.0.158/pl/abandoninstall?page=tsMain
Task: {1E3CB9B2-6150-430B-B232-C5BB8123C549} - System32\Tasks\{3BEC2721-789E-4A0D-9F04-F03CF4484830} => C:\Program Files (x86)\Uninstall Tool\utool.exe [2010-03-16] (CrystalIDEA Software)
Task: {1E6AD5B7-0877-46B9-8588-D637837EBAA9} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: {1FCB6FE3-BDBD-48C1-89C4-3AB957FB88FA} - System32\Tasks\{3FDF962F-1D48-4406-9E7A-4410C9D955BE} => Firefox.exe http://ui.skype.com/ui/0/6.6.0.106/pl/go/help.faq.installer?LastError=1603
Task: {225F40D8-F549-4BB0-848B-5DF99E03FB14} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {278F1E86-617E-4EBB-9589-1F5F8A563983} - System32\Tasks\{7E28678F-67B3-4F94-93FA-10349519E01B} => Firefox.exe http://ui.skype.com/ui/0/5.10.0.114/pl/go/help.faq.installer?source=lightinstaller&amp;LastError=1603
Task: {3078EF54-960D-4871-BED2-1DF1FEF366D5} - System32\Tasks\{541BA438-1C80-444C-BA3A-6128D0855447} => C:\Program Files (x86)\FotoSender\FotoSender.exe [2011-09-27] ()
Task: {34B0177F-A38F-4873-82B6-987042BE1E1C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA => C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-15] (Facebook Inc.)
Task: {3563D845-DFB4-437D-8D2A-A7287C617642} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {39773D5E-E794-4220-8052-6976D088A5BD} - \Program aktualizacji online firmy InstallShield Software. No Task File <==== ATTENTION
Task: {55E16910-B5AB-4A14-9722-3AC6C4FF0E8C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-17] (Adobe Systems Incorporated)
Task: {5C9352E2-9982-4537-984F-3F2371929B91} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {5FB9CC01-31D9-4DB3-BD2C-9EBCD3F4440A} - System32\Tasks\ASC7_SkipUac_Dawid => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
Task: {6469F155-7DBF-4B5A-AC2A-37449E16D2D6} - System32\Tasks\{3472E79A-6EF8-4E9E-BCB3-FF36020A71CF} => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
Task: {691561BF-9DDF-4D7C-BE6A-22DDD99F2D4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06] (Google Inc.)
Task: {6BB4B778-7D22-4199-A4D9-F4044B61329C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core => C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-15] (Facebook Inc.)
Task: {704F0F05-72B5-4B3A-96C2-CF5F8ECC9BC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06] (Google Inc.)
Task: {818357C7-F0F5-4711-9F5D-669116245235} - System32\Tasks\{CDACD967-4069-4076-86C3-3811F2CE51F4} => Firefox.exe http://ui.skype.com/ui/0/6.6.0.106/pl/go/help.faq.installer?LastError=1603
Task: {8212E392-AC56-4A3D-85A7-2CCDE54E5404} - System32\Tasks\{1B99CC1D-B156-4E48-B020-F6569B25B2EC} => Firefox.exe http://ui.skype.com/ui/0/6.9.0.106/pl/abandoninstall?page=tsMain
Task: {8E98E93B-F3D2-4EA0-88EB-C24190D9DA18} - System32\Tasks\RegCure Pro => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: {8EFC9511-D324-4EA7-A5E6-73B9D33BFA63} - System32\Tasks\Symantec\Norton Error Processor 18.6.0.29 => C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\SymErr.exe
Task: {AF3D663A-485B-49C1-BB09-276A7D847CA2} - \ParetoLogic Registration3 No Task File <==== ATTENTION
Task: {C88FD9A3-7E7E-40D1-AB04-9AF24B5B05D6} - System32\Tasks\{8A30D91A-795E-4CA4-9D91-FE5601CD9AA6} => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
Task: {DACDB29C-F515-4DF2-979E-64C7D3B6694A} - System32\Tasks\{7A6C8C36-9867-442B-B8C6-A38BC8EA3F47} => F:\Prawko.exe
Task: {DD8242FB-9C3C-4E8D-AD34-4B6589478BC8} - System32\Tasks\{8771F270-05D7-4D6F-A90C-C3BC6E771C2B} => F:\Prawko.exe
Task: {E1C46CF6-0FDB-47EF-A13D-C25286D7158B} - System32\Tasks\{0519588A-49CA-4E75-A527-72FB6E7F7CDE} => Firefox.exe http://ui.skype.com/ui/0/6.6.0.106/pl/go/help.faq.installer?LastError=1603
Task: {EC74A5AC-99EA-4ACE-8A69-50E783C23855} - \ParetoLogic Update Version3 No Task File <==== ATTENTION
Task: {F5271610-55A3-424B-AB14-60C8D90616AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job => C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job => C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\RegCure Pro.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe

==================== Loaded Modules (whitelisted) =============

2011-11-30 21:22 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-11-03 11:30 - 2010-11-03 11:30 - 00918144 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2010-12-02 04:15 - 2010-12-02 04:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2011-11-29 17:11 - 2010-10-21 11:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2011-12-03 18:12 - 2014-06-29 11:55 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-11-29 18:06 - 2009-12-04 18:15 - 00062976 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK64.dll
2011-11-29 18:06 - 2009-12-22 13:30 - 00159744 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
2011-11-29 18:06 - 2009-12-22 13:31 - 00024576 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
2011-08-12 12:20 - 2011-08-12 12:20 - 01260568 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\UMVPLMute.dll
2011-08-12 12:19 - 2011-08-12 12:19 - 00221208 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\FxPreview.dll
2011-08-12 12:20 - 2011-08-12 12:20 - 01349656 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\MRSystem.dll
2011-08-12 12:20 - 2011-08-12 12:20 - 00135192 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\MapTrackData.dll
2011-08-12 12:20 - 2011-08-12 12:20 - 01323032 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\MMSystem.dll
2011-08-12 12:20 - 2011-08-12 12:20 - 00294424 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\VMSystem.dll
2011-11-29 17:10 - 2014-08-21 21:23 - 00020480 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-11-29 17:10 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-08-13 17:40 - 2014-08-13 17:40 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a66e495ff6608f31b4987c13f205ef00\IsdiInterop.ni.dll
2011-11-29 17:02 - 2011-05-19 16:34 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-11-29 18:06 - 2009-12-22 13:30 - 00057344 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK.dll
2011-11-29 18:06 - 2009-12-22 13:30 - 00012288 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EngRes.dll
2009-12-15 14:46 - 2009-12-15 14:46 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 14:49 - 2009-12-15 14:49 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-15 10:39 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 10:39 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 10:39 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 10:39 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 10:39 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-15 10:39 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Temp:1C209B86

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24023874.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24023874.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Classes\exefile:  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: G:\
Description: FCR-HS3       -2
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer:         
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: H:\
Description: FCR-HS3       -3
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer:         
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: I:\
Description: FCR-HS3       -1
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer:         
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/21/2014 09:54:25 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu.
.
To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym.


Operacja:
   Zbieranie danych modułu zapisującego

Kontekst:
   Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220}
   Nazwa modułu zapisującego: System Writer
   Identyfikator wystąpienia modułu zapisującego: {1f2da371-3596-4a62-9e8c-4eec9f49cee5}

Error: (08/21/2014 09:24:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/21/2014 09:24:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (08/21/2014 09:24:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (08/21/2014 07:46:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/21/2014 07:45:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (08/21/2014 07:45:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (08/21/2013 06:10:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2” w wierszu C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (08/21/2014 05:31:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/21/2014 05:31:12 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]


System errors:
=============
Error: (08/21/2014 09:26:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (08/21/2014 09:24:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
BTHidMgr

Error: (08/21/2014 09:23:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu:
%%2

Error: (08/21/2014 08:57:16 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: \Device\Video5!051d(2558)

Error: (08/21/2014 07:54:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu:
%%1058

Error: (08/21/2014 07:45:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
BTHidMgr

Error: (08/21/2014 07:44:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu:
%%2

Error: (08/21/2014 07:44:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 18:17:08 na ‎2014-‎08-‎21 było nieoczekiwane.

Error: (08/21/2014 05:51:50 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: \Device\Video5!051d(2558)

Error: (08/21/2014 05:40:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu:
%%1058


Microsoft Office Sessions:
=========================
Error: (01/06/2014 05:09:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 43%
Total physical RAM: 8172.13 MB
Available physical RAM: 4622.09 MB
Total Pagefile: 16342.45 MB
Available Pagefile: 12485.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:155.25 GB) (Free:10.49 GB) NTFS
Drive d: () (Fixed) (Total:155.16 GB) (Free:28.4 GB) NTFS
Drive e: () (Fixed) (Total:155.25 GB) (Free:30.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B30AB7E9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=155.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=155.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=155.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================[/log]

 

 

Shortcut

[log]Users shortcut scan result (x64) Version: 21-08-2014
Ran by Dawid at 2014-08-21 22:05:38
Running from C:\Users\Dawid\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\LG PC Suite.Lnk -> C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk -> C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe (Adobe Systems Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4 64-bit.lnk -> C:\Program Files\Adobe\Adobe Photoshop Lightroom 4\lightroom.exe (Adobe Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk -> C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk -> C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4\MSKLC.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk -> C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Windows Media Encoder.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmenc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Encoding Script.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\WMEncUtil.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media File Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmeditor.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Profile Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\WMProEdt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Stream Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmstreamedt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Watermark\Uninstall Visual Watermark.lnk -> C:\Program Files (x86)\Visual Watermark\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Watermark\Visual Watermark on the Web.lnk -> C:\Program Files (x86)\Visual Watermark\vmark.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Watermark\Visual Watermark.lnk -> C:\Program Files (x86)\Visual Watermark\vmark.exe (Integrated Business Service Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VCardExport\VCardImport.lnk -> C:\Program Files (x86)\VCardExportTool\VCardExport.exe (Aegis Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool\Strona WWW programu Uninstall Tool.lnk -> C:\Program Files\Uninstall Tool\UninstallTool.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool\Uninstall Tool.lnk -> C:\Program Files (x86)\Uninstall Tool\utool.exe (CrystalIDEA Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool\Unіnstall Tool.lnk -> C:\Program Files\Uninstall Tool\UninstallTool.exe (CrystalIDEA Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undelete360\Undelete 360.lnk -> C:\Program Files (x86)\File Recovery\undelete360\undelete-360.exe (File Recovery Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSNotifier\DirectX Update.lnk -> C:\Windows\Installer\{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}\_E55A93B4730E1E40A5797F.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSNotifier\TSNotifier.lnk -> C:\Windows\Installer\{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}\_2512B98A4F2A89BF718D24.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\README.lnk -> C:\Program Files\ESET\TNod User & Password Finder\LEEME.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Run hidden.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Uninstall.lnk -> C:\Program Files\ESET\TNod User & Password Finder\uninst-tnod.exe (Tukero[X]Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Update license.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperUtils.com\ExifCleaner\ExifCleaner Readme.lnk -> C:\Program Files (x86)\SuperUtils.com\ExifCleaner\readme.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperUtils.com\ExifCleaner\ExifCleaner.lnk -> C:\Program Files (x86)\SuperUtils.com\ExifCleaner\ExifClnr.exe (SuperUtils.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperUtils.com\ExifCleaner\Uninstall.lnk -> C:\Program Files (x86)\SuperUtils.com\ExifCleaner\uninst.exe (SuperUtils.com Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperUtils.com\ExifCleaner\Web Site.lnk -> C:\Program Files (x86)\SuperUtils.com\ExifCleaner\ExifCleaner.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanMyReg\Deinstalacja programu ScanMyReg.lnk -> C:\Program Files (x86)\ScanMyReg\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanMyReg\ScanMyReg.lnk -> C:\Program Files (x86)\ScanMyReg\ScanMyReg.exe (YL Computing, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio\Angry Birds Space\Angry Birds Space.lnk -> E:\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek\Realtek Ethernet Diagnostic Utility\Realtek Ethernet Diagnostic Utility.lnk -> C:\Program Files (x86)\Realtek\Realtek Ethernet Diagnostic Utility\8169Diag.exe (Realtek Semiconductor Corporation.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin Viewer 3\Pomoc.lnk -> C:\Program Files (x86)\Radmin Viewer 3\Radmin30pl.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin Viewer 3\Radmin Viewer 3.lnk -> C:\Program Files (x86)\Radmin Viewer 3\Radmin.exe (Famatech Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\O programie QuickTime.lnk -> C:\Windows\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk -> C:\Windows\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\PictureViewer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Folder\Deinstalacja programu Protected Folder.lnk -> C:\Program Files (x86)\IObit\Protected Folder\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Folder\Protected Folder.lnk -> C:\Program Files (x86)\IObit\Protected Folder\ProtectedFolder.exe (IObit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0\Project 64.lnk -> C:\Program Files (x86)\Project64 2.1\Project64.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Help.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Virtual Drive Manager.lnk -> C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.exe (Power Software Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\Uninstall PowerISO.lnk -> C:\Program Files (x86)\PowerISO\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange\Check for Updates.lnk -> C:\Program Files\Tracker Software\Live Update\LiveUpdate.exe (Tracker Software Products (Canada) Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange\PDF-XChange Viewer.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paraben Corporation\Device Seizure\Device Seizure.lnk -> C:\Program Files (x86)\Paraben Corporation\Device Seizure\DeviceSeizure.exe (Paraben Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paraben Corporation\Device Seizure\Get Registration Key.lnk -> C:\Program Files (x86)\Paraben Corporation\Device Seizure\Registration Key\GetRegistrationKey.exe (Paraben Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paraben Corporation\Device Seizure\Help.lnk -> C:\Program Files (x86)\Paraben Corporation\Device Seizure\Help\deviceseizure.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Usuń Origin.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Electronic Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT\Ocbase.com.lnk -> C:\Program Files (x86)\OCCTPT\OCCT.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT\OCCT.lnk -> C:\Program Files (x86)\OCCTPT\OCCT.exe (OCCT)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT\Uninstall.lnk -> C:\Program Files (x86)\OCCTPT\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nvu\Nvu.lnk -> C:\Program Files (x86)\Nvu\nvu.exe (Mozilla, Linspire Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia\Nokia Suite.lnk -> C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi AV\Deinstalacja programu Multi AV.lnk -> C:\Program Files (x86)\Multi AV\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi AV\Multi AV.lnk -> C:\Program Files (x86)\Multi AV\multiav.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\MSI Kombustor 2.5.lnk -> C:\Program Files (x86)\MSI Kombustor 2.5\KLoaderWin32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Uninstall MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor 2.5\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\MSI Kombustor 2.4.lnk -> C:\Program Files (x86)\MSI Kombustor 2.4\KLoaderWin32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\Uninstall MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor 2.4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\DirectX installation for Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor 2.3\DirectX_Install\DXSETUP.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\MSI Kombustor 2.3.lnk -> C:\Program Files (x86)\MSI Kombustor 2.3\KLoaderWin32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\Uninstall MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor 2.3\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\DirectX Install.lnk -> C:\Program Files (x86)\MSI Kombustor\DirectX_Install\DXSETUP.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\MSI Kombustor(DX10).lnk -> C:\Program Files (x86)\MSI Kombustor\MSIKombustorDX10.exe (MSI Co., LTD)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\MSI Kombustor(DX11).lnk -> C:\Program Files (x86)\MSI Kombustor\MSIKombustorDX11.exe (MSI Co., LTD)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\MSI Kombustor(DX9).lnk -> C:\Program Files (x86)\MSI Kombustor\MSIKombustorDX9.exe (MSI Co., LTD)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor\KLoaderWin32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\Uninstall MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\VGA\MSI_APS\MSI_APS.lnk -> C:\Program Files (x86)\MSI\VGA\MSI_APS\MSI_APS.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\VGA\MSI_APS\Uninstall TWEAKER.lnk -> C:\Program Files (x86)\MSI\VGA\MSI_APS\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\VGA\Lightning\Lightning.lnk -> C:\Program Files (x86)\MSI\VGA\Lightning\Lightning.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\VGA\Lightning\Uninstall Lightning.lnk -> C:\Program Files (x86)\MSI\VGA\Lightning\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\PC Alert 4\PC Alert 4.lnk -> C:\Program Files (x86)\MSI\PC Alert 4\StartPCAlert4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Live Update 4\Live Update 4.lnk -> C:\Program Files (x86)\MSI\Live Update 4\LU4\Liveupdate.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Live Update 4\Uninstall Live Update 4.lnk -> C:\Program Files (x86)\MSI\Live Update 4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit! Enterprise\MOBILedit! Enterprise.lnk -> C:\Program Files (x86)\MOBILedit! Enterprise\MOBILedit!.exe (COMPELSON Labs)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Certyfikat cyfrowy dla projektów VBA.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Diagnostyka pakietu Microsoft Office.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Microsoft Office 2007 Ustawienia języka.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace\Games for Windows Marketplace.lnk -> C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Deinstalacja programu Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Vid HD.lnk -> C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Webcam Software.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Control Panel.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Website.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\LightScribe Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Tool Kit\LG ODD Auto Oprogramowanie.lnk -> C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (BitLeader)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Power Tools\PowerBackup\Online Registration.lnk -> C:\Program Files (x86)\CyberLink\PowerBackup\OLRSubmission\OLRSubmission.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Power Tools\PowerBackup\PowerBackup Online Help.lnk -> C:\Program Files (x86)\CyberLink\PowerBackup\PowerBackup.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Power Tools\PowerBackup\PowerBackup.lnk -> C:\Program Files (x86)\CyberLink\PowerBackup\PowerBackup.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Power Tools\PowerBackup\Readme.lnk -> C:\Program Files (x86)\CyberLink\PowerBackup\Readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite\LG PC Suite.Lnk -> C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite\uninstall.lnk -> C:\Program Files (x86)\LG Electronics\LG PC Suite\uninstall.exe (LG Electronics)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Komputer Świat Plus\Deinstalacja programu Komputer Świat Plus.lnk -> C:\Program Files (x86)\Komputer Świat Plus\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Komputer Świat Plus\KŚ+.lnk -> C:\Program Files (x86)\Komputer Świat Plus\KSPlus.exe (Komputer Świat)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext (x64).lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools\jv16 PowerTools.lnk -> C:\Program Files (x86)\jv16 PowerTools\jv16 PowerTools.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools\Uninstall.lnk -> C:\Program Files (x86)\jv16 PowerTools\unins000.exe (Jordan Russell)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JottiQ\JottiQ Changelog.lnk -> C:\Program Files\JottiQ\Changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JottiQ\JottiQ Discussion Thread (NANY 2011).lnk -> C:\Program Files\JottiQ\JottiQ Discussion Thread (NANY 2011).url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JottiQ\JottiQ Readme.lnk -> C:\Program Files\JottiQ\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JottiQ\JottiQ Website.lnk -> C:\Program Files\JottiQ\JottiQ Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JottiQ\JottiQ.lnk -> C:\Program Files\JottiQ\JottiQ.exe (Gholam Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader.lnk -> C:\Program Files (x86)\JDownloader\JDownloaderD3D.exe (AppWork UG (haftungsbeschränkt))
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader\Uninstall JDownloader.lnk -> C:\Program Files (x86)\JDownloader\uninstall.exe (AppWork UG (haftungsbeschränkt))
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\Deinstalator.lnk -> C:\Program Files (x86)\ipla\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\ipla.lnk -> C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\Pomoc.lnk -> C:\Program Files (x86)\ipla\Pomoc.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\Strona Domowa.lnk -> C:\Program Files (x86)\ipla\ipla.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Grabber II\Image Grabber II.lnk -> C:\Program Files (x86)\Image Grabber II\Image Grabber II.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Grabber II\Uninstall.lnk -> C:\Program Files (x86)\Image Grabber II\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro\HD Tune Pro Manual.lnk -> C:\Program Files (x86)\HD Tune Pro\hdtunepro.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro\HD Tune Pro.lnk -> C:\Program Files (x86)\HD Tune Pro\HDTunePro.exe (EFD Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro\Uninstall HD Tune Pro.lnk -> C:\Program Files (x86)\HD Tune Pro\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Odinstaluj program.lnk -> C:\Program Files (x86)\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk -> C:\Program Files (x86)\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Testy.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Ustawienia klawiatury.lnk -> C:\Program Files (x86)\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\config.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\www.grupaimage.com.pl.lnk -> C:\Program Files (x86)\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Testy.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto-Kontakt\FotoSender.lnk -> C:\Program Files (x86)\FotoSender\FotoSender.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto-Kontakt\Nasza Strona WWW.lnk -> C:\Program Files (x86)\FotoSender\FotoSender.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto-Kontakt\Odinstaluj FotoSender.lnk -> C:\Program Files (x86)\FotoSender\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition Documentation.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition on the Web.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe (FinalWire Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\Uninstall AIDA64 Extreme Edition.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Dokumentacja.lnk -> C:\Program Files\ESET\ESET Smart Security\eset.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET Smart Security.lnk -> C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET SysInspector.lnk -> C:\Program Files\ESET\ESET Smart Security\SysInspector.exe (ESET)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET SysRescue.lnk -> C:\Program Files\ESET\ESET Smart Security\SysRescue.exe (ESET)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Umowa Licencyjna.lnk -> C:\Program Files\ESET\ESET Smart Security\eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasySetPackage\EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasySetPackage\Help.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\help\Help_Manual.hta ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO Optics Pro 7\DxO Optics Pro 7.lnk -> C:\Program Files (x86)\DxO Labs\DxO Optics Pro v7\DxOOpticsPro.exe (DxO Labs)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DTGadget.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DT.gadget (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\SPTD Setup.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\SPTDinst-x64.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost VPN\CyberGhost VPN Live-Support.lnk -> C:\Program Files\CyberGhost VPN\remotesupport.exe (TeamViewer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost VPN\CyberGhost VPN odinstalować.lnk -> C:\Program Files\CyberGhost VPN\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost VPN\CyberGhost VPN zarzÄ…dzanie kontem.lnk -> C:\Program Files\CyberGhost VPN\account.URL ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost VPN\CyberGhost VPN.lnk -> C:\Program Files\CyberGhost VPN\CyberGhost.exe (CyberGhost SRL)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\CFG Editor.lnk -> E:\Counter-Strike\CFG Editor\CFG Editor.exe ((c) StempeK)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Half-Life Sound Selector.lnk -> E:\Counter-Strike\Half-Life Sound Selector\HLSS.exe (None)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\HL TooLz.lnk -> E:\Counter-Strike\HL TooLz\HLTooLz.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Odinstaluj.lnk -> E:\Counter-Strike\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Zaawansowane\Uruchom Half-Life.lnk -> E:\Counter-Strike\Counter-Strike\hl.exe (Valve)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Zaawansowane\Uruchom serwer.lnk -> E:\Counter-Strike\Counter-Strike\hlds.exe (Valve)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Zaawansowane\Usuń log sXe Injected.lnk -> E:\Counter-Strike\Counter-Strike\sxei-del.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X4\Corel VideoStudio Pro X4.lnk -> E:\Corel\Corel VideoStudio Pro X4\vstudio.exe (Corel TW Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compiled Driver Disc (Full)\Apple Mobile Support Guide.lnk -> C:\Program Files\Compiled Driver Disc (Full)\Apple\AppleReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compiled Driver Disc (Full)\Windows Mobile Support Guide.lnk -> C:\Program Files\Compiled Driver Disc (Full)\WindowsMobile\WinMoReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk -> C:\Program Files\CCleaner\uninst.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest\BurnInTest Documentation.lnk -> C:\Program Files\BurnInTest\HTML\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest\BurnInTest on the Web.lnk -> C:\Program Files\BurnInTest\BurnInTest.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest\BurnInTest.lnk -> C:\Program Files\BurnInTest\bit.exe (PassMark Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest\Uninstall BurnInTest.lnk -> C:\Program Files\BurnInTest\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Podręczniki użytkownika w formacie HTML.lnk -> C:\Program Files (x86)\Brother\Brmfl07a\DCP-150C\cv_dcp135_poltop.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Read Me.lnk -> C:\Program Files (x86)\Brother\Brmfl07a\Rm07aPol.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Ustawienia skanera\Programy użytkowe do Skanera.lnk -> C:\Program Files (x86)\Brother\Brmfl07a\BrScUtil.exe (Brother Industries Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Ustawienia skanera\Programy użytkowe do Skanera.txt.lnk -> C:\Program Files (x86)\Brother\Brmfl07a\ScanRead.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Battlefield 3.lnk -> E:\Battlefield 3\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\EA UMOWA UŻYTKOWNIKA.lnk -> E:\Battlefield 3\Battlefield 3\Support\eula\pl_PL_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Plik Przeczytaj.lnk -> E:\Battlefield 3\Battlefield 3\Support\readme\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Pomoc techniczna.lnk -> E:\Battlefield 3\Battlefield 3\Support\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey Help File.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey Setup.lnk -> C:\Program Files\AutoHotkey\Installer.ahk ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoIt3 Window Spy.lnk -> C:\Program Files\AutoHotkey\AU3_Spy.exe (DaloozaSoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Convert .ahk to .exe.lnk -> C:\Program Files\AutoHotkey\Compiler\Ahk2Exe.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Website.lnk -> C:\Program Files\AutoHotkey\AutoHotkey Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Uninstall Tool.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\Uninstall Tool\R1\UninstallTool.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Content Service\Content Service — konsola konfiguracji.lnk -> C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.Admin.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk ReCap\Autodesk ReCap.lnk -> E:\Autodesk\Autodesk ReCap\recap.exe (Autodesk)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Dołącz podpisy cyfrowe.lnk -> E:\Autodesk\AutoCAD 2014\AcSignApply.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Menedżer odnośników.lnk -> E:\Autodesk\AutoCAD 2014\AdRefMan.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Wsadowy kontroler standardów.lnk -> E:\Autodesk\AutoCAD 2014\DwgCheckStandards.exe (Autodesk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Disk Unlocker\Disk Unlocker.lnk -> C:\Windows\Installer\{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}\_695CD127CF6002633EF635.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS WebStorage\ASUS WebStorage.lnk -> C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe (ecareme)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS WebStorage\Uninstall.lnk -> C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Snap 4\Ashampoo Snap 4  .lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe (ashampoo GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Snap 4\Czytaj.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\readme_pl.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Snap 4\Deinstalacja programu Ashampoo Snap 4.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Snap 4\Pomoc.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\Help\asy-en-us.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Internet Accelerator 3\Ashampoo Internet Accelerator 3  .lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Internet Accelerator 3\iac3.exe (Ashampoo GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Internet Accelerator 3\Czytaj.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Internet Accelerator 3\readme_pl.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Internet Accelerator 3\Deinstalacja programu Ashampoo Internet Accelerator 3.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Internet Accelerator 3\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Internet Accelerator 3\Pomoc.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Internet Accelerator 3\translation\help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2012\Ashampoo Burning Studio 2012  .lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\burningstudio2012.exe (Ashampoo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2012\Ashampoo Burning Studio 2012 Gadget.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\gadget\bs2012.gadget ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2012\Czytaj.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\readme_pl.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2012\Deinstalacja programu Ashampoo Burning Studio 2012.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2012\Pomoc.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\lang\BurningStudio-en-us.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIWI\AIWI.lnk -> C:\Program Files (x86)\Aibelive\AIWI\AIWI.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Advanced Tag Editor.lnk -> C:\Program Files (x86)\AIMP2\AIMP3ate.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Audio Converter.lnk -> C:\Program Files (x86)\AIMP2\AIMP3ac.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Audio Library.lnk -> C:\Program Files (x86)\AIMP2\AIMP3lib.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Home Page.lnk -> C:\Program Files (x86)\AIMP2\AIMP3.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3.lnk -> C:\Program Files (x86)\AIMP2\AIMP3.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\History.lnk -> C:\Program Files (x86)\AIMP2\history.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\License.lnk -> C:\Program Files (x86)\AIMP2\license.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\Uninstall.lnk -> C:\Program Files (x86)\AIMP2\Uninstall.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{DC397BE4-805B-43AB-8C82-CF9397052B6C}\PlayTasks\0\Play.lnk -> E:\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.)
Shortcut: C:\Users\Dawid\Links\Desktop.lnk -> C:\Users\Dawid\Desktop ()
Shortcut: C:\Users\Dawid\Links\Downloads.lnk -> C:\Users\Dawid\Downloads ()
Shortcut: C:\Users\Dawid\Links\GG dysk.lnk -> C:\Users\Dawid\GG dysk ()
Shortcut: C:\Users\Dawid\Links\Muzyka.lnk -> D:\Muzyka ()
Shortcut: C:\Users\Dawid\Favorites\GG dysk.lnk -> C:\Users\Dawid\GG dysk ()
Shortcut: C:\Users\Dawid\Documents\Youcam\YouCam(Webcam).lnk -> C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.)
Shortcut: C:\Users\Dawid\Desktop\Angry Birds.lnk -> E:\Angry Birds [PC-Game]\AngryBirds.exe ()
Shortcut: C:\Users\Dawid\Desktop\AQQ.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.)
Shortcut: C:\Users\Dawid\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
Shortcut: C:\Users\Dawid\Desktop\Machinery 1.5.5.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_18be6784.exe ()
Shortcut: C:\Users\Dawid\Desktop\MSI Afterburner 2.3.1.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Dawid\Desktop\RockNESX.lnk -> E:\rocknesx v2.0\RockNESX.exe (by Alexandre da Veiga)
Shortcut: C:\Users\Dawid\Desktop\SpyHunter.lnk -> C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
Shortcut: C:\Users\Dawid\Desktop\Surgeon Simulator 2013.lnk -> E:\Surgeon_Simulator_2013_STEAM_RiP\ss2013.exe ()
Shortcut: C:\Users\Dawid\Desktop\Uninstall Tool.lnk -> C:\Program Files (x86)\Uninstall Tool\utool.exe (CrystalIDEA Software)
Shortcut: C:\Users\Dawid\Desktop\Unіnstall Tool.lnk -> C:\Program Files\Uninstall Tool\UninstallTool.exe (CrystalIDEA Software)
Shortcut: C:\Users\Dawid\Desktop\Programy\Advanced SystemCare 7.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (No File)
Shortcut: C:\Users\Dawid\Desktop\Programy\AIDA64 Extreme Edition.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe (FinalWire Ltd.)
Shortcut: C:\Users\Dawid\Desktop\Programy\AIMP3.lnk -> C:\Program Files (x86)\AIMP2\AIMP3.exe (AIMP DevTeam)
Shortcut: C:\Users\Dawid\Desktop\Programy\AIWI.lnk -> C:\Program Files (x86)\Aibelive\AIWI\AIWI.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Ashampoo Internet Accelerator 3.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Internet Accelerator 3\iac3.exe (Ashampoo GmbH & Co. KG)
Shortcut: C:\Users\Dawid\Desktop\Programy\Ashampoo Snap 4.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe (ashampoo GmbH & Co. KG)
Shortcut: C:\Users\Dawid\Desktop\Programy\ASUS WebStorage.lnk -> C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe (ecareme)
Shortcut: C:\Users\Dawid\Desktop\Programy\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\Dawid\Desktop\Programy\Autodesk ReCap.lnk -> E:\Autodesk\Autodesk ReCap\recap.exe (Autodesk)
Shortcut: C:\Users\Dawid\Desktop\Programy\BurnInTest.lnk -> C:\Program Files\BurnInTest\bit.exe (PassMark Software)
Shortcut: C:\Users\Dawid\Desktop\Programy\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Dawid\Desktop\Programy\Corel VideoStudio Pro X4.lnk -> E:\Corel\Corel VideoStudio Pro X4\vstudio.exe (Corel TW Corp.)
Shortcut: C:\Users\Dawid\Desktop\Programy\CPUID HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\Users\Dawid\Desktop\Programy\CyberGhost VPN.lnk -> C:\Program Files\CyberGhost VPN\CyberGhost.exe (CyberGhost SRL)
Shortcut: C:\Users\Dawid\Desktop\Programy\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (No File)
Shortcut: C:\Users\Dawid\Desktop\Programy\Dexpot.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR)
Shortcut: C:\Users\Dawid\Desktop\Programy\DFX for AIMP2.lnk -> C:\Program Files (x86)\AIMP2\PlugIns\DFX\dfxwsettings.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\DxO Optics Pro 7.lnk -> C:\Program Files (x86)\DxO Labs\DxO Optics Pro v7\DxOOpticsPro.exe (DxO Labs)
Shortcut: C:\Users\Dawid\Desktop\Programy\easyHDR BASIC 2.lnk -> C:\Program Files (x86)\easyHDR BASIC 2\easyHDR_BASIC_2.exe (SIMPARTEK - Bartlomiej Okonek)
Shortcut: C:\Users\Dawid\Desktop\Programy\EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\ExifCleaner.lnk -> C:\Program Files (x86)\SuperUtils.com\ExifCleaner\ExifClnr.exe (SuperUtils.com)
Shortcut: C:\Users\Dawid\Desktop\Programy\Format Factory.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe (Free Time)
Shortcut: C:\Users\Dawid\Desktop\Programy\FotoSender.lnk -> C:\Program Files (x86)\FotoSender\FotoSender.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Fraps.lnk -> C:\Fraps\fraps.exe (Beepa P/L)
Shortcut: C:\Users\Dawid\Desktop\Programy\GG.lnk -> C:\Users\Dawid\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Dawid\Desktop\Programy\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Dawid\Desktop\Programy\HD Tune Pro.lnk -> C:\Program Files (x86)\HD Tune Pro\HDTunePro.exe (EFD Software)
Shortcut: C:\Users\Dawid\Desktop\Programy\Helium.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}\_D751D9D775A8FD8178CCB6.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Hooker.lnk -> C:\hooker\Hooker.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Image Grabber II.lnk -> C:\Program Files (x86)\Image Grabber II\Image Grabber II.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\IObit Uninstaller.lnk -> C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe (No File)
Shortcut: C:\Users\Dawid\Desktop\Programy\ipla.lnk -> C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.)
Shortcut: C:\Users\Dawid\Desktop\Programy\JottiQ.lnk -> C:\Program Files\JottiQ\JottiQ.exe (Gholam Inc.)
Shortcut: C:\Users\Dawid\Desktop\Programy\jv16 PowerTools.lnk -> C:\Program Files (x86)\jv16 PowerTools\jv16 PowerTools.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\KeyTurion.lnk -> C:\Program Files (x86)\Datpol\KeyTurion.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\KMPlayer.lnk -> C:\Program Files (x86)\The KMPlayer\KMPlayer.exe (Pandora.TV)
Shortcut: C:\Users\Dawid\Desktop\Programy\Komputer Świat Plus.lnk -> C:\Program Files (x86)\Komputer Świat Plus\KSPlus.exe (Komputer Świat)
Shortcut: C:\Users\Dawid\Desktop\Programy\LG Burning Tool.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (CyberLink Corp.)
Shortcut: C:\Users\Dawid\Desktop\Programy\LG PC Suite.Lnk -> C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\LG Power Tools.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe (CyberLink)
Shortcut: C:\Users\Dawid\Desktop\Programy\Lightning.lnk -> C:\Program Files (x86)\MSI\VGA\Lightning\Lightning.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Lightroom 4 64-bit.lnk -> C:\Program Files\Adobe\Adobe Photoshop Lightroom 4\lightroom.exe (Adobe Systems)
Shortcut: C:\Users\Dawid\Desktop\Programy\Live Update 4.lnk -> C:\Program Files (x86)\MSI\Live Update 4\LU4\Liveupdate.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Logitech Vid HD.lnk -> C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
Shortcut: C:\Users\Dawid\Desktop\Programy\Logitech Webcam Software  .lnk -> C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Machinery Explorer.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_2cd672ae.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Dawid\Desktop\Programy\MOBILedit! Enterprise.lnk -> C:\Program Files (x86)\MOBILedit! Enterprise\MOBILedit!.exe (COMPELSON Labs)
Shortcut: C:\Users\Dawid\Desktop\Programy\MSI Afterburner 2.2.1.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\MSI Kombustor 2.4.lnk -> C:\Program Files (x86)\MSI Kombustor 2.4\KLoaderWin32.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\MSI Kombustor 2.5.lnk -> C:\Program Files (x86)\MSI Kombustor 2.5\KLoaderWin32.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\MSI_APS.lnk -> C:\Program Files (x86)\MSI\VGA\MSI_APS\MSI_APS.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Multi AV.lnk -> C:\Program Files (x86)\Multi AV\multiav.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Nokia Suite.lnk -> C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
Shortcut: C:\Users\Dawid\Desktop\Programy\OCCT.lnk -> C:\Program Files (x86)\OCCTPT\OCCT.exe (OCCT)
Shortcut: C:\Users\Dawid\Desktop\Programy\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Dawid\Desktop\Programy\PC Alert 4.lnk -> C:\Program Files (x86)\MSI\PC Alert 4\StartPCAlert4.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\PDF-XChange Viewer.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.)
Shortcut: C:\Users\Dawid\Desktop\Programy\Photoshop.lnk -> C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Dawid\Desktop\Programy\PowerISO.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.exe (Power Software Ltd)
Shortcut: C:\Users\Dawid\Desktop\Programy\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk -> C:\Program Files (x86)\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Testy.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Protected Folder.lnk -> C:\Program Files (x86)\IObit\Protected Folder\ProtectedFolder.exe (IObit)
Shortcut: C:\Users\Dawid\Desktop\Programy\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Dawid\Desktop\Programy\Real Temp.lnk -> E:\Real_Temp3.60_www.INSTALKI.pl\RealTemp.exe (uWebb Software)
Shortcut: C:\Users\Dawid\Desktop\Programy\ScanMyReg.lnk -> C:\Program Files (x86)\ScanMyReg\ScanMyReg.exe (YL Computing, Inc)
Shortcut: C:\Users\Dawid\Desktop\Programy\SignSIS-GUI.lnk -> C:\Certyfikat\SignSIS-GUI\SignSIS-GUI.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Dawid\Desktop\Programy\Undelete 360.lnk -> C:\Program Files (x86)\File Recovery\undelete360\undelete-360.exe (File Recovery Ltd.)
Shortcut: C:\Users\Dawid\Desktop\Programy\Update NOD32 license.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team)
Shortcut: C:\Users\Dawid\Desktop\Programy\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Dawid\Desktop\Programy\VCardExport.lnk -> C:\Program Files (x86)\VCardExportTool\VCardExport.exe (Aegis Technologies)
Shortcut: C:\Users\Dawid\Desktop\Programy\vCardOrganizer.lnk -> C:\Program Files (x86)\vCardOrganizer\vCardOrganizer.exe (Stefano Toniolo)
Shortcut: C:\Users\Dawid\Desktop\Programy\Veedub64.lnk -> E:\VirtualDub-1.9.11-AMD64\Veedub64.exe ()
Shortcut: C:\Users\Dawid\Desktop\Programy\Visual Watermark.lnk -> C:\Program Files (x86)\Visual Watermark\vmark.exe (Integrated Business Service Inc.)
Shortcut: C:\Users\Dawid\Desktop\Programy\Windows 7 Logon Background Changer.lnk -> C:\Program Files (x86)\Julien MANICI\Windows 7 Logon Background Changer\Win7LogonBackgroundChanger.exe (http://www.julien-manici.com/)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\AQQ.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Dawid\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Watermark.lnk -> C:\Program Files (x86)\Visual Watermark\vmark.exe (Integrated Business Service Inc.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Logon Background Changer.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{2E6044C5-3495-485F-91BC-46D1B6430E51}\_38CF379FC0A8080C8E407C.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter\AQQ\Deinstalacja.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\uninstall.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter\AQQ\Uruchom AQQ.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -> C:\Program Files (x86)\The KMPlayer\KMPSetup.exe (http://www.kmplayer.com)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -> C:\Program Files (x86)\The KMPlayer\KMPlayer.exe (Pandora.TV)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -> C:\Program Files (x86)\The KMPlayer\uninstall.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter.lnk -> C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SignSIS-GUI\DevCertRequestControl.lnk -> C:\Certyfikat\SignSIS-GUI\DevCertRequestControl.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SignSIS-GUI\SignSIS-GUI.lnk -> C:\Certyfikat\SignSIS-GUI\SignSIS-GUI.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner On-Screen Display Server.lnk -> C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk -> C:\Program Files (x86)\MSI Afterburner\Doc\ReadMe.pdf ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk -> C:\Program Files (x86)\MSI Afterburner\Uninstall.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\Localization reference.pdf ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\USF skin format reference.pdf ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Samples ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinery\EULA.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_69525f90.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinery\Folder Machinery.lnk -> C:\Program Files (x86)\Machinery DEMO ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinery\Galeria.lnk -> C:\Program Files (x86)\Machinery DEMO\Samples ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinery\Machinery 1.5.5 DEMO.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_4ae13d6c.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinery\Machinery Explorer.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_5af141bb.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Power Tools.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe (CyberLink)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\CyberLink YouCam.lnk -> C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\CzytajTo.lnk -> C:\Program Files (x86)\CyberLink\YouCam\Language\YouCamPLK.htm ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\Pomoc online dla YouCam.lnk -> C:\Program Files (x86)\CyberLink\YouCam\Language\YouCamPlk.chm ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\LG Burning Tool.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (CyberLink Corp.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\Pomoc online dla Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Language\Plk\Power2Go.chm ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe (CyberLink Corp.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\CzytajTo.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Plk\Readme.htm ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\Pomoc online dla LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Plk\LabelPrint.chm ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IVMP\IVMP.lnk -> E:\GTA IV\IVMP\Client.Launcher.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IVMP\Uninstall IVMP.lnk -> E:\GTA IV\IVMP\Uninstall_IVMP.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk -> C:\Fraps\fraps.exe (Beepa P/L)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk -> C:\Fraps\uninstall.exe (Beepa Pty Ltd)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe (Free Time)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux\Flux.lnk -> C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux\Uninstall.lnk -> C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\uninstall.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook\Facebook Messenger.lnk -> C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\easyHDR BASIC 2\easyHDR BASIC 2.lnk -> C:\Program Files (x86)\easyHDR BASIC 2\easyHDR_BASIC_2.exe (SIMPARTEK - Bartlomiej Okonek)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\easyHDR BASIC 2\Uninstall.lnk -> C:\Program Files (x86)\easyHDR BASIC 2\uninstall.exe (SIMPARTEK - Bartlomiej Okonek)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Dexpot Uninstall.lnk -> C:\Program Files (x86)\Dexpot\uninstall.exe (Dexpot GbR)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Dexpot-Updater.lnk -> C:\Program Files (x86)\Dexpot\updexer.exe (Dexpot GbR)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Dexpot.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Datpol\KeyTurion.lnk -> C:\Program Files (x86)\Datpol\KeyTurion.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Datpol\Uninstall.lnk -> C:\Program Files (x86)\Datpol\unins000.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod\Helium.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}\_D751D9D775A8FD8178CCB6.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aimp2\DFX\DfX for AIMP2.lnk -> C:\Program Files (x86)\AIMP2\PlugIns\DFX\dfxwsettings.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aimp2\DFX\Uninstall DFX for AIMP2.lnk -> C:\Program Files (x86)\AIMP2\Uninstall.exe (AIMP DevTeam)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\Format Factory.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe (Free Time)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\Transfer plików Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Image Grabber II.lnk -> C:\Program Files (x86)\Image Grabber II\Image Grabber II.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KeyTurion.lnk -> C:\Program Files (x86)\Datpol\KeyTurion.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Komputer Świat Plus.lnk -> C:\Program Files (x86)\Komputer Świat Plus\KSPlus.exe (Komputer Świat)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uruchom AQQ.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Visual Watermark.lnk -> C:\Program Files (x86)\Visual Watermark\vmark.exe (Integrated Business Service Inc.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CS5 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Lightroom 4 64-bit.lnk -> C:\Program Files\Adobe\Adobe Photoshop Lightroom 4\lightroom.exe (Adobe Systems)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Machinery 1.5.5.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_18be6784.exe ()
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Dawid\AppData\Roaming\Autodesk\AutoCAD 2014\R19.1\plk\Plotters\Plot Styles\Dodaj tabelę stylów wydruku.lnk -> E:\Autodesk\AutoCAD 2014\styshwiz.exe (Autodesk, Inc.)
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\GameExplorer\{874365F4-B5CA-4138-87E2-DBC3C7E769C2}\PlayTasks\0\Zagraj.lnk -> C:\Windows\SysWOW64\dtmcfg\mm.exe ()
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\GFWLive\Logs\InstallLog.lnk -> C:\Users\Dawid\AppData\Local\Microsoft\GFWLive\Install\Logs ()
Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\GFWLive\Install\Logs\ClientLog.lnk -> C:\Users\Dawid\AppData\Local\Microsoft\GFWLive\Logs ()
Shortcut: C:\Users\Dawid\AppData\Local\GG\Application\gg.lnk -> C:\Users\Dawid\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Default\Desktop\LG Burning Tool.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (CyberLink Corp.)
Shortcut: C:\Users\Default\Desktop\LG Power Tools.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe (CyberLink)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Power Tools.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe (CyberLink)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\CyberLink YouCam.lnk -> C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\CzytajTo.lnk -> C:\Program Files (x86)\CyberLink\YouCam\Language\YouCamPLK.htm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\Pomoc online dla YouCam.lnk -> C:\Program Files (x86)\CyberLink\YouCam\Language\YouCamPlk.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\LG Burning Tool.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (CyberLink Corp.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\Pomoc online dla Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Language\Plk\Power2Go.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe (CyberLink Corp.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\CzytajTo.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Plk\Readme.htm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\Pomoc online dla LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Plk\LabelPrint.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Angry Birds Space.lnk -> E:\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.)
Shortcut: C:\Users\Public\Desktop\Ashampoo Burning Studio 2012.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\burningstudio2012.exe (Ashampoo)
Shortcut: C:\Users\Public\Desktop\Battlefield 3.lnk -> E:\Battlefield 3\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
Shortcut: C:\Users\Public\Desktop\JDownloader.lnk -> C:\Program Files (x86)\JDownloader\JDownloaderD3D.exe (AppWork UG (haftungsbeschränkt))
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe ()




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Download Licenses.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) -> /l
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Insert license with the maximum expiration date.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) -> /o /x
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Open Settings.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Recover current license.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) -> /b
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe () -> -startup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin Viewer 3\Odinstaluj.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {199127DC-7BDB-41AB-825B-4229A86F8F0D}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Odinstaluj QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {7BE15435-2D3E-4B58-867F-9C75BED0208C} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0\Uninstall Project64 2.0.lnk -> C:\Program Files (x86)\Project64 2.1\unins000.exe () -> /LOG
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange\PDF-XChange Viewer Manual.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.) -> /A "pxvhlp" "C:\Program Files\Tracker Software\PDF Viewer\Help\PDFVManual.pdf"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paraben Corporation\Device Seizure\Uninstall Device Seizure.lnk -> C:\Program Files (x86)\Paraben Corporation\Device Seizure\uninstall.exe (Paraben Corporation) -> "C:\Windows\SysWOW64\msiexec.exe /i {B4008666-3C27-4B67-9D89-80B4E31FA685}"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\PC Alert 4\UnInstall PC Alert 4.lnk -> C:\Windows\IsUninst.exe (InstallShield Software Corporation) -> -f"C:\Program Files (x86)\MSI\PC Alert 4\Uninst.isu"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter64.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavaudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavsplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavvideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () -> /resetsettings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Odinstaluj.lnk -> C:\Program Files\ESET\ESET Smart Security\callmsi.exe (ESET) -> /i {33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasySetPackage\Uninstall EasySetPackage.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{266725C1-716F-43AC-BBFB-4201131ED656}\setup.exe (InstallShield Software Corporation) -> /L0x0009 /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO Optics Pro 7\Uninstall.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {A864167F-970B-4673-8FD2-AA1FD7AF3C1C}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Counter-Strike.lnk -> E:\Counter-Strike\Counter-Strike\hl.exe (Valve) -> -game cstrike
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Zaawansowane\Zaaplikuj fake CD-KEY.lnk -> C:\Windows\System32\regedt32.exe (Microsoft Corporation) -> "E:\Counter-Strike\Counter-Strike\cdkey.reg"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\ControlCenter3.lnk -> C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe (Brother Industries, Ltd.) -> /Model=DCP-150C
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Instalowanie diagnostyki.lnk -> C:\Program Files (x86)\Brother\Brmfl07a\Brinstck.exe (Brother Industries, Ltd.) -> DCP-150C
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Odinstaluj.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\setup.exe (Macrovision Corporation) -> -runfromtemp -l0x0015 Brunin03.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Okno kontrolne.lnk -> C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) -> Brother DCP-150C Printer on USB001 /SHOW
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Rejestracja On-Line .lnk -> C:\Program Files (x86)\Brother\Brmfl07a\Brolink\Brolink0.exe (Brother Industories, Ltd.) -> OLR_URL /mDCP-150C
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 360.lnk -> C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) -> /browseLocal
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\AutoCAD 2014 — Polski (Polish).lnk -> C:\Windows\Installer\{5783F2D7-D001-0000-0102-0060B0CE6BBA}\Acad162_icon.exe () ->  /product "ACAD" /language "pl-PL"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Narzędzie transferu licencji — AutoCAD 2014.lnk -> C:\Program Files\Common Files\Autodesk Shared\AdLM\R7\LTU.exe (Autodesk, Inc.) -> 001F1 2014.0.0.F -d SA -l pl-PL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Przywróć ustawienia domyślne.lnk -> E:\Autodesk\AutoCAD 2014\AdMigrator.exe (Autodesk, Inc.) -> /reset /product "ACAD" /language "pl-PL"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Migracja ustawień niestandardowych\Eksportuj ustawienia programu AutoCAD 2014.lnk -> E:\Autodesk\AutoCAD 2014\AdMigrator.exe (Autodesk, Inc.) -> /e /product "ACAD" /language "pl-PL"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Migracja ustawień niestandardowych\Importuj ustawienia programu AutoCAD 2014.lnk -> E:\Autodesk\AutoCAD 2014\AdMigrator.exe (Autodesk, Inc.) -> /i /product "ACAD" /language "pl-PL"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Migracja ustawień niestandardowych\Migracja z poprzedniej wersji.lnk -> E:\Autodesk\AutoCAD 2014\AdMigrator.exe (Autodesk, Inc.) -> /product "ACAD" /language "pl-PL"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Disk Unlocker\Uninstall.lnk -> C:\Windows\Installer\{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}\_D56300B98B4C89F9A57E30.exe () -> /i {E9275D69-7DEC-430B-BA1B-F74DFF9B0B43} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology\ASM104x USB 3.0 Driver\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Dawid\Desktop\Counter Strike.lnk -> E:\Counter-Strike\Counter-Strike\hl.exe (Valve) -> -nomaster -game cstrike
ShortcutWithArgument: C:\Users\Dawid\Desktop\Programy\AutoCAD 2014 — Polski (Polish).lnk -> E:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) ->  /product ACAD /language "pl-PL"
ShortcutWithArgument: C:\Users\Dawid\Desktop\Programy\Autodesk 360.lnk -> C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) -> /browseLocal
ShortcutWithArgument: C:\Users\Dawid\Desktop\Programy\Nvu.lnk -> C:\Program Files (x86)\Nvu\nvu.exe (Mozilla, Linspire Inc.) -> c
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\TuneUp Software\TU2011\StartUp Manager\Wyłącz obiekty\Logitech . Rejestracja produktu.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech) -> /remind /language=PLK /_WFM="."
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "%PROGRAMFILES%\Enigma Software Group\SpyHunter\SH4.com"
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall SpyHunter.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /X {AF549236-6258-4AC6-A043-5B5B89C6EB61}
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\Rejestracja Online.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\OLRSubmission\OLRSubmission.exe () -> /LANG:PLK
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe (Free Time) -> /help
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Assign applications.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /aa
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Debug.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /debug
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Katalog okien.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /d
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Konfiguracja pulpitów.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /k
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Menedżer pulpitów.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /m
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\O Dexpot....lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /i
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Okna pulpitu.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /f
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Podgląd pełnoekranowy.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /V
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Podgląd pulpitów.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /v
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Przywróć domyślne ustawienia.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /reset
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Reguły pulpitu.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /g
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Ustawienia.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /e
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Zakończ.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /B
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Zastosuj reguły.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /R
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Add desktop.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /AddDesktop
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Desktop 1.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /w: 1
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Desktop 2.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /w: 2
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Desktop 3.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /w: 3
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Desktop 4.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /w: 4
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Desktop back.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /back
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Next desktop.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /next
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Previous desktop.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /prev
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Remove desktop.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /RemoveDesktop
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\AQQ.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.) -> AQQ_SHELL_EXTENSION
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation) ->  /recycle
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AutoCAD 2014 — Polski (Polish).lnk -> E:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) ->  /product ACAD /language "pl-PL"
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Autodesk\AutoCAD 2014\R19.1\plk\Plotters\Dodaj ploter.lnk -> E:\Autodesk\AutoCAD 2014\addplwiz.exe (Autodesk, Inc.) -> /LANGUAGE pl-PL
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\Rejestracja Online.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\OLRSubmission\OLRSubmission.exe () -> /LANG:PLK
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanMyReg\Strona WWW programu ScanMyReg.url -> hxxp://scanmyreg.ylcomputing.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0\Support.url -> hxxp://forum.pj64-emu.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi AV\Strona WWW programu Multi AV.url -> hxxp://www.pcworld.pl
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Afterburner homepage.url -> hxxp://event.msi.com/vga/afterburner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Kombustor and Afterburner forum.url -> hxxp://forums.guru3d.com/forumdisplay.php?f=55
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Kombustor latest news.url -> hxxp://www.ozone3d.net/redirect.php?id=210
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Kombustor online scores.url -> hxxp://www.ozone3d.net/redirect.php?id=710
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\What is Kombustor.url -> hxxp://www.ozone3d.net/redirect.php?id=223
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\Afterburner homepage.url -> hxxp://event.msi.com/vga/afterburner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\Kombustor and Afterburner forum.url -> hxxp://forums.guru3d.com/forumdisplay.php?f=55
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\Kombustor latest news.url -> hxxp://www.ozone3d.net/redirect.php?id=210
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\Kombustor online scores.url -> hxxp://www.ozone3d.net/redirect.php?id=710
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\What is Kombustor.url -> hxxp://www.ozone3d.net/redirect.php?id=223
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\Afterburner homepage.url -> hxxp://event.msi.com/vga/afterburner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\Kombustor and Afterburner forum.url -> hxxp://forums.guru3d.com/forumdisplay.php?f=55
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\Kombustor latest news.url -> hxxp://www.ozone3d.net/redirect.php?id=210
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\Kombustor online scores.url -> hxxp://www.ozone3d.net/redirect.php?id=710
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\What is Kombustor.url -> hxxp://www.ozone3d.net/redirect.php?id=223
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\Forum.url -> hxxp://forums.guru3d.com/forumdisplay.php?f=55
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\Homepage.url -> hxxp://event.msi.com/vga/afterburner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\Latest news.url -> hxxp://www.ozone3d.net/redirect.php?id=210
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\Online scores.url -> hxxp://www.ozone3d.net/redirect.php?id=710
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit! Enterprise\MOBILedit! Enterprise on the Web.url -> hxxp://www.compelson.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Strona WWW programu Counter-Strike.url -> hxxp://www.exegames.pl
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compiled Driver Disc (Full)\Download Apple iTunes.url -> hxxp://www.apple.com/itunes/download/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compiled Driver Disc (Full)\Download Windows Mobile Support Files.url -> hxxp://www.microsoft.com/windowsphone/en-us/apps/65-downloads.aspx
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Podręczniki użytkownika w formacie PDF.url -> hxxp://solutions.brother.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Pomoc online i często zadawane pytania (FAQ).url -> hxxp://solutions.brother.com/cgi-bin/solutions.cgi?MDL=mfc157&LNG=pl&SRC=FAQ
InternetURL: C:\Users\Dawid\Favorites\Windows Live\Galeria gadżetów Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkID=70742
InternetURL: C:\Users\Dawid\Favorites\Windows Live\Poczta usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Dawid\Favorites\Windows Live\Programy usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Dawid\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\MSN Gospodarka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\MSN Rozrywka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\MSN Technologie.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\MSN Wideo.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\Portal MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Centrum bezpieczeństwa Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkID=72887
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Dodatki programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Microsoft Office Online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72885
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Microsoft Technet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72886
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Microsoft w Polsce.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Oryginalne oprogramowanie firmy Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72900
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Strona główna programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Strona główna systemu Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Technologia RSS.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72889
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\W domu.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\W pracy.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72407
InternetURL: C:\Users\Dawid\Favorites\Links for Polska\Bezpieczeństwo w trybie online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=142211
InternetURL: C:\Users\Dawid\Favorites\Links for Polska\Bezpieczny Internet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129626
InternetURL: C:\Users\Dawid\Favorites\Links for Polska\Kultura.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129625
InternetURL: C:\Users\Dawid\Favorites\Links for Polska\Pogodynka.pl — oficjalny serwis pogodowy IMGW.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129624
InternetURL: C:\Users\Dawid\Favorites\Links for Polska\Polska.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129622
InternetURL: C:\Users\Dawid\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Dawid\Desktop\Assassin's Creed IV Black Flag.url -> uplay://launch/273
InternetURL: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter\AQQ\WapSter.url -> hxxp://aqq.eu
InternetURL: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Home Page.url -> hxxp://www.kmplayer.com/forums
InternetURL: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Dexpot Homepage.url -> hxxp://www.dexpot.de

==================== End of log =============================

[/log]

 

Inaczej nie dało się tego wstawić.

pawel315

pawel315

komentarz
komentarz 

[ Application Events ]
Error - 2014-08-21 11:31:12 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 2014-08-21 11:31:12 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073
Description =

 

To chyba przez tą usługę, popatrz tu → http://forum.dobreprogramy.pl/nvstreamsvc-sprawd%C5%BA-je%C5%9Bli-gry-nagle-zawieszaj%C4%85-si%C4%99-t451447/

Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

Zrobiłem to co napisali. Teraz trzeba poczekać. Wiecie też dlaczego zamiast przecinka mam "b"? Pisałem kiedyś o tym na forum.

Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

Bez zmian ale teraz usunalem to w wierszu polecien. Zobaczymy co będzie dalej.

Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

Nadal mam problem z zamulanie uciekajacym izmieniajacym sie kursorem... Komp tez nie zawsze chce sie wylaczyc (wylaczy sie ale nadal pracuje). Nie znalazlem tego bledu co wczesniej ale sa za to inne. Sprawdzcie to.

 

Extras

[log]OTL Extras logfile created on: 2014-08-28 13:27:42 - Run 6

OTL by OldTimer - Version 3.2.69.0     Folder = E:\OTL
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,98 Gb Total Physical Memory | 5,34 Gb Available Physical Memory | 66,87% Memory free
15,96 Gb Paging File | 12,93 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 155,25 Gb Total Space | 10,64 Gb Free Space | 6,85% Space Free | Partition Type: NTFS
Drive D: | 155,16 Gb Total Space | 28,39 Gb Free Space | 18,30% Space Free | Partition Type: NTFS
Drive E: | 155,25 Gb Total Space | 30,87 Gb Free Space | 19,88% Space Free | Partition Type: NTFS
 
Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051EB8ED-D2FD-415D-9713-F60F230D90E6}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{067202FA-FB20-4EB7-989C-3859D15A1A09}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{08617120-8914-4034-81A7-07F0E96341F7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0A0401B9-7C28-4978-92A1-F1C0DAB985F4}" = rport=137 | protocol=17 | dir=out | app=system | 
"{0C2D0C78-D8C8-44CF-A1A2-5238B6DA2BC9}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{15026F90-DF7B-4407-8E41-D8144DD71D21}" = lport=139 | protocol=6 | dir=in | app=system | 
"{1DF44B3D-2AEC-4987-8985-BC178E1854E6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{2056652C-64D8-406A-833D-6C60F4CAD105}" = lport=445 | protocol=6 | dir=in | app=system | 
"{2B376A50-0512-41D1-8CC5-B5190EC6FE20}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{345020B2-A6F4-4AB1-A39F-F9A8857A5CBB}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{34F6984E-9E3A-4CA0-AB14-89BFEB84E13B}" = rport=138 | protocol=17 | dir=out | app=system | 
"{354334E5-4B96-4789-9857-B33250026CE3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{3A177BE4-2F2D-483C-B806-AD6C37691043}" = lport=4899 | protocol=17 | dir=in | name=4899 udp | 
"{455C4DD2-462D-41A9-B20B-8BB1CF806EC9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4AA1072B-DCC4-48B2-AE67-67B1477A29EF}" = rport=4899 | protocol=6 | dir=out | name=4899 tcp | 
"{55D70FE6-9318-4287-97A0-41A1C845C476}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{69ED7FA8-A8E7-4770-A760-869558C00481}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{6E8A9786-641D-4CEB-89C0-A492DAB26BDB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{72190C1D-61E2-4C6C-88ED-2D2E0504770D}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service | 
"{7508478E-8008-474A-889D-16DD679EFFDB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{84F9193D-E4CC-48B9-B414-FAEE61C4743E}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{8E8809CC-569C-4C58-9627-B36CD5BF1BBA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{940EE33A-50AB-4FD8-B12B-EC21CF159CE4}" = lport=137 | protocol=17 | dir=in | app=system | 
"{945C2275-D6D1-4012-9150-946901ED2278}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{95285DB7-1613-446F-8431-25FABB39FD48}" = rport=139 | protocol=6 | dir=out | app=system | 
"{98F4E4AC-F703-4428-A545-D1E34715706D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 
"{9C922B2A-0969-4E4B-B299-CFA441A5BC38}" = rport=4899 | protocol=17 | dir=out | name=4899 udp | 
"{9F8A8BE1-C517-4F0C-89CE-290641E28AF1}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 
"{AC8948A1-102B-4E2F-AB51-3CB8C250D943}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AE097083-C0CD-42ED-96B5-9F0CD79E122C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{C3593B60-2EE2-451B-BF16-5A5B5DA71575}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{C6C7D2AE-61F4-4174-9637-89440067F051}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 
"{D38BC28C-53D5-4F97-A114-10921CE535E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E046E66E-2BA8-47E7-B241-14FB35D31792}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E16E2025-DAC2-4C81-A49F-A1F5AA7A7287}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E9B4CBEA-AB89-4C05-B2B9-5E6BA84B4988}" = lport=4899 | protocol=6 | dir=in | name=4899 tcp | 
"{EDBC7A31-AD62-4076-8BDB-9C8A88A78691}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F65A4E17-26ED-4A02-AE9C-D2CE5AF2349B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{FA020FF2-3D82-4E52-A80C-B12396CD4BCC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FF2A64AB-D235-418C-8078-A91BC721692B}" = lport=138 | protocol=17 | dir=in | app=system | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0994B7F4-A440-43F3-A425-F5FB71A3C646}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{11AFD906-3D0C-4529-B2F7-E96D329F44D6}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{1547B707-677E-423F-963C-1BCD7E6ECA49}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{155B3876-96A3-4635-A945-41CBC093DA96}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{17408F70-A0BE-47E6-821B-4C78EF466E5D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{1923B629-1606-475F-8A22-4543D60282AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1BDBDD68-5592-481E-B245-B6EBE8125D51}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{1BE72711-CC5A-4EE9-B097-B69DEFFC04EB}" = dir=in | app=%programfiles% (x86)\radmin viewer 3\radmin.exe | 
"{211AC75A-4C3C-4AB0-B157-D032317CE3BC}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe | 
"{27792FA4-ED21-426D-8B4A-07B6441308A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2BFEDC87-A56D-4849-A748-C191E70E6302}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{32444DDF-A6A7-4E3C-A2C9-8D6738892FE5}" = dir=in | app=c:\users\dawid\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{39BEEA53-78C3-4308-9752-8752A39A5F81}" = protocol=6 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe | 
"{3E582B93-96E3-4EBD-88BA-4F2D7136CBFD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3E5E3B04-9BB5-4D30-A074-CC4FE5E90979}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4868991E-81C1-4315-80A4-BB013C873438}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{4B514292-0C6E-4BDC-9689-3DD074FCDCC5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{4D428C51-2BEE-4066-A114-0649CA63A237}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{54E557F5-7305-41C0-88C4-2CD09C411590}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{5860B855-191C-421A-BE61-3856368EC406}" = protocol=6 | dir=out | app=system | 
"{5FF66FF0-99C5-4943-868B-9B1D4DC5BCBF}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe | 
"{69CF4335-01A6-4CED-97E7-F5A2F4A035AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6A916F85-06B8-4F93-862B-CBADCBAC8B37}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{6BC4FC3B-0055-451D-B0F1-1CA4354C3430}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{6BD161BB-80B2-419A-84A0-C3DD6A2D53BA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{7540C063-5F62-4114-963B-03F2A6B3DCB6}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | 
"{7B48A4C2-5C13-41CF-9322-08B5F2005FFA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{7D0F0EB6-7DE4-4730-8A84-14A0C5FB9B5A}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe | 
"{804FCF24-CAF3-4EEE-9855-DC1777C862BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{81050B87-9B31-4BBE-862A-A0A0EEE91FA1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{82D90AD8-4023-44BE-A944-68D354B1CF37}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{856CCCDB-3FFA-4BC1-BF20-2E4C24F60028}" = protocol=6 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe | 
"{886950DC-2A5F-465E-9FCA-C70D06C22D15}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{918512A2-A5F4-46CC-8F48-9FE8DAEAC9F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{972012F9-A2E9-4486-A0C6-CD8296E06ACF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A3B4FACB-2D8B-4947-BB51-F25C51C631DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{A6B25DF3-55A1-4EDA-9A0F-18AA6D2B17AC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{AA197DE7-2835-45D7-9199-51F1638D6F6F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{ADB91B4E-26E2-4614-A154-E5391E0DE910}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{AF240F08-E43F-4284-9E1A-CDE86C3473A0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B08BF8EF-0172-405D-B245-493336237DF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B65E9A0B-01F4-4838-822C-32C66F19176E}" = protocol=17 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe | 
"{BDC8AED4-5753-4AF2-A3F1-A6C8EB066D35}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{C5A4A066-BCFA-4A67-AAFA-68CE3BE34B3B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{C9B3ADEC-EFED-462B-B888-1152FE7B5DF1}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe | 
"{CB0C6A3F-A2C3-4219-82AA-448C62008318}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{DA3FE40C-A3A2-4573-8984-B14BB46C3162}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{DB6C9C1C-1AA6-43EB-9EAE-BDA940C38114}" = protocol=17 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe | 
"{DBAFEFB0-F5C7-465D-BD9C-D72E7BEE9E38}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E2D3E600-3393-469C-BD1C-8523FB809ADF}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | 
"{E40E3999-C599-42E6-817F-8FD13F0378A0}" = dir=out | app=%programfiles% (x86)\radmin viewer 3\radmin.exe | 
"{EA8AB3D3-CE48-4B25-AE67-461BC640B2CA}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{EB0F49C9-F2CE-4318-836B-C6031828F82B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F9F5A550-BB7D-4A49-8501-FA20EA7991F9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{FF1FDAEF-4032-4CAF-A83E-90BB02BC901D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{20E5E139-277F-4FE3-BD6A-9B8FAEF19923}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | 
"TCP Query User{7AE8B3D8-FA66-43F9-A4C6-2DEF69EE1250}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | 
"TCP Query User{C77753D0-38F6-4969-8210-F4461D9652B5}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{FFD469CF-B67B-4D9E-BEB4-3E4C06DB7E4F}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{0D693FB2-E70D-4B2C-B438-406442314D17}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{437E473F-B055-4E34-94AD-AFE7B32BF217}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{6611A0CD-E5E2-420C-9591-EC9600EA206F}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | 
"UDP Query User{6EAB7657-AF00-4803-8661-D5AC9125F2C4}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English
"{33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}" = ESET Smart Security
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3DCF00F5-04A5-4543-A088-70548081120E}_is1" = Compiled Driver Disc (Full) 1.0
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK)
"{48BB9EBA-C929-4D7E-AF43-21B4427373EB}" = AIWI JoyStick
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish)
"{5783F2D7-D001-0415-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack – Polski (Polish)
"{5783F2D7-D001-0415-2102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{669A82E0-43E2-4645-8A2E-1A3DE78F8312}" = Adobe Photoshop Lightroom 4 64-bit
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 331.82
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{C7966AB3-A8D9-48D5-B7DF-922674C40098}" = Device Simulation Framework 1.0.1
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"AutoCAD 2014 — Polski (Polish)" = Autodesk AutoCAD 2014 — Polski (Polish)
"Autodesk ReCap" = Autodesk ReCap
"AutoHotkey" = AutoHotkey 1.1.13.01
"BurnInTest_is1" = BurnInTest v7.1 Pro
"CCleaner" = CCleaner
"CCleaner_is1" = CCleaner wersja 4.14.4707
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"CyberGhost VPN_is1" = CyberGhost VPN Patch 4.7.19
"JottiQSetup_is1" = JottiQ v1.0.2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TNod" = TNod User & Password Finder
"Uninstall Tool_is1" = Uninstall Tool
"WinRAR archiver" = WinRAR 4.11 (64-bitowy)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.5.0
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{199127DC-7BDB-41AB-825B-4229A86F8F0D}" = Radmin Viewer 3.5
"{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{266725C1-716F-43AC-BBFB-4201131ED656}" = EasySetPackage
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2E6044C5-3495-485F-91BC-46D1B6430E51}" = Windows 7 Logon Background Changer
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F6C0B68-F8CC-4F6A-8346-44E247A92CB6}_is1" = Multi AV wersja 1.0.1
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C35E42C-98B4-4A82-87C7-8E73FBDDFBCC}" = AIMP2 MegaPack v6 by UppeD
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000B8304}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8305}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8306}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8307}" = Grand Theft Auto IV
"{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}" = TS Notifier
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Oprogramowanie
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C4F2AE9-4D57-4A5D-B20A-B52DC24EC953}_is1" = Counter-Strike 1.6 v40
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit)
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}" = Machinery DEMO
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F196892-666A-4A40-8587-6AE38F78A5C2}" = FARO LS 1.1.501.0
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}" = Microsoft Keyboard Layout Creator 1.4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A781940-AC41-4D5E-8E1E-76A04B916FB9}" = Helium
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A864167F-970B-4673-8FD2-AA1FD7AF3C1C}" = DxO Optics Pro 7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF549236-6258-4AC6-A043-5B5B89C6EB61}" = SpyHunter
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}" = Speed-Link SL-6535 USB Pad
"{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI
"{B4008666-3C27-4B67-9D89-80B4E31FA685}" = Paraben's Device Seizure
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1" = MOBILedit! Enterprise ver. 7.5.0.4173
"{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}" = Disk Unlocker
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40963EC-223E-4E65-8CF0-A60E9A227245}_is1" = Prawo Jazdy ABCDT - egzamin wewnętrzny 
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{FA1BD6B7-9740-4C9A-81EA-42D5196FA592}" = Angry Birds Space
"{FC274982-5AAD-4C20-848D-A9D60D18D757}_is1" = ScanMyReg 2.02
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Afterburner" = MSI Afterburner 2.3.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.30
"AIMP3" = AIMP3
"AQQ" = WapSter AQQ
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3 v.3.20
"Ashampoo Snap 4_is1" = Ashampoo Snap 4 v.4.3.0
"ASUS WebStorage" = ASUS WebStorage
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Audacity_is1" = Audacity 2.0.4
"Autodesk Content Service" = Autodesk Content Service
"Battlelog Web Plugins" = Battlelog Web Plugins
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DFX for AIMP2 1.2.5" = DFX for AIMP2 1.2.5
"easyHDR_BASIC_2" = easyHDR BASIC 2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ExifCleaner" = ExifCleaner 1.7
"FormatFactory" = FormatFactory 3.0.1
"FotoSender_is1" = FotoSender 3.0
"Fraps" = Fraps (remove only)
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"Google Chrome" = Google Chrome
"HD Tune Pro_is1" = HD Tune Pro 3.00
"Image Grabber II" = Image Grabber II
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"ipla" = ipla 2.7
"JDownloader" = JDownloader
"jv16 PowerTools_is1" = jv16 PowerTools 1.3
"KLiteCodecPack_is1" = K-Lite Codec Pack 10.0.5 Full
"Komputer Świat Plus_is1" = Komputer Świat Plus
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LAME_is1" = LAME v3.99.3 (for Windows)
"LG PC Suite" = LG PC Suite
"Lightning_is1" = Lightning
"Liveupdate4_is1" = Liveupdate4
"Logitech Vid" = Logitech Vid HD
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.2.1012
"Mozilla Firefox 24.0 (x86 pl)" = Mozilla Firefox 24.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Nvu_is1" = Nvu 1.0
"OCCT" = OCCT 4.2.0
"Origin" = Origin
"PC Alert 4" = PC Alert 4
"PowerISO" = PowerISO
"Project 64_is1" = Project 64 version 2.1.0.1
"Protected Folder_is1" = Protected Folder
"PunkBusterSvc" = PunkBuster Services
"Silver Efex Pro 2" = Silver Efex Pro 2
"SM7192" = USB Cobra Joystick V4
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 8" = TeamViewer 8
"The KMPlayer" = The KMPlayer (remove only)
"Undelete 360_is1" = Undelete 360
"Uninstall Tool_is1" = Uninstall Tool
"Uplay" = Uplay
"Uplay Install 273" = Assassin's Creed IV Black Flag
"VCardExport_is1" = VCardExportTool
"Visual Watermark_is1" = Visual Watermark 2.9.30
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Podstawowe programy Windows Live
"WinRAR archiver" = WinRAR archiver
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dexpot" = Dexpot
"Flux" = f.lux
"GG" = GG
"KeyTurion" = KeyTurion version 2.8
"Polska lokalizacja Lightroom 4" = Polska lokalizacja Lightroom 4
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2014-08-25 08:00:59 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-08-25 13:10:43 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-08-25 13:55:48 | Computer Name = Dawid-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: NvBackend.exe, wersja: 10.11.15.0,
 sygnatura czasowa: 0x52a6776c  Nazwa modułu powodującego błąd: nvspcap.dll_unloaded,
 wersja: 0.0.0.0, sygnatura czasowa: 0x52a67618  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x100be510  Identyfikator procesu powodującego błąd: 0x994  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01cfc08d813fe5d7  Ścieżka aplikacji powodującej błąd:
 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe  Ścieżka modułu
 powodującego błąd: nvspcap.dll  Identyfikator raportu: 0ae6c4e3-2c81-11e4-947d-f46d04619414
 
Error - 2014-08-25 13:55:52 | Computer Name = Dawid-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: NvBackend.exe, wersja: 10.11.15.0,
 sygnatura czasowa: 0x52a6776c  Nazwa modułu powodującego błąd: nvspcap.dll_unloaded,
 wersja: 0.0.0.0, sygnatura czasowa: 0x52a67618  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x100077e2  Identyfikator procesu powodującego błąd: 0x994  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01cfc08d813fe5d7  Ścieżka aplikacji powodującej błąd:
 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe  Ścieżka modułu
 powodującego błąd: nvspcap.dll  Identyfikator raportu: 0d70ad97-2c81-11e4-947d-f46d04619414
 
Error - 2014-08-26 04:18:13 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-08-26 12:18:48 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-08-27 04:18:01 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-08-27 07:17:32 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-08-28 04:00:16 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description = 
 
Error - 2014-08-28 07:18:28 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 2012-01-10 12:31:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:31:51 - Błąd podczas nawiązywania połączenia z Internetem.  17:31:51
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-10 12:31:59 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:31:56 - Błąd podczas nawiązywania połączenia z Internetem.  17:31:56
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-11 13:15:09 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 18:15:09 - Błąd podczas nawiązywania połączenia z Internetem.  18:15:09
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-11 13:15:17 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 18:15:14 - Błąd podczas nawiązywania połączenia z Internetem.  18:15:14
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-12 12:01:15 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:01:15 - Błąd podczas nawiązywania połączenia z Internetem.  17:01:15
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-12 12:01:24 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 17:01:20 - Błąd podczas nawiązywania połączenia z Internetem.  17:01:20
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-13 11:45:32 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 16:45:32 - Błąd podczas nawiązywania połączenia z Internetem.  16:45:32
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-13 11:45:42 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 16:45:37 - Błąd podczas nawiązywania połączenia z Internetem.  16:45:37
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-14 10:05:39 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 15:05:39 - Błąd podczas nawiązywania połączenia z Internetem.  15:05:39
 -     Nie można skontaktować się z serwerem..  
 
Error - 2012-01-14 10:05:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0
Description = 15:05:47 - Błąd podczas nawiązywania połączenia z Internetem.  15:05:47
 -     Nie można skontaktować się z serwerem..  
 
[ OSession Events ]
Error - 2014-01-06 11:09:30 | Computer Name = Dawid-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 2014-08-27 07:56:26 | Computer Name = Dawid-Komputer | Source = nvlddmkm | ID = 11141134
Description = 
 
Error - 2014-08-28 03:58:47 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi sbapifs z powodu następującego błędu:   %%2
 
Error - 2014-08-28 03:59:26 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego 
lub systemowego:   BTHidMgr
 
Error - 2014-08-28 04:08:23 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2014-08-28 05:09:45 | Computer Name = Dawid-Komputer | Source = nvlddmkm | ID = 11141134
Description = 
 
Error - 2014-08-28 07:16:02 | Computer Name = Dawid-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 11:51:51 na ?2014-?08-?28 było 
nieoczekiwane.
 
Error - 2014-08-28 07:15:51 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi sbapifs z powodu następującego błędu:   %%2
 
Error - 2014-08-28 07:17:51 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego 
lub systemowego:   BTHidMgr
 
Error - 2014-08-28 07:22:48 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania
 funkcji, której nie można uruchomić z powodu następującego błędu:   %%1058
 
Error - 2014-08-28 07:31:51 | Computer Name = Dawid-Komputer | Source = nvlddmkm | ID = 11141134
Description = 
 
 
< End of report >
 

[/log]

Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

Komp zaczal mulic w pierwszych kilku minutach od wlaczenia. Jestem teraz w trybie awawyjnym i jak narazie nic sie nie dzieje. Wiecie co jest grane? Kompa potrzebuje codziennie a on mi takie cos odwala...


Chciałbym jeszcze dodać ze chyba przez to usuniecie "NvStreamSvc" obraz w niektorych miejscach jest czasem nieostry.

Zayfi

Zayfi

komentarz
komentarz

A wykonaj czysty rozruch systemu

 

http://support.microsoft.com/kb/331796/pl

Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

Nadal to samo. Ręce mi opadają... Zauważyłem że po czystym rozruchu nadal mam dość sporo usług.

Dawid_Dj

Dawid_Dj

komentarz
  • Autor
komentarz

Po zainstalowaniu najnowszego sterownika graficznego wszystko jest ok (jak narazie). Dziwne bo kiedys tez to aktualizowalem i nadal mialem problem. Zobaczymy na jak dlugo bedzie sprawny.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

Zadaj pytanie bez logowania
Przejdź do listy tematów
×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.

  Akceptuję