Dawid_Dj utworzono 11 lutego 2014 utworzono 11 lutego 2014 Oto mój temat: http://www.forumpc.pl/topic/310982-regularna-przycinka-na-pare-sekud/ Daję logi do sprawdzenia. OTL [log]OTL logfile created on: 2014-02-11 10:24:19 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dawid\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 4,75 Gb Available Physical Memory | 59,55% Memory free 15,96 Gb Paging File | 12,05 Gb Available in Paging File | 75,53% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 155,25 Gb Total Space | 18,09 Gb Free Space | 11,65% Space Free | Partition Type: NTFS Drive D: | 155,16 Gb Total Space | 31,33 Gb Free Space | 20,19% Space Free | Partition Type: NTFS Drive E: | 155,25 Gb Total Space | 19,02 Gb Free Space | 12,25% Space Free | Partition Type: NTFS Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014-02-02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2014-01-18 16:15:34 | 008,329,728 | ---- | M] (AQQ Sp. z o.o.) -- C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe PRC - [2013-12-15 12:51:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dawid\Desktop\OTL.exe PRC - [2013-12-08 11:33:48 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2013-11-14 12:56:57 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe PRC - [2013-11-14 12:56:48 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013-11-11 15:42:02 | 000,764,192 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe PRC - [2013-11-11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013-10-25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe PRC - [2013-10-25 12:07:00 | 000,878,368 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe PRC - [2013-10-16 00:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe PRC - [2013-04-23 08:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013-04-04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013-03-12 06:32:58 | 000,506,744 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe PRC - [2012-01-18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011-05-19 15:39:18 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011-05-19 15:39:14 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2011-02-21 22:17:32 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe PRC - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2010-12-02 03:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe PRC - [2010-11-03 10:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe PRC - [2010-10-21 10:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe PRC - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009-12-22 12:31:50 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe PRC - [2009-12-22 12:30:54 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe PRC - [2009-12-15 13:47:00 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe ========== Modules (No Company Name) ========== MOD - [2014-02-02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll MOD - [2014-02-02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll MOD - [2014-02-02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll MOD - [2014-02-02 00:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll MOD - [2014-02-02 00:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll MOD - [2014-02-02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll MOD - [2014-01-09 20:46:18 | 004,312,576 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\GGNet.dll MOD - [2014-01-09 09:42:44 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\SMS.dll MOD - [2013-12-07 22:52:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll MOD - [2013-12-07 22:52:54 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\41a3bd6011f301f808fac8eb53993206\IAStorCommon.ni.dll MOD - [2013-12-07 22:52:53 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll MOD - [2013-12-07 22:52:52 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d52b8823da05f910389b3d26bfe654c6\IAStorUtil.ni.dll MOD - [2013-12-07 22:52:51 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll MOD - [2013-12-07 22:52:47 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll MOD - [2013-12-07 22:52:44 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll MOD - [2013-12-07 22:52:42 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll MOD - [2013-12-07 22:52:40 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll MOD - [2013-12-07 22:52:37 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll MOD - [2013-09-24 15:47:15 | 001,221,120 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\BirthdayReminder.dll MOD - [2013-09-24 15:45:42 | 000,309,248 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\StealStatus.dll MOD - [2013-09-24 15:45:21 | 000,309,248 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\Makra.dll MOD - [2013-03-23 16:44:28 | 000,335,360 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\AQQRestarter.dll MOD - [2013-02-02 21:39:22 | 000,095,232 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\OfflineNotify.dll MOD - [2013-01-28 09:39:26 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\WapSter\WapSter AQQ\System\Shared\Plugins\Contact.dll MOD - [2013-01-15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl MOD - [2013-01-15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl MOD - [2013-01-15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl MOD - [2013-01-15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll MOD - [2012-12-16 11:34:52 | 002,831,872 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\offlinePictures.dll MOD - [2012-12-16 11:34:21 | 000,872,448 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\Responder.dll MOD - [2012-12-13 01:28:50 | 000,060,416 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\SpellChecker.dll MOD - [2011-01-15 19:59:24 | 000,338,944 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\Archeolog.dll MOD - [2010-11-13 03:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-12-22 12:31:50 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe MOD - [2009-12-22 12:30:54 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe MOD - [2009-12-22 12:30:36 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK.dll MOD - [2009-12-22 12:30:34 | 000,065,536 | ---- | M] () -- C:\Windows\SysWOW64\LGErrorHandler.dll MOD - [2009-12-22 12:30:28 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EngRes.dll MOD - [2009-12-15 13:49:20 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009-12-15 13:46:38 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009-04-19 16:42:06 | 000,186,880 | ---- | M] () -- C:\Users\Dawid\WapSter\AQQ Folder\Profiles\Pako\Plugins\QuickDel.dll ========== Services (SafeList) ========== SRV:64bit: - [2013-11-26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2013-11-14 12:57:03 | 015,125,280 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:64bit: - [2013-10-13 11:02:56 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:64bit: - [2013-06-29 22:37:42 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64) SRV:64bit: - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2012-12-14 14:22:32 | 003,302,536 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv) SRV:64bit: - [2012-04-26 09:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc) SRV:64bit: - [2011-01-12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV:64bit: - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2014-02-06 13:00:12 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-12-11 18:00:04 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-12-08 11:33:48 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2013-11-14 12:56:48 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013-11-11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013-10-25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc) SRV - [2013-10-25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7) SRV - [2013-10-23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013-04-23 08:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012-12-13 16:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service) SRV - [2012-08-01 15:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-01-18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011-05-19 15:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011-03-01 17:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2011-02-21 22:17:32 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc) SRV - [2010-12-02 11:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker) SRV - [2010-12-02 03:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc) SRV - [2010-11-03 10:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc) SRV - [2010-10-21 10:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013-11-14 12:57:13 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2013-11-14 12:57:05 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2013-10-28 01:12:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2013-10-28 01:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2013-10-08 18:23:28 | 000,024,032 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus) DRV:64bit: - [2013-08-29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2013-07-16 11:33:04 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:64bit: - [2013-06-28 11:45:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem) DRV:64bit: - [2013-04-23 16:30:52 | 000,093,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis) DRV:64bit: - [2013-04-18 16:14:12 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag) DRV:64bit: - [2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012-12-24 16:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV:64bit: - [2012-12-24 16:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtAudioBusSrv) DRV:64bit: - [2012-12-24 16:42:26 | 000,031,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (IvtPanBusSrv) DRV:64bit: - [2012-12-24 16:42:26 | 000,031,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs) DRV:64bit: - [2012-12-05 10:52:30 | 001,290,840 | ---- | M] (Agnitum Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\SandBox64.sys -- (SandBox) DRV:64bit: - [2012-12-03 12:56:26 | 000,466,528 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore) DRV:64bit: - [2012-09-03 20:27:18 | 000,040,544 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (afw) DRV:64bit: - [2012-08-29 18:46:14 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1) DRV:64bit: - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012-06-27 14:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2012-03-19 09:36:42 | 000,066,184 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Filt\ASWFilt64.dll -- (ASWFilt) DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012-02-09 07:06:36 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:64bit: - [2012-01-18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2012-01-18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2012-01-15 14:05:59 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012-01-09 16:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2012-01-09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2012-01-09 16:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2012-01-09 16:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011-12-15 18:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011-05-16 06:39:26 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT) DRV:64bit: - [2011-05-10 17:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011-02-24 10:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011-02-24 10:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2010-12-21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2010-12-21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2010-12-21 13:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:64bit: - [2010-12-21 13:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:64bit: - [2010-12-21 13:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis) DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010-10-19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010-09-21 11:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus) DRV:64bit: - [2010-09-15 08:46:14 | 000,060,288 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MHIKEY10x64.sys -- (MHIKEY10) DRV:64bit: - [2010-02-08 22:28:10 | 000,148,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hrmports.sys -- (HRMPORTS) DRV:64bit: - [2010-02-08 22:28:10 | 000,133,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hrmcfgspc.sys -- (HRMCFGSPC) DRV:64bit: - [2010-02-08 22:28:10 | 000,128,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hrmints.sys -- (HRMINTS) DRV:64bit: - [2010-02-08 22:28:08 | 000,676,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dsfksvcs.sys -- (DSFKSVCS) DRV:64bit: - [2010-02-08 22:28:08 | 000,035,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dsfroot.sys -- (dsfroot) DRV:64bit: - [2010-02-08 20:58:56 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci_dsf.sys -- (usbehci_dsf) DRV:64bit: - [2010-02-08 20:06:46 | 000,675,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\softusbk.sys -- (SOFTUSBK) DRV:64bit: - [2010-02-08 20:06:46 | 000,366,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\softehci.sys -- (softehci) DRV:64bit: - [2010-02-08 20:06:42 | 000,206,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\softhidusbk.sys -- (SOFTHIDUSBK) DRV:64bit: - [2010-01-14 13:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60) DRV:64bit: - [2010-01-14 13:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) DRV:64bit: - [2010-01-14 13:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) DRV:64bit: - [2010-01-14 13:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) DRV:64bit: - [2009-08-13 08:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp) DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM) DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008-11-04 04:08:12 | 000,022,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GWHid.sys -- (GWHid) DRV:64bit: - [2008-09-23 00:24:00 | 000,050,176 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\shbecr.sys -- (Tdsshbecr) DRV:64bit: - [2008-03-30 03:16:46 | 000,031,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VL807.sys -- (VL807) DRV - [2010-09-16 20:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys) DRV - [2009-12-22 12:30:46 | 000,019,456 | ---- | M] (LG Soft India) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\LGPII2CDriver.sys -- (LGII2CDevice) DRV - [2009-12-22 12:30:36 | 000,016,384 | ---- | M] (LG Soft India) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\LGI2CDriver.sys -- (LGDDCDevice) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008-11-04 04:08:18 | 000,018,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GWHid.sys -- (GWHid) DRV - [2008-03-30 03:17:18 | 000,025,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\VL807.sys -- (VL807) DRV - [2008-02-15 16:30:48 | 000,015,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys -- (FLASHSYS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/ [binary data] IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes,DefaultScope = {01AA3507-BBE7-437F-B89A-A4E240EF067E} IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes\{01AA3507-BBE7-437F-B89A-A4E240EF067E}: "URL" = http://www.idg.pl?q={searchTerms} IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1008\..\SearchScopes,DefaultScope = ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledAddons: SkipScreen%40SkipScreen:0.7.2 FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3 FF - prefs.js..extensions.enabledAddons: %7B3e0e7d2a-070f-4a47-b019-91fe5385ba79%7D:3.5.9 FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0 FF - prefs.js..extensions.enabledAddons: YoutubeDownloader%40PeterOlayev.com:2.2.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0 FF - prefs.js..keyword.url: "http://isearch.avg.com/search?cid=%7B9b6f0ca3-7e12-4afe-b918-e1143ebfb52f%7D&mid=3c8acdbcac8547d095a0252442857de7-617abbcef06b250eea98b924de82af8847409f3a&ds=st011&v=11.1.0.7&lang=pl&pr=sa&d=2012-03-30%2017%3A42%3A10&sap=ku&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.1: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB) FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Dawid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012-12-10 20:52:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-12-11 17:59:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-12-10 20:52:55 | 000,000,000 | ---D | M] [2011-11-29 20:31:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Extensions [2014-01-24 10:18:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions [2013-01-07 11:31:47 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2013-08-27 11:06:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-12-12 17:04:47 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\ascsurfingprotection@iobit.com [2014-01-07 16:03:05 | 000,000,000 | ---D | M] (FullScreen+) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\FullScreen@muha.com [2014-01-24 10:18:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\staged [2014-01-16 15:40:35 | 000,252,696 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\jid0-8C9kZOXgcsBN95BaPPbaKdSHEpU@jetpack.xpi [2013-06-20 21:59:29 | 000,255,232 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\jid1-GBYr3F9iI4n8IA@jetpack.xpi [2013-12-05 14:20:23 | 000,703,930 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack.xpi [2013-02-18 10:26:22 | 000,030,191 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\screensurfer@pjs.nl.xpi [2013-07-21 08:57:20 | 000,071,038 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\SkipScreen@SkipScreen.xpi [2013-02-04 10:44:31 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\translator@zoli.bod.xpi [2013-01-30 16:47:08 | 000,021,356 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\uss-button@uploadscreenshot.com.xpi [2014-01-24 10:18:54 | 000,072,997 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013-09-07 21:43:17 | 000,242,531 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi [2013-08-02 11:11:22 | 000,224,035 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013-12-21 20:18:22 | 000,389,303 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-01-16 21:25:40 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-11 17:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013-12-11 17:59:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-11 17:59:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2013-12-11 17:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013-12-11 18:00:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - Extension: Dokumenty Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Dysk Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Szukaj w Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\ CHR - Extension: Google Wallet = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\ CHR - Extension: Gmail = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2012-02-26 15:44:09 | 000,000,867 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL (IObit) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [TNOD UP] "C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe" /i File not found O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe (ecareme) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (AQQ Sp. z o.o.) O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [F.lux] C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC) O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1008..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableThumbnails = 0 O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A07E7B8-1FD9-4107-B093-43C81F346573}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook64.dll (Agnitum Ltd.) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll (Agnitum Ltd.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-06-26 21:38:36 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2013-07-24 13:54:55 | 000,000,000 | ---D | M] - E:\autocad -- [ NTFS ] O32 - AutoRun File - [2013-06-29 23:51:50 | 000,000,000 | ---D | M] - E:\Autodesk -- [ NTFS ] O33 - MountPoints2\{30c971b1-15dd-11e2-b2eb-f46d04619414}\Shell - "" = AutoRun O33 - MountPoints2\{30c971b1-15dd-11e2-b2eb-f46d04619414}\Shell\AutoRun\command - "" = K:\start.exe O33 - MountPoints2\{706d8922-e23b-11e1-9d52-f46d04619414}\Shell - "" = AutoRun O33 - MountPoints2\{706d8922-e23b-11e1-9d52-f46d04619414}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a O33 - MountPoints2\{ba2897de-8781-11e3-b0eb-f46d04619414}\Shell - "" = AutoRun O33 - MountPoints2\{ba2897de-8781-11e3-b0eb-f46d04619414}\Shell\AutoRun\command - "" = L:\LG_PC_Programs.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) ========== Files/Folders - Created Within 30 Days ========== [2014-02-11 10:23:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dawid\Desktop\OTL.exe [2014-02-09 11:13:03 | 000,000,000 | ---D | C] -- C:\Users\Dawid\Desktop\nadajace sie [2014-02-06 13:01:32 | 000,000,000 | ---D | C] -- C:\Users\Dawid\Documents\K 57 [2014-01-30 16:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TNod User & Password Finder [2014-01-22 16:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2014-01-22 16:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID [2014-01-21 18:07:30 | 000,000,000 | ---D | C] -- C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Datpol [2014-01-21 17:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2014-01-19 11:25:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 [2014-01-15 16:07:41 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2014-01-15 16:07:41 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2014-01-15 16:07:38 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys ========== Files - Modified Within 30 Days ========== [2014-02-11 10:12:52 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-02-11 10:00:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-02-11 09:48:44 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-02-11 09:48:35 | 000,000,494 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job [2014-02-11 09:48:01 | 000,032,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-02-11 09:48:00 | 000,032,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-02-11 09:40:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-02-11 09:40:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2014-02-11 09:40:08 | 2131,857,407 | -HS- | M] () -- C:\hiberfil.sys [2014-02-10 19:44:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job [2014-02-10 11:57:26 | 000,291,944 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2014-02-10 11:57:26 | 000,291,944 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2014-02-09 14:37:48 | 000,291,944 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2014-02-06 22:44:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job [2014-02-06 13:04:23 | 003,722,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014-02-06 13:04:23 | 001,430,882 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014-02-06 13:04:23 | 001,290,900 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014-02-06 13:04:23 | 000,544,654 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014-02-06 13:04:23 | 000,424,572 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014-02-06 13:00:11 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014-02-06 13:00:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014-02-02 09:36:24 | 000,000,098 | ---- | M] () -- C:\Windows\SysWow64\91207717.sys [2014-02-01 17:02:17 | 000,001,112 | ---- | M] () -- C:\Users\Dawid\Desktop\glowny.m3u [2014-01-26 18:12:09 | 015,547,343 | ---- | M] () -- C:\Users\Dawid\Desktop\Sunny, Tagir Sultanov - Legenda About Sunglasses At Night (Locco Lovers & Wojtala Pres. 'Develey Boyz' Bootleg) www.Electro-Blog.PL.mp3 [2014-01-16 13:52:35 | 005,148,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014-01-13 22:13:27 | 000,000,132 | ---- | M] () -- C:\Users\Dawid\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG ========== Files Created - No Company Name ========== [2014-02-01 17:02:16 | 000,001,112 | ---- | C] () -- C:\Users\Dawid\Desktop\glowny.m3u [2014-01-26 18:11:51 | 015,547,343 | ---- | C] () -- C:\Users\Dawid\Desktop\Sunny, Tagir Sultanov - Legenda About Sunglasses At Night (Locco Lovers & Wojtala Pres. 'Develey Boyz' Bootleg) www.Electro-Blog.PL.mp3 [2014-01-12 22:55:11 | 003,927,842 | ---- | C] () -- C:\Users\Dawid\Desktop\P1130015.JPG [2013-12-28 18:09:11 | 000,000,916 | ---- | C] () -- C:\Windows\SysWow64\SHORTCUT.INI [2013-12-28 18:08:59 | 000,000,104 | ---- | C] () -- C:\Windows\SysWow64\REMOTEDEVICE.INI [2013-12-15 10:00:46 | 000,000,126 | ---- | C] () -- C:\Windows\wininit.ini [2013-12-08 10:10:09 | 000,000,000 | ---- | C] () -- C:\Windows\QuickInstall.INI [2013-12-07 23:04:54 | 000,038,418 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Microsoft Excel 97-2003.ADR [2013-12-07 23:04:52 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI [2013-12-05 16:12:26 | 000,070,904 | ---- | C] () -- C:\Windows\SysWow64\VMProtectSDK32.dll [2013-12-05 16:11:44 | 000,311,032 | ---- | C] () -- C:\Windows\SysWow64\IVTCredentialProvider.dll [2013-12-05 16:10:38 | 000,273,144 | ---- | C] () -- C:\Windows\SysWow64\Adpush.dll [2013-12-01 23:23:33 | 000,000,132 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP [2013-12-01 23:20:50 | 000,000,132 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG [2013-11-03 10:51:36 | 000,000,098 | ---- | C] () -- C:\Windows\SysWow64\91207717.sys [2013-10-19 10:45:51 | 000,000,093 | ---- | C] () -- C:\Users\Dawid\AppData\Local\fusioncache.dat [2013-06-29 22:38:42 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2012-12-07 21:05:48 | 000,000,096 | ---- | C] () -- C:\Windows\BsMobileModel.ini [2012-09-28 20:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011-12-21 13:44:05 | 000,007,645 | ---- | C] () -- C:\Users\Dawid\AppData\Local\resmon.resmoncfg ========== ZeroAccess Check ========== [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2014-02-10 20:34:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIMP3 [2012-02-22 14:36:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIWI [2011-12-18 16:05:40 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ashampoo [2011-12-30 16:23:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ASUS WebStorage [2013-11-03 10:53:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Audacity [2013-06-29 23:33:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Autodesk [2012-06-02 12:27:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\BANDISOFT [2012-01-28 11:06:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\com.adobe.DC3Module.AdobeADC [2012-08-30 14:51:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CrystalIdea Software [2012-03-29 16:09:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Lite [2011-11-29 16:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Pro [2012-10-20 16:48:05 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dexpot [2014-02-04 09:17:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dropbox [2011-12-17 20:07:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DxO Labs [2012-01-22 19:10:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\e-pity [2012-01-14 19:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ESET [2012-06-09 16:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\EurekaLog [2012-01-27 18:40:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gadu-Gadu 10 [2012-05-15 16:55:28 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GanymedeNet [2014-01-19 20:19:29 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GG [2013-12-14 09:28:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gholam_Inc [2013-12-14 14:16:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\hdd_guardian [2012-05-02 10:34:16 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HDRsoft [2013-12-08 10:05:47 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HotSync [2013-12-12 17:04:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IObit [2013-10-20 11:48:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ipla [2013-12-14 23:52:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IsolatedStorage [2012-04-06 12:04:43 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Leadertech [2013-12-14 18:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\LG Electronics [2014-01-27 21:30:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\MOBILedit [2012-12-10 18:29:23 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia [2012-12-10 18:22:52 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia Suite [2012-01-01 13:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nseries [2013-04-14 17:21:31 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nvu [2012-01-24 19:57:45 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\OpenFM [2013-07-16 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Origin [2011-12-17 20:06:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PACE Anti-Piracy [2012-01-19 19:15:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PC Suite [2013-12-24 18:44:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PearlMountain [2011-12-24 16:59:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Personal [2011-12-23 13:50:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PunkBuster [2012-04-02 21:38:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Rovio [2012-03-09 18:49:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\S.A.D [2013-10-18 17:12:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Softativity [2012-01-28 16:46:54 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-03-25 17:21:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SuperUtils.com [2013-12-07 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TeamViewer [2011-12-26 11:45:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Tific [2014-01-18 22:37:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TS3Client [2012-04-10 10:23:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ts3overlay [2012-07-08 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TSNotifier [2012-04-18 13:56:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TuneUp Software [2012-06-07 17:35:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ubisoft [2011-12-10 15:19:39 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ulead Systems [2012-06-17 13:50:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinAVI ========== Purity Check ========== ========== Custom Scans ========== < C:\*.* > [2014-02-11 09:40:08 | 2131,857,407 | -HS- | M] () -- C:\hiberfil.sys [2013-12-08 10:06:52 | 003,806,062 | ---- | M] () -- C:\HuskyInstallerLog.txt [2014-02-11 09:40:10 | 4274,135,039 | -HS- | M] () -- C:\pagefile.sys [2012-02-24 14:31:04 | 000,179,054 | ---- | M] () -- C:\TDSSKiller.2.7.13.0_24.02.2012_14.29.38_log.txt [2012-03-18 12:32:45 | 000,090,740 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_18.03.2012_12.31.31_log.txt [2012-03-18 16:39:16 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_18.03.2012_16.39.14_log.txt [2012-02-24 14:35:44 | 000,091,570 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_24.02.2012_14.34.50_log.txt [2012-02-26 13:14:01 | 000,092,604 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_26.02.2012_13.13.18_log.txt [2012-03-18 16:47:27 | 000,090,740 | ---- | M] () -- C:\TDSSKiller.2.7.20.0_18.03.2012_16.46.10_log.txt [2012-06-18 11:10:49 | 000,092,934 | ---- | M] () -- C:\TDSSKiller.2.7.20.0_18.06.2012_12.10.17_log.txt [2009-07-14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009-07-14 06:08:49 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012-04-01 17:42:06 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012-04-11 21:02:43 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job [2012-04-11 21:02:44 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job [2012-07-06 16:17:38 | 000,001,042 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012-07-06 16:17:38 | 000,001,046 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2013-10-20 11:41:50 | 000,000,410 | ---- | C] () -- C:\Windows\Tasks\RegCure Pro.job [2013-10-20 11:41:52 | 000,000,494 | ---- | C] () -- C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job < D:\*.* > [2012-01-24 17:23:59 | 000,258,492 | ---- | M] () -- D:\00-00-00.jpg [2012-01-24 17:27:28 | 000,350,024 | ---- | M] () -- D:\00-00-00_et.jpg [2012-01-24 17:23:59 | 000,256,656 | ---- | M] () -- D:\00-00-02.jpg [2013-07-04 16:59:03 | 1557,383,068 | ---- | M] () -- D:\17 urodziny danona przejazd moto noca.avi [2013-07-04 16:59:03 | 018,693,868 | ---- | M] () -- D:\17 urodziny danona przejazd moto noca~2.avi [2013-07-04 16:53:17 | 000,011,264 | ---- | M] () -- D:\17 urodziny danona przejazdza moto.VSP [2011-08-24 20:51:58 | 003,050,163 | ---- | M] () -- D:\2fotkiorygprzerobka_kolaz.jpg [2011-08-24 20:52:54 | 002,784,026 | ---- | M] () -- D:\2fotkiorygprzerobka_kolaz22.jpg [2011-04-02 09:47:29 | 957,273,448 | ---- | M] () -- D:\ACBSP 2011-04-02 10-43-51-23.avi [2011-04-02 09:47:45 | 023,624,872 | ---- | M] () -- D:\ACBSP 2011-04-02 10-47-38-89.avi [2013-11-29 19:06:05 | 000,647,626 | ---- | M] () -- D:\billing (2).txt [2013-12-08 14:40:23 | 000,630,136 | ---- | M] () -- D:\billing (3).txt [2013-12-14 22:55:11 | 000,192,065 | ---- | M] () -- D:\billing (4).txt [2013-12-27 21:25:03 | 000,196,011 | ---- | M] () -- D:\billing (5).txt [2014-01-18 20:04:57 | 000,536,412 | ---- | M] () -- D:\billing (6).txt [2013-10-26 19:12:46 | 000,538,759 | ---- | M] () -- D:\billing.txt [2011-02-27 15:19:06 | 559,481,986 | ---- | M] () -- D:\CoDMW2.wmv [2012-12-17 15:43:30 | 050,040,832 | ---- | M] () -- D:\Credo Prawko B.iso [2011-09-29 19:34:36 | 003,957,706 | ---- | M] () -- D:\crosskolaz1.jpg [2013-03-31 19:02:38 | 004,249,281 | ---- | M] () -- D:\crosskolaz2.jpg [2007-02-01 15:04:06 | 061,236,062 | ---- | M] () -- D:\CRYSpcVIDTRdx10.wmv [2013-04-18 19:59:46 | 000,819,831 | ---- | M] () -- D:\dwe.mp4 [2013-12-12 18:01:19 | 000,011,007 | ---- | M] () -- D:\kontakty 07.12.2013.txt [2013-12-12 21:00:27 | 000,014,558 | ---- | M] () -- D:\kontakty 07.12.2013.txt.docx [2012-03-18 12:30:40 | 000,041,183 | ---- | M] () -- D:\KontaktyDawid_18.03.2012 [2012-02-24 14:26:06 | 000,041,837 | ---- | M] () -- D:\KontaktyggDawid_24.02.2012 [2012-07-04 14:54:27 | 000,041,618 | ---- | M] () -- D:\Kontakty_9207423_04.07.2012 [2012-05-15 18:15:38 | 000,040,493 | ---- | M] () -- D:\Kontakty_9207423_15.05.2012 [2012-07-29 22:16:42 | 000,041,069 | ---- | M] () -- D:\Kontakty_9207423_29.07.2012 [2012-06-17 14:09:04 | 000,927,188 | ---- | M] () -- D:\ludzie, lodożerca.mp3 [2010-02-16 18:53:20 | 000,052,070 | ---- | M] () -- D:\ludzie.amr [2010-02-16 18:53:20 | 000,527,079 | ---- | M] () -- D:\ludzie.mp3 [2012-11-03 00:54:26 | 015,740,409 | ---- | M] () -- D:\MOV00321.3gp [2012-11-05 21:45:27 | 2020,266,143 | ---- | M] () -- D:\Osiemnastka Danona.mp4 [2008-03-05 18:16:30 | 096,558,090 | ---- | M] () -- D:\P1010399.MOV [2008-03-05 18:22:20 | 029,908,310 | ---- | M] () -- D:\P1010403.MOV [2008-03-22 15:03:28 | 067,235,722 | ---- | M] () -- D:\P1020379.MOV [2010-02-10 19:22:24 | 003,646,352 | ---- | M] () -- D:\P1080184.JPG [2010-02-15 11:42:26 | 003,417,346 | ---- | M] () -- D:\P1080190.JPG [2010-02-15 11:50:04 | 003,938,113 | ---- | M] () -- D:\P1080191.JPG [2010-03-22 16:13:06 | 003,575,334 | ---- | M] () -- D:\P1080392.JPG [2010-03-22 16:13:32 | 003,854,951 | ---- | M] () -- D:\P1080393.JPG [2011-11-06 14:03:12 | 003,020,341 | ---- | M] () -- D:\P1160593.JPG [2011-11-07 15:21:22 | 001,950,575 | ---- | M] () -- D:\P1160593_3.jpeg [2011-11-27 16:39:40 | 002,506,626 | ---- | M] () -- D:\P1160754.JPG [2011-11-27 17:19:26 | 000,773,794 | ---- | M] () -- D:\P1160754_2.jpg [2011-11-27 17:37:50 | 000,787,302 | ---- | M] () -- D:\P1160754_3.jpeg [2013-12-01 22:27:03 | 000,990,569 | ---- | M] () -- D:\Picture 28.jpg [2011-10-16 17:13:10 | 000,070,941 | ---- | M] () -- D:\screen320.jpg [2013-04-18 19:11:11 | 000,531,728 | ---- | M] () -- D:\Skok przez okno na lekcji GEOGRAFII.mp4 [2011-11-25 19:37:17 | 268,435,456 | -HS- | M] () -- D:\WinPEpge.sys [2013-05-09 18:17:33 | 180,403,915 | ---- | M] () -- D:\wiosny - przypomnienie.psd [2012-11-08 19:00:32 | 108,882,807 | ---- | M] () -- D:\Wojtas na Paka urodzinach.mp4 [2012-11-08 19:00:58 | 000,008,704 | ---- | M] () -- D:\Wojtas na urodzinach u Paka.VSP < E:\*.* > [2013-11-30 23:45:56 | 000,011,017 | ---- | M] () -- E:\00001.vcf [2011-11-20 15:08:22 | 007,891,551 | ---- | M] (A.I.SOFT,INC.) -- E:\465-USB-WIN7-64-PNP-A-PL(1).EXE [2012-06-05 18:57:45 | 094,039,935 | ---- | M] () -- E:\AC3 - Oficjalny zwiastun z E3 [PL].mp4 [2012-03-29 08:25:54 | 733,779,968 | ---- | M] () -- E:\american pie 6 beta house lektor pl.avi [2012-04-02 21:32:34 | 034,995,726 | ---- | M] () -- E:\Angry Birds Space 1.0.0.THETA www.exsite.pl.rar [2012-06-11 15:14:57 | 729,248,342 | ---- | M] () -- E:\bf3_2012_06_11_16_10_49_808.avi [2012-10-07 12:00:23 | 071,831,387 | ---- | M] () -- E:\BF3_Premium_Guide02_EN_v2.pdf [2012-12-30 12:28:09 | 090,682,025 | ---- | M] () -- E:\BF3_Premium_Guide03_EN.pdf [2013-04-02 13:30:22 | 081,254,005 | ---- | M] () -- E:\BF3_Premium_Guide04_EN.pdf [2013-12-14 22:55:11 | 000,192,065 | ---- | M] () -- E:\billing 05.12.2013 - 14.12.2013.txt [2013-12-08 14:40:23 | 000,630,136 | ---- | M] () -- E:\billing 09.11.2013 - 08.12.2013.txt [2014-01-18 20:04:57 | 000,536,412 | ---- | M] () -- E:\billing 20.12.2013 - 18.01.2014.txt [2013-10-26 19:12:46 | 000,538,759 | ---- | M] () -- E:\billing 27.09.2013 - 26.10.2013.txt [2013-12-27 21:25:03 | 000,196,011 | ---- | M] () -- E:\billing 28.11.2013 - 27.12.2013.txt [2013-12-08 17:41:49 | 000,181,408 | ---- | M] () -- E:\billing 29.11-08.12.txt [2013-11-29 19:06:05 | 000,647,626 | ---- | M] () -- E:\billing 31.10.2013 - 29.11.2013.txt [2011-04-22 23:11:50 | 726,675,276 | ---- | M] () -- E:\cfy-newkids.avi [2011-04-25 23:59:46 | 000,032,634 | ---- | M] () -- E:\cfy-newkids.txt [2011-11-26 09:03:16 | 000,042,101 | ---- | M] () -- E:\Dawidkontakty_26.11.2011 [2012-11-02 09:56:54 | 000,000,680 | ---- | M] () -- E:\dedykacje.txt [2012-06-03 12:39:43 | 108,508,108 | ---- | M] () -- E:\F1 2012 Monaco GP Official race edit.mp4 [2012-07-23 18:23:49 | 017,532,198 | ---- | M] () -- E:\iCEnhancer2_1FINAL.zip [2011-07-01 18:45:10 | 000,000,198 | ---- | M] () -- E:\kod corel x4 video.txt [2013-12-12 18:01:19 | 000,011,007 | ---- | M] () -- E:\kontakty 07.12.2013 (2).txt [2013-12-12 18:01:19 | 000,011,007 | ---- | M] () -- E:\kontakty 07.12.2013.txt [2013-12-12 21:00:27 | 000,014,558 | ---- | M] () -- E:\kontakty 07.12.2013.txt.docx [2011-11-13 10:47:12 | 003,035,825 | ---- | M] () -- E:\livebox_USB_Vista_7_366825985.zip [2013-12-15 12:50:09 | 000,003,752 | ---- | M] () -- E:\MBAM.txt [2011-12-19 20:56:59 | 000,000,528 | R--- | M] () -- E:\MediaID.bin [2012-05-31 15:56:34 | 011,042,294 | ---- | M] () -- E:\Nie pomalujesz ! To je amelinium (Oryginał HD)~1.mp4 [2013-12-09 16:26:56 | 000,000,020 | ---- | M] () -- E:\nieznajomy 2.txt [2013-12-02 21:32:12 | 000,000,009 | ---- | M] () -- E:\nieznajomy.txt [2010-03-20 17:11:58 | 068,484,620 | ---- | M] () -- E:\Opel_Omega_B_sam_naprawiam.pdf [2012-11-07 19:30:03 | 155,786,365 | ---- | M] () -- E:\The_Origin_of_Battlefield_1942.pdf [2013-10-12 10:05:17 | 002,823,266 | ---- | M] () -- E:\trasa.png [2013-12-15 15:51:57 | 000,002,080 | ---- | M] () -- E:\ustawienia sim.txt [2012-02-27 16:56:16 | 000,023,055 | ---- | M] () -- E:\video.pass [2012-02-19 20:42:43 | 000,000,025 | ---- | M] () -- E:\wirus zawiecha.bat [2013-01-10 21:03:40 | 322,319,705 | ---- | M] () -- E:\[nvmovies][archiwum prywatne] tough night 12'_13'.mp4 [1 E:\*.tmp files -> E:\*.tmp -> ] < F:\*.* > < G:\*.* > < H:\*.* > < %ALLUSERSPROFILE%\Application Data\*. > < %APPDATA%\*. > [2012-05-05 12:49:30 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe [2012-04-22 10:11:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe Mini Bridge CS5 [2012-01-28 16:46:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe Mini Bridge CS5.1 [2014-02-10 20:34:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIMP3 [2012-02-22 14:36:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIWI [2013-11-02 14:26:13 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Apple Computer [2011-12-18 16:05:40 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ashampoo [2011-12-30 16:23:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ASUS WebStorage [2013-11-03 10:53:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Audacity [2013-06-29 23:33:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Autodesk [2012-06-02 12:27:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\BANDISOFT [2011-11-30 21:43:03 | 000,000,000 | R--D | M] -- C:\Users\Dawid\AppData\Roaming\Brother [2012-01-28 11:06:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\com.adobe.DC3Module.AdobeADC [2011-12-10 15:11:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Corel [2012-08-30 14:51:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CrystalIdea Software [2012-01-01 18:50:36 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CyberLink [2012-03-29 16:09:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Lite [2011-11-29 16:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Pro [2012-10-20 16:48:05 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dexpot [2014-02-04 09:17:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dropbox [2011-12-17 20:07:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DxO Labs [2012-01-22 19:10:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\e-pity [2012-01-14 19:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ESET [2012-06-09 16:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\EurekaLog [2012-01-27 18:40:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gadu-Gadu 10 [2012-05-15 16:55:28 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GanymedeNet [2014-01-19 20:19:29 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GG [2013-12-14 09:28:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gholam_Inc [2013-12-14 14:16:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\hdd_guardian [2012-05-02 10:34:16 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HDRsoft [2013-12-08 10:05:47 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HotSync [2011-11-29 15:51:59 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Identities [2011-11-29 16:01:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\InstallShield [2011-11-29 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Intel Corporation [2013-12-12 17:04:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IObit [2013-10-20 11:48:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ipla [2013-12-14 23:52:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IsolatedStorage [2012-04-06 12:04:43 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Leadertech [2013-12-14 18:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\LG Electronics [2011-11-29 17:46:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Macromedia [2013-12-12 19:45:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Malwarebytes [2011-04-12 14:32:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Media Center Programs [2013-12-23 10:37:25 | 000,000,000 | --SD | M] -- C:\Users\Dawid\AppData\Roaming\Microsoft [2014-01-27 21:30:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\MOBILedit [2012-06-10 20:05:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Mozilla [2012-12-10 18:29:23 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia [2012-12-10 18:22:52 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia Suite [2012-01-01 13:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nseries [2011-12-10 15:18:51 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\NVIDIA [2013-04-14 17:21:31 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nvu [2012-01-24 19:57:45 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\OpenFM [2013-07-16 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Origin [2011-12-17 20:06:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PACE Anti-Piracy [2012-01-19 19:15:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PC Suite [2013-12-24 18:44:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PearlMountain [2011-12-24 16:59:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Personal [2011-12-23 13:50:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PunkBuster [2012-04-02 21:38:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Rovio [2012-03-09 18:49:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\S.A.D [2011-12-10 19:08:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SecuROM [2014-02-11 10:23:58 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Skype [2013-10-18 17:12:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Softativity [2012-01-28 16:46:54 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-03-25 17:21:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SuperUtils.com [2013-12-07 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TeamViewer [2011-12-26 11:45:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Tific [2014-01-18 22:37:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TS3Client [2012-04-10 10:23:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ts3overlay [2012-07-08 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TSNotifier [2012-04-18 13:56:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TuneUp Software [2012-08-09 17:50:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\U3 [2012-06-07 17:35:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ubisoft [2011-12-10 15:19:39 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ulead Systems [2012-12-17 21:15:03 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\vlc [2012-06-17 13:50:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinAVI [2011-11-29 18:43:58 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinRAR < %SYSTEMDRIVE%\*. /mp /s > < MD5 for: AGP440.SYS > [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys < MD5 for: BEEP.SYS > [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys < MD5 for: EXPLORER.EXE > [2011-02-26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2012-02-27 16:40:42 | 000,004,608 | ---- | M] () MD5=181066E31AD20869CF049262A0DB0BC2 -- C:\Users\Dawid\AppData\Local\Xenocode\ApplianceCaches\GameCamV2.exe_v049D98E1\Native\STUBEXE\@SYSTEM@\explorer.exe [2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011-02-25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011-02-26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010-11-21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010-11-21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe < MD5 for: NTFS.SYS > [2010-11-21 04:23:55 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys [2011-03-11 07:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys [2011-03-11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys [2013-04-12 15:16:02 | 001,686,888 | ---- | M] (Microsoft Corporation) MD5=A6AE4551BF8EED09FA3B6FCDF472F3E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22297_none_04cd2f154ce71430\ntfs.sys [2013-04-12 15:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\SysNative\drivers\ntfs.sys [2013-04-12 15:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18127_none_048f41be3390b0cf\ntfs.sys < MD5 for: SVCHOST.EXE > [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2013-04-04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe [2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe [2009-07-14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe < MD5 for: USERINIT.EXE > [2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010-11-21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010-11-21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2013-04-04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < %systemroot%\system32\ws2_32.dll /md5 > [2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\system32\ws2_32.dll < %systemroot%\system32\kernel32.dll /md5 > [2013-08-02 02:50:41 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=365A5034093AD9E04F433046C4CDF6AB -- C:\Windows\system32\kernel32.dll < %systemroot%\system32\user32.dll /md5 > [2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\system32\user32.dll < %systemroot%\Tasks\*.* /lockedfiles > [2014-01-30 14:18:12 | 000,032,608 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Restore Points Found ========== ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\Users\All Users] -> -> Unknown point type ========== Alternate Data Streams ========== @Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences @Alternate Data Stream - 117 bytes -> C:\Users\All Users\Temp:1C209B86 @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:1C209B86 < End of report > [/log] Extras [log]OTL Extras logfile created on: 2014-02-11 10:24:19 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dawid\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 4,75 Gb Available Physical Memory | 59,55% Memory free 15,96 Gb Paging File | 12,05 Gb Available in Paging File | 75,53% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 155,25 Gb Total Space | 18,09 Gb Free Space | 11,65% Space Free | Partition Type: NTFS Drive D: | 155,16 Gb Total Space | 31,33 Gb Free Space | 20,19% Space Free | Partition Type: NTFS Drive E: | 155,25 Gb Total Space | 19,02 Gb Free Space | 12,25% Space Free | Partition Type: NTFS Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{067202FA-FB20-4EB7-989C-3859D15A1A09}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{08617120-8914-4034-81A7-07F0E96341F7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0A0401B9-7C28-4978-92A1-F1C0DAB985F4}" = rport=137 | protocol=17 | dir=out | app=system | "{0C2D0C78-D8C8-44CF-A1A2-5238B6DA2BC9}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{15026F90-DF7B-4407-8E41-D8144DD71D21}" = lport=139 | protocol=6 | dir=in | app=system | "{1DF44B3D-2AEC-4987-8985-BC178E1854E6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{2056652C-64D8-406A-833D-6C60F4CAD105}" = lport=445 | protocol=6 | dir=in | app=system | "{34F6984E-9E3A-4CA0-AB14-89BFEB84E13B}" = rport=138 | protocol=17 | dir=out | app=system | "{455C4DD2-462D-41A9-B20B-8BB1CF806EC9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{55D70FE6-9318-4287-97A0-41A1C845C476}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{69ED7FA8-A8E7-4770-A760-869558C00481}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{6E8A9786-641D-4CEB-89C0-A492DAB26BDB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{72190C1D-61E2-4C6C-88ED-2D2E0504770D}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service | "{7508478E-8008-474A-889D-16DD679EFFDB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{84F9193D-E4CC-48B9-B414-FAEE61C4743E}" = lport=10243 | protocol=6 | dir=in | app=system | "{8E8809CC-569C-4C58-9627-B36CD5BF1BBA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{940EE33A-50AB-4FD8-B12B-EC21CF159CE4}" = lport=137 | protocol=17 | dir=in | app=system | "{945C2275-D6D1-4012-9150-946901ED2278}" = lport=2869 | protocol=6 | dir=in | app=system | "{95285DB7-1613-446F-8431-25FABB39FD48}" = rport=139 | protocol=6 | dir=out | app=system | "{98F4E4AC-F703-4428-A545-D1E34715706D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{AC8948A1-102B-4E2F-AB51-3CB8C250D943}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C3593B60-2EE2-451B-BF16-5A5B5DA71575}" = rport=10243 | protocol=6 | dir=out | app=system | "{D38BC28C-53D5-4F97-A114-10921CE535E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E046E66E-2BA8-47E7-B241-14FB35D31792}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E16E2025-DAC2-4C81-A49F-A1F5AA7A7287}" = rport=445 | protocol=6 | dir=out | app=system | "{EDBC7A31-AD62-4076-8BDB-9C8A88A78691}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F65A4E17-26ED-4A02-AE9C-D2CE5AF2349B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{FA020FF2-3D82-4E52-A80C-B12396CD4BCC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FF2A64AB-D235-418C-8078-A91BC721692B}" = lport=138 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0994B7F4-A440-43F3-A425-F5FB71A3C646}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{11AFD906-3D0C-4529-B2F7-E96D329F44D6}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{1547B707-677E-423F-963C-1BCD7E6ECA49}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{155B3876-96A3-4635-A945-41CBC093DA96}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{17408F70-A0BE-47E6-821B-4C78EF466E5D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{1923B629-1606-475F-8A22-4543D60282AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1BDBDD68-5592-481E-B245-B6EBE8125D51}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{211AC75A-4C3C-4AB0-B157-D032317CE3BC}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe | "{268D7F68-795E-4EDF-A3D0-38024AB63B31}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{27792FA4-ED21-426D-8B4A-07B6441308A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{314633D4-3B56-4999-B903-DE7D7749B1EF}" = protocol=17 | dir=in | app=c:\users\dawid\desktop\autocad_2014_polish_win_32-64bit_wi_pl-pl_setup(1).exe | "{349F502C-C633-4EF7-981D-8680E3DB882F}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{37B31DAF-F223-415F-B3BC-ABFC680CFF05}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{39BEEA53-78C3-4308-9752-8752A39A5F81}" = protocol=6 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe | "{3E582B93-96E3-4EBD-88BA-4F2D7136CBFD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3E5E3B04-9BB5-4D30-A074-CC4FE5E90979}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4B514292-0C6E-4BDC-9689-3DD074FCDCC5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{4D428C51-2BEE-4066-A114-0649CA63A237}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5329B928-7976-48ED-90ED-2111BD0BC075}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe | "{54E557F5-7305-41C0-88C4-2CD09C411590}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{557A165E-8394-4329-8B79-54D0E4E1635E}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{5860B855-191C-421A-BE61-3856368EC406}" = protocol=6 | dir=out | app=system | "{5E208D2A-D49F-428F-BEBC-62F13AA8DF47}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{5FC06493-E879-49B3-B8AF-70FB206C8244}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe | "{5FF66FF0-99C5-4943-868B-9B1D4DC5BCBF}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe | "{69CF4335-01A6-4CED-97E7-F5A2F4A035AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6A916F85-06B8-4F93-862B-CBADCBAC8B37}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{6BC4FC3B-0055-451D-B0F1-1CA4354C3430}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{6BD161BB-80B2-419A-84A0-C3DD6A2D53BA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{6FE05B75-77B9-4AC4-B3CF-73127C628181}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{71B4DF4C-E5F5-490B-A14B-528DB99F2FAB}" = protocol=6 | dir=in | app=c:\users\dawid\desktop\autocad_2014_polish_win_32-64bit_wi_pl-pl_setup(1).exe | "{72A68625-7110-4C80-A9B4-3A29FD75A4BD}" = dir=out | app=%programfiles%\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe | "{7540C063-5F62-4114-963B-03F2A6B3DCB6}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "{7B48A4C2-5C13-41CF-9322-08B5F2005FFA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{7D0F0EB6-7DE4-4730-8A84-14A0C5FB9B5A}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe | "{804FCF24-CAF3-4EEE-9855-DC1777C862BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{81050B87-9B31-4BBE-862A-A0A0EEE91FA1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{82D90AD8-4023-44BE-A944-68D354B1CF37}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{856CCCDB-3FFA-4BC1-BF20-2E4C24F60028}" = protocol=6 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe | "{886950DC-2A5F-465E-9FCA-C70D06C22D15}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8CF69D1F-1869-427D-A08B-1789CAAFF66C}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | "{918512A2-A5F4-46CC-8F48-9FE8DAEAC9F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{972012F9-A2E9-4486-A0C6-CD8296E06ACF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{A3B4FACB-2D8B-4947-BB51-F25C51C631DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{A6B25DF3-55A1-4EDA-9A0F-18AA6D2B17AC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{AA197DE7-2835-45D7-9199-51F1638D6F6F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{AC56FB77-6D62-40F8-89DC-6ED0EE5A99DA}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | "{ADB91B4E-26E2-4614-A154-E5391E0DE910}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{AF240F08-E43F-4284-9E1A-CDE86C3473A0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B08BF8EF-0172-405D-B245-493336237DF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B65E9A0B-01F4-4838-822C-32C66F19176E}" = protocol=17 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe | "{BDC8AED4-5753-4AF2-A3F1-A6C8EB066D35}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{C5A4A066-BCFA-4A67-AAFA-68CE3BE34B3B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{C9B3ADEC-EFED-462B-B888-1152FE7B5DF1}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe | "{D9A4E547-A2FA-4A47-B920-4A6050FB4DEF}" = dir=in | app=%programfiles%\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe | "{DA3FE40C-A3A2-4573-8984-B14BB46C3162}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{DB6C9C1C-1AA6-43EB-9EAE-BDA940C38114}" = protocol=17 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe | "{DBAFEFB0-F5C7-465D-BD9C-D72E7BEE9E38}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DBCB690B-0D26-4EE8-8CD1-F916EC209E31}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleil_.exe | "{E23BF599-26BB-4BA7-86D7-38FCD4658758}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | "{E2D3E600-3393-469C-BD1C-8523FB809ADF}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "{E506569D-F227-406C-891D-7A8DA3F00761}" = dir=in | app=%userprofile%\desktop\autocad_2014_polish_win_32-64bit_wi_pl-pl_setup(1).exe | "{EA8AB3D3-CE48-4B25-AE67-461BC640B2CA}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{EB0F49C9-F2CE-4318-836B-C6031828F82B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F24E0B31-0810-4AF2-9C22-CD751D32D5D8}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleil_.exe | "{F86C79D9-F2E2-4A38-8AF1-C7D7CF073B71}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | "{FE95D3EE-2BD6-4AB6-A481-1821AD85F5AE}" = dir=in | app=c:\users\dawid\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{FF1FDAEF-4032-4CAF-A83E-90BB02BC901D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{20E5E139-277F-4FE3-BD6A-9B8FAEF19923}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "TCP Query User{31A581B6-EDDF-48A9-9744-9A780BDC3A47}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{4E045403-787D-4FA4-9FC1-6EE89CA8F79C}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "TCP Query User{FA13BBD2-A698-4B79-A13D-76D8131243F1}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "TCP Query User{FFD469CF-B67B-4D9E-BEB4-3E4C06DB7E4F}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe | "UDP Query User{0D693FB2-E70D-4B2C-B438-406442314D17}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe | "UDP Query User{4A72E3D2-B3EB-4A99-99B1-868AFC15C286}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{6611A0CD-E5E2-420C-9591-EC9600EA206F}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "UDP Query User{78DEA512-3DC6-4CDD-8422-12AACEC967A7}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{AF5EAD91-35EB-4B38-9D64-F1886ACE2EAD}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 "{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap "{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English "{33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}" = ESET Smart Security "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{3DCF00F5-04A5-4543-A088-70548081120E}_is1" = Compiled Driver Disc (Full) 1.0 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK) "{48BB9EBA-C929-4D7E-AF43-21B4427373EB}" = AIWI JoyStick "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360 "{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish) "{5783F2D7-D001-0415-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack – Polski (Polish) "{5783F2D7-D001-0415-2102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{669A82E0-43E2-4645-8A2E-1A3DE78F8312}" = Adobe Photoshop Lightroom 4 64-bit "{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64 "{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 331.82 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.7.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 9.3.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 9.3.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.9 "{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour "{C7966AB3-A8D9-48D5-B7DF-922674C40098}" = Device Simulation Framework 1.0.1 "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) "Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro 8.0 "AutoCAD 2014 — Polski (Polish)" = Autodesk AutoCAD 2014 — Polski (Polish) "Autodesk ReCap" = Autodesk ReCap "AutoHotkey" = AutoHotkey 1.1.13.01 "BurnInTest_is1" = BurnInTest v7.1 Pro "CCleaner" = CCleaner "CPUID HWMonitor_is1" = CPUID HWMonitor 1.24 "CyberGhost VPN_is1" = CyberGhost VPN Patch 4.7.19 "JottiQSetup_is1" = JottiQ v1.0.2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "TNod" = TNod User & Password Finder "WinRAR archiver" = WinRAR 4.11 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.5.0 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{266725C1-716F-43AC-BBFB-4201131ED656}" = EasySetPackage "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker "{2E6044C5-3495-485F-91BC-46D1B6430E51}" = Windows 7 Logon Background Changer "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic "{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{3F6C0B68-F8CC-4F6A-8346-44E247A92CB6}_is1" = Multi AV wersja 1.0.1 "{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT) "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C35E42C-98B4-4A82-87C7-8E73FBDDFBCC}" = AIMP2 MegaPack v6 by UppeD "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11 "{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014 "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8303}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8304}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8305}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8306}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8307}" = Grand Theft Auto IV "{55031CEF-CE75-4A5C-8DEA-60577820529B}" = LG United Mobile Drivers "{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}" = TS Notifier "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Oprogramowanie "{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service "{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014 "{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014 "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution "{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7C4F2AE9-4D57-4A5D-B20A-B52DC24EC953}_is1" = Counter-Strike 1.6 v40 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit) "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}" = Machinery DEMO "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447 "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{8F196892-666A-4A40-8587-6AE38F78A5C2}" = FARO LS 1.1.501.0 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}" = Microsoft Keyboard Layout Creator 1.4 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 "{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite "{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro "{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A864167F-970B-4673-8FD2-AA1FD7AF3C1C}" = DxO Optics Pro 7 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common "{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro "{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}" = Speed-Link SL-6535 USB Pad "{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI "{B4008666-3C27-4B67-9D89-80B4E31FA685}" = Paraben's Device Seizure "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share "{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO "{C547F361-5750-4CD1-9FB6-BC93827CB6C1}" = RegCure Pro "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint "{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM "{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1" = MOBILedit! Enterprise ver. 7.5.0.4173 "{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}" = Disk Unlocker "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F40963EC-223E-4E65-8CF0-A60E9A227245}_is1" = Prawo Jazdy ABCDT - egzamin wewnętrzny "{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps "{FA1BD6B7-9740-4C9A-81EA-42D5196FA592}" = Angry Birds Space "{FC274982-5AAD-4C20-848D-A9D60D18D757}_is1" = ScanMyReg 2.02 "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Advanced SystemCare 7_is1" = Advanced SystemCare 7 "Afterburner" = MSI Afterburner 2.3.1 "AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.30 "AIMP3" = AIMP3 "AQQ" = WapSter AQQ "Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15 "Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3 v.3.20 "Ashampoo Snap 4_is1" = Ashampoo Snap 4 v.4.3.0 "ASUS WebStorage" = ASUS WebStorage "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode) "Audacity_is1" = Audacity 2.0.4 "Autodesk Content Service" = Autodesk Content Service "Battlelog Web Plugins" = Battlelog Web Plugins "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DAEMON Tools Lite" = DAEMON Tools Lite "DFX for AIMP2 1.2.5" = DFX for AIMP2 1.2.5 "easyHDR_BASIC_2" = easyHDR BASIC 2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "ESN Sonar-0.70.4" = ESN Sonar "ExifCleaner" = ExifCleaner 1.7 "FormatFactory" = FormatFactory 3.0.1 "FotoSender_is1" = FotoSender 3.0 "Fraps" = Fraps (remove only) "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Google Chrome" = Google Chrome "HD Tune Pro_is1" = HD Tune Pro 3.00 "Image Grabber II" = Image Grabber II "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go "InstallShield_{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint "IObit Malware Fighter_is1" = IObit Malware Fighter "IObit Surfing Protection_is1" = Surfing Protection "IObitUninstall" = IObit Uninstaller "ipla" = ipla 2.6.2 "JDownloader" = JDownloader "jv16 PowerTools_is1" = jv16 PowerTools 1.3 "KLiteCodecPack_is1" = K-Lite Codec Pack 10.0.5 Full "Komputer Świat Plus_is1" = Komputer Świat Plus "LAME for Audacity_is1" = LAME v3.98.2 for Audacity "LAME_is1" = LAME v3.99.3 (for Windows) "LG PC Suite" = LG PC Suite "Lightning_is1" = Lightning "Liveupdate4_is1" = Liveupdate4 "Logitech Vid" = Logitech Vid HD "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300 "Mozilla Firefox 24.0 (x86 pl)" = Mozilla Firefox 24.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Nokia Suite" = Nokia Suite "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Nvu_is1" = Nvu 1.0 "OCCT" = OCCT 4.2.0 "Origin" = Origin "PC Alert 4" = PC Alert 4 "PowerISO" = PowerISO "Protected Folder_is1" = Protected Folder "PunkBusterSvc" = PunkBuster Services "Silver Efex Pro 2" = Silver Efex Pro 2 "SM7192" = USB Cobra Joystick V4 "SystemRequirementsLab" = System Requirements Lab "TeamViewer 8" = TeamViewer 8 "The KMPlayer" = The KMPlayer (remove only) "Undelete 360_is1" = Undelete 360 "Uninstall Tool_is1" = Uninstall Tool "Uplay" = Uplay "Uplay Install 273" = Assassin's Creed IV Black Flag "VCardExport_is1" = VCardExportTool "Visual Watermark_is1" = Visual Watermark 2.9.30 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite" = Podstawowe programy Windows Live "WinRAR archiver" = WinRAR archiver ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "Dexpot" = Dexpot "Flux" = f.lux "GG" = GG "KeyTurion" = KeyTurion version 2.8 "Polska lokalizacja Lightroom 4" = Polska lokalizacja Lightroom 4 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2014-02-09 13:40:32 | Computer Name = Dawid-Komputer | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 10031 Error - 2014-02-09 13:40:32 | Computer Name = Dawid-Komputer | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 10031 Error - 2014-02-09 13:40:33 | Computer Name = Dawid-Komputer | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 2014-02-09 13:40:33 | Computer Name = Dawid-Komputer | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 11030 Error - 2014-02-09 13:40:33 | Computer Name = Dawid-Komputer | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 11030 Error - 2014-02-10 05:15:56 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-02-10 05:15:56 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-02-10 05:17:01 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-02-11 04:40:50 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-02-11 04:40:50 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-02-11 04:41:59 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 2012-01-10 12:31:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:31:51 - Błąd podczas nawiązywania połączenia z Internetem. 17:31:51 - Nie można skontaktować się z serwerem.. Error - 2012-01-10 12:31:59 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:31:56 - Błąd podczas nawiązywania połączenia z Internetem. 17:31:56 - Nie można skontaktować się z serwerem.. Error - 2012-01-11 13:15:09 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 18:15:09 - Błąd podczas nawiązywania połączenia z Internetem. 18:15:09 - Nie można skontaktować się z serwerem.. Error - 2012-01-11 13:15:17 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 18:15:14 - Błąd podczas nawiązywania połączenia z Internetem. 18:15:14 - Nie można skontaktować się z serwerem.. Error - 2012-01-12 12:01:15 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:01:15 - Błąd podczas nawiązywania połączenia z Internetem. 17:01:15 - Nie można skontaktować się z serwerem.. Error - 2012-01-12 12:01:24 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:01:20 - Błąd podczas nawiązywania połączenia z Internetem. 17:01:20 - Nie można skontaktować się z serwerem.. Error - 2012-01-13 11:45:32 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 16:45:32 - Błąd podczas nawiązywania połączenia z Internetem. 16:45:32 - Nie można skontaktować się z serwerem.. Error - 2012-01-13 11:45:42 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 16:45:37 - Błąd podczas nawiązywania połączenia z Internetem. 16:45:37 - Nie można skontaktować się z serwerem.. Error - 2012-01-14 10:05:39 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 15:05:39 - Błąd podczas nawiązywania połączenia z Internetem. 15:05:39 - Nie można skontaktować się z serwerem.. Error - 2012-01-14 10:05:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 15:05:47 - Błąd podczas nawiązywania połączenia z Internetem. 15:05:47 - Nie można skontaktować się z serwerem.. [ OSession Events ] Error - 2014-01-06 11:09:30 | Computer Name = Dawid-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 2014-02-09 06:24:03 | Computer Name = Dawid-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 11:22:08 na ?2014-?02-?09 było nieoczekiwane. Error - 2014-02-09 06:24:49 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: BTHidMgr Error - 2014-02-09 06:25:57 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2014-02-09 15:34:47 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2014-02-10 05:15:48 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: BTHidMgr Error - 2014-02-10 05:55:03 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2014-02-10 09:01:56 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2014-02-10 12:53:46 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2014-02-11 04:40:40 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: BTHidMgr Error - 2014-02-11 04:48:40 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 < End of report > [/log] Gmer [log]GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2014-02-11 10:50:22 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB Running: gmer.exe; Driver: C:\Users\Dawid\AppData\Local\Temp\awddikob.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\Windows\System32\win32k.sys!W32pServiceTable fffff960000f3e00 7 bytes [00, 96, F3, FF, 01, A1, F0] .text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff960000f3e08 3 bytes [C0, 06, 02] .text ... * 102 .text C:\Windows\System32\win32k.sys!EngFindResource + 832 fffff960001bde20 14 bytes {JMP QWORD [RIP+0x0]} .text C:\Windows\System32\win32k.sys!XFORMOBJ_bApplyXform + 404 fffff96000218640 14 bytes {JMP QWORD [RIP+0x0]} ---- User code sections - GMER 2.1 ---- .text C:\Windows\system32\wininit.exe[736] C:\Windows\SYSTEM32\ntdll.dll!NtCreateProcessEx 00000000771e1780 5 bytes [FF, 25, 6D, 14, 00] .text C:\Windows\system32\wininit.exe[736] C:\Windows\SYSTEM32\ntdll.dll!NtCreateProcess 00000000771e1cd0 5 bytes [FF, 25, 15, 0F, 00] .text C:\Windows\system32\wininit.exe[736] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 00000000771e1d80 5 bytes [FF, 25, E1, 10, 00] .text C:\Windows\system32\wininit.exe[736] C:\Windows\SYSTEM32\ntdll.dll!NtWorkerFactoryWorkerReady + 11 00000000771e2beb 16 bytes [D0, E2, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\wininit.exe[736] C:\Windows\SYSTEM32\ntdll.dll!RtlZeroMemory + 7 00000000771e2e67 8 bytes {JMP 0x2b} .text C:\Windows\system32\wininit.exe[736] C:\Windows\system32\USER32.dll!UnregisterClassW + 212 000000007709d538 14 bytes [30, E0, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\wininit.exe[736] C:\Windows\system32\USER32.dll!SetWindowPos 00000000770a3c50 6 bytes {JMP QWORD [RIP+0xa0]} .text C:\Windows\system32\wininit.exe[736] C:\Windows\system32\USER32.dll!SetWindowPos + 166 00000000770a3cf6 8 bytes [A0, E0, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\wininit.exe[736] C:\Windows\system32\USER32.dll!mouse_event + 212 00000000770b3968 14 bytes {AND CL, 0xf1; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]} .text C:\Windows\system32\wininit.exe[736] C:\Windows\system32\USER32.dll!VkKeyScanW + 20 00000000770e06f8 14 bytes {LOOPZ 0xfffffffffffffff4; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]} .text C:\Windows\system32\services.exe[800] C:\Windows\SYSTEM32\ntdll.dll!NtCreateProcessEx 00000000771e1780 5 bytes [FF, 25, 6D, 14, 00] .text C:\Windows\system32\services.exe[800] C:\Windows\SYSTEM32\ntdll.dll!NtCreateProcess 00000000771e1cd0 5 bytes [FF, 25, 15, 0F, 00] .text C:\Windows\system32\services.exe[800] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 00000000771e1d80 5 bytes [FF, 25, E1, 10, 00] .text C:\Windows\system32\services.exe[800] C:\Windows\SYSTEM32\ntdll.dll!NtWorkerFactoryWorkerReady + 11 00000000771e2beb 16 bytes [D0, E2, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\services.exe[800] C:\Windows\SYSTEM32\ntdll.dll!RtlZeroMemory + 7 00000000771e2e67 8 bytes {JMP 0x2b} .text C:\Windows\system32\services.exe[800] C:\Windows\system32\USER32.dll!UnregisterClassW + 212 000000007709d538 14 bytes [30, E0, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\services.exe[800] C:\Windows\system32\USER32.dll!SetWindowPos 00000000770a3c50 6 bytes {JMP QWORD [RIP+0xa0]} .text C:\Windows\system32\services.exe[800] C:\Windows\system32\USER32.dll!SetWindowPos + 166 00000000770a3cf6 8 bytes [A0, E0, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\services.exe[800] C:\Windows\system32\USER32.dll!mouse_event + 212 00000000770b3968 14 bytes {AND CL, 0xf1; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]} .text C:\Windows\system32\services.exe[800] C:\Windows\system32\USER32.dll!VkKeyScanW + 20 00000000770e06f8 14 bytes {LOOPZ 0xfffffffffffffff4; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]} .text C:\Windows\system32\winlogon.exe[836] C:\Windows\system32\USER32.dll!UnregisterClassW + 212 000000007709d538 14 bytes [30, E0, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\winlogon.exe[836] C:\Windows\system32\USER32.dll!SetWindowPos 00000000770a3c50 6 bytes {JMP QWORD [RIP+0xa0]} .text C:\Windows\system32\winlogon.exe[836] C:\Windows\system32\USER32.dll!SetWindowPos + 166 00000000770a3cf6 8 bytes [A0, E0, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\winlogon.exe[836] C:\Windows\system32\USER32.dll!mouse_event + 212 00000000770b3968 14 bytes {AND CL, 0xf1; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]} .text C:\Windows\system32\winlogon.exe[836] C:\Windows\system32\USER32.dll!VkKeyScanW + 20 00000000770e06f8 14 bytes {LOOPZ 0xfffffffffffffff4; CLD ; INC BYTE [RDI]; ADD [RAX], AL; JMP QWORD [RIP-0xe]} .text C:\Windows\system32\svchost.exe[976] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExW + 17 0000000076e91401 2 bytes JMP 000000010779a47c .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!EnumProcessModules + 17 0000000076e91419 2 bytes JMP 000000010779a494 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 17 0000000076e91431 2 bytes JMP 000000010779a4ac .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 42 0000000076e9144a 2 bytes JMP 0000000076f5fcc5 .text ... * 9 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!EnumDeviceDrivers + 17 0000000076e914dd 2 bytes JMP 000000010779a558 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameA + 17 0000000076e914f5 2 bytes JMP 000000010779a570 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSetEx + 17 0000000076e9150d 2 bytes JMP 000000010779a588 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameW + 17 0000000076e91525 2 bytes JMP 000000010779a5a0 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameW + 17 0000000076e9153d 2 bytes JMP 000000010779a5b8 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!EnumProcesses + 17 0000000076e91555 2 bytes JMP 000000010779a5d0 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetProcessMemoryInfo + 17 0000000076e9156d 2 bytes JMP 000000010779a5e8 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetPerformanceInfo + 17 0000000076e91585 2 bytes JMP 000000010779a600 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSet + 17 0000000076e9159d 2 bytes JMP 000000010779a618 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameA + 17 0000000076e915b5 2 bytes JMP 000000010779a630 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExA + 17 0000000076e915cd 2 bytes JMP 000000015d37ce48 .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 20 0000000076e916b2 2 bytes JMP 000000010779a72d .text C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe[116] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 31 0000000076e916bd 2 bytes JMP 000000010779a738 .text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[648] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[648] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[648] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[648] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Windows\system32\svchost.exe[852] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Windows\System32\svchost.exe[1100] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Windows\System32\svchost.exe[1136] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\svchost.exe[1176] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\svchost.exe[1200] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1236] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1236] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1236] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1236] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Windows\system32\svchost.exe[1352] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\svchost.exe[1496] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\svchost.exe[1752] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Windows\system32\svchost.exe[1788] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe[1964] C:\Windows\system32\kernel32.dll!FindResourceW + 24 0000000076f89b78 14 bytes [00, F6, A9, 3F, 01, 00, 00, ...] .text C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe[1456] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe[1456] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe[1456] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe[1456] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe[1916] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 0000000100a20268 .text C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe[1916] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 0000000100a2023c .text C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe[1916] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 0000000100a202ec .text C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe[1916] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 0000000100a202c0 .text C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe[1164] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001009c0268 .text C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe[1164] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001009c023c .text C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe[1164] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001009c02ec .text C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe[1164] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001009c02c0 .text C:\Program Files (x86)\Bonjour\mDNSResponder.exe[1928] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\Bonjour\mDNSResponder.exe[1928] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\Bonjour\mDNSResponder.exe[1928] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\Bonjour\mDNSResponder.exe[1928] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Windows\system32\svchost.exe[2080] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000076cf8769 4 bytes [C2, 04, 00, 00] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076e91401 2 bytes JMP 000000010779a47c .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076e91419 2 bytes JMP 000000010779a494 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076e91431 2 bytes JMP 000000010779a4ac .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076e9144a 2 bytes JMP 0000000076f5fcc5 .text ... * 9 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076e914dd 2 bytes JMP 000000010779a558 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076e914f5 2 bytes JMP 000000010779a570 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076e9150d 2 bytes JMP 000000010779a588 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076e91525 2 bytes JMP 000000010779a5a0 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076e9153d 2 bytes JMP 000000010779a5b8 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076e91555 2 bytes JMP 000000010779a5d0 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076e9156d 2 bytes JMP 000000010779a5e8 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076e91585 2 bytes JMP 000000010779a600 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076e9159d 2 bytes JMP 000000010779a618 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076e915b5 2 bytes JMP 000000010779a630 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076e915cd 2 bytes JMP 000000015d37ce48 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076e916b2 2 bytes JMP 000000010779a72d .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2112] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076e916bd 2 bytes JMP 000000010779a738 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e91401 2 bytes JMP 000000010779a47c .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e91419 2 bytes JMP 000000010779a494 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e91431 2 bytes JMP 000000010779a4ac .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e9144a 2 bytes JMP 0000000076f5fcc5 .text ... * 9 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e914dd 2 bytes JMP 000000010779a558 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e914f5 2 bytes JMP 000000010779a570 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e9150d 2 bytes JMP 000000010779a588 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e91525 2 bytes JMP 000000010779a5a0 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e9153d 2 bytes JMP 000000010779a5b8 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e91555 2 bytes JMP 000000010779a5d0 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e9156d 2 bytes JMP 000000010779a5e8 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e91585 2 bytes JMP 000000010779a600 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e9159d 2 bytes JMP 000000010779a618 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e915b5 2 bytes JMP 000000010779a630 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e915cd 2 bytes JMP 000000015d37ce48 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e916b2 2 bytes JMP 000000010779a72d .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e916bd 2 bytes JMP 000000010779a738 .text C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe[2280] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe[2280] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe[2280] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe[2280] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe[2316] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe[2316] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe[2316] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe[2316] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e91401 2 bytes JMP 000000010779a47c .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e91419 2 bytes JMP 000000010779a494 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e91431 2 bytes JMP 000000010779a4ac .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e9144a 2 bytes JMP 0000000076f5fcc5 .text ... * 9 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e914dd 2 bytes JMP 000000010779a558 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e914f5 2 bytes JMP 000000010779a570 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e9150d 2 bytes JMP 000000010779a588 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e91525 2 bytes JMP 000000010779a5a0 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e9153d 2 bytes JMP 000000010779a5b8 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e91555 2 bytes JMP 000000010779a5d0 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e9156d 2 bytes JMP 000000010779a5e8 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e91585 2 bytes JMP 000000010779a600 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e9159d 2 bytes JMP 000000010779a618 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e915b5 2 bytes JMP 000000010779a630 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e915cd 2 bytes JMP 000000015d37ce48 .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e916b2 2 bytes JMP 000000010779a72d .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe[2400] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e916bd 2 bytes JMP 000000010779a738 .text C:\Windows\SysWOW64\nlssrv32.exe[2424] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Windows\SysWOW64\nlssrv32.exe[2424] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Windows\SysWOW64\nlssrv32.exe[2424] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Windows\SysWOW64\nlssrv32.exe[2424] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e91401 2 bytes JMP 000000010779a47c .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e91419 2 bytes JMP 000000010779a494 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e91431 2 bytes JMP 000000010779a4ac .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e9144a 2 bytes JMP 0000000076f5fcc5 .text ... * 9 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e914dd 2 bytes JMP 000000010779a558 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e914f5 2 bytes JMP 000000010779a570 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e9150d 2 bytes JMP 000000010779a588 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e91525 2 bytes JMP 000000010779a5a0 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e9153d 2 bytes JMP 000000010779a5b8 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e91555 2 bytes JMP 000000010779a5d0 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e9156d 2 bytes JMP 000000010779a5e8 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e91585 2 bytes JMP 000000010779a600 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e9159d 2 bytes JMP 000000010779a618 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e915b5 2 bytes JMP 000000010779a630 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e915cd 2 bytes JMP 000000015d37ce48 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e916b2 2 bytes JMP 000000010779a72d .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2560] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e916bd 2 bytes JMP 000000010779a738 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000074c81a22 2 bytes [C8, 74] .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000074c81ad0 2 bytes [C8, 74] .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000074c81b08 2 bytes [C8, 74] .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000074c81bba 2 bytes [C8, 74] .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000074c81bda 2 bytes [C8, 74] .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e91401 2 bytes JMP 000000010779a47c .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e91419 2 bytes JMP 000000010779a494 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e91431 2 bytes JMP 000000010779a4ac .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e9144a 2 bytes JMP 0000000076f5fcc5 .text ... * 9 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e914dd 2 bytes JMP 000000010779a558 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e914f5 2 bytes JMP 000000010779a570 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e9150d 2 bytes JMP 000000010779a588 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e91525 2 bytes JMP 000000010779a5a0 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e9153d 2 bytes JMP 000000010779a5b8 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e91555 2 bytes JMP 000000010779a5d0 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e9156d 2 bytes JMP 000000010779a5e8 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e91585 2 bytes JMP 000000010779a600 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e9159d 2 bytes JMP 000000010779a618 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e915b5 2 bytes JMP 000000010779a630 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e915cd 2 bytes JMP 000000015d37ce48 .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e916b2 2 bytes JMP 000000010779a72d .text C:\Windows\SysWOW64\PnkBstrA.exe[2676] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e916bd 2 bytes JMP 000000010779a738 .text c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2792] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2792] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2792] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[2792] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe[3060] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe[3060] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe[3060] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe[3060] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Windows\system32\svchost.exe[3724] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes [60, E2, F1, FC, FE, 07, 00, ...] .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3228] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3228] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3228] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3228] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe[948] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUnicodeStringFromAsciiz + 808 00000000771b7ab8 14 bytes {SUB BYTE [RAX], 0x34; ADD [RAX], EAX; ADD [RAX], AL; JMP QWORD [RIP-0xe]} .text C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe[948] C:\Windows\system32\kernel32.dll!FindResourceW + 24 0000000076f89b78 14 bytes {XOR AL, 0x40; ADD [RAX], EAX; ADD [RAX], AL; JMP QWORD [RIP-0xe]} .text C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe[4412] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe[4412] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe[4412] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe[4412] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 .text C:\Users\Dawid\Desktop\gmer.exe[5736] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000076b58e4e 5 bytes JMP 00000001100c0268 .text C:\Users\Dawid\Desktop\gmer.exe[5736] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 0000000076b7f170 5 bytes JMP 00000001100c023c .text C:\Users\Dawid\Desktop\gmer.exe[5736] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExW 0000000076ba07d7 5 bytes JMP 00000001100c02ec .text C:\Users\Dawid\Desktop\gmer.exe[5736] C:\Windows\syswow64\USER32.dll!ChangeDisplaySettingsExA 0000000076bb6da0 5 bytes JMP 00000001100c02c0 ---- Threads - GMER 2.1 ---- Thread System [4:484] fffffa800bb1c4b0 Thread C:\Windows\System32\svchost.exe [2820:3908] 000007fef63f9688 Thread [4624:4928] 000000005983435c Thread [4624:4964] 00000000704c786a Thread [4624:4148] 00000000773c2e65 Thread [4624:4252] 000000005983d578 Thread C:\Windows\SysWOW64\ntdll.dll [4888:4892] 00000000013cf0ae Thread C:\Windows\SysWOW64\ntdll.dll [4888:4972] 00000000704c786a ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158315a310 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00158315a310@5c57c848c229 0xF4 0x46 0x49 0xF4 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158315a310 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00158315a310@5c57c848c229 0xF4 0x46 0x49 0xF4 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2}@jakcjdklmejkincploba 0x62 0x61 0x66 0x65 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2}@jakcjdklmejkincplofa 0x62 0x61 0x68 0x65 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@jamhbmaoceodkhbochia 0x62 0x61 0x6A 0x69 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@iamgmcekjdkjbknegc 0x6B 0x61 0x62 0x6B ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@jamhbmaoceodkhbochmp 0x62 0x61 0x61 0x6B ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@haaifjjkgcfhlmai 0x70 0x61 0x70 0x68 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@japhoiniofgaomhkilij 0x64 0x62 0x61 0x6B ... Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Dawid\AppData\Local\Logitech\xae Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe 1 ---- EOF - GMER 2.1 ---- [/log]
Zayfi komentarz 11 lutego 2014 komentarz 11 lutego 2014 Ten temat nie ma związku z infekcją. Na początek odinstaluj: Asus WebStorage IObit Malware Fighter_is1" = IObit Malware Fighter" IObit Surfing Protection_is1" = Surfing Protection "IObitUninstall" = IObit Uninstaller Format factory
Dawid_Dj komentarz 11 lutego 2014 Autor komentarz 11 lutego 2014 Odinstalowane. Po co mialem to zrobic? Format Factory zostawilem.
Zayfi komentarz 11 lutego 2014 komentarz 11 lutego 2014 Po co mialem to zrobic? A po co dałeś logi do sprawdzenia? Opisałeś problem?
Dawid_Dj komentarz 11 lutego 2014 Autor komentarz 11 lutego 2014 (edytowane) Tak jak w tamtym temacie. Po pewnym czasie korzystania z internetu system mi sie przycina a pozniej zawiesza i musze skorzystac z resetu. Przy chromie (jak narazie) przycina sie rzadziej niz przy firefoxie. edit: Nie moge odinstalowac firefoxa i nie wiem dlaczego. Nic sie nie dzieje. Edytowane 13 lutego 2014 przez Dawid_Dj
Zayfi komentarz 10 marca 2014 komentarz 10 marca 2014 Wykonaj weryfikację plików systemowych start > polecenie uruchom > cmd wpisz komendę sfc /scannow podaj jaki był końcowy komunikat.
Dawid_Dj komentarz 16 marca 2014 Autor komentarz 16 marca 2014 "Funkcja Ochrona zasobów systemu Windows nie znalazła naruszeń integralności."
Dawid_Dj komentarz 23 sierpnia 2014 Autor komentarz 23 sierpnia 2014 Swieze logi OTL [log]OTL logfile created on: 2014-08-21 21:39:50 - Run 5 OTL by OldTimer - Version 3.2.69.0 Folder = E:\OTL 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 5,30 Gb Available Physical Memory | 66,38% Memory free 15,96 Gb Paging File | 12,78 Gb Available in Paging File | 80,05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 155,25 Gb Total Space | 8,88 Gb Free Space | 5,72% Space Free | Partition Type: NTFS Drive D: | 155,16 Gb Total Space | 28,40 Gb Free Space | 18,30% Space Free | Partition Type: NTFS Drive E: | 155,25 Gb Total Space | 30,87 Gb Free Space | 19,88% Space Free | Partition Type: NTFS Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014-08-07 05:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2014-06-29 11:55:38 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe PRC - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2014-05-12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe PRC - [2013-12-15 13:51:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL\OTL.exe PRC - [2013-12-10 04:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2013-12-10 04:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2013-11-14 13:56:57 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe PRC - [2013-11-11 09:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013-10-25 13:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe PRC - [2013-10-16 01:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe PRC - [2013-04-23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013-03-12 07:32:58 | 000,506,744 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011-05-19 16:39:18 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011-05-19 16:39:14 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2011-02-21 23:17:32 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe PRC - [2011-01-12 17:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2010-12-02 04:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe PRC - [2010-11-03 11:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe PRC - [2010-10-21 11:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009-12-22 13:31:50 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe PRC - [2009-12-22 13:30:54 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe PRC - [2009-12-15 14:47:00 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe ========== Modules (No Company Name) ========== MOD - [2014-08-13 17:40:06 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3623483b5413fc2d685b42d0e703a923\IAStorUtil.ni.dll MOD - [2014-08-13 17:40:06 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\48457c19cd74652246ac967b35d4956d\IAStorCommon.ni.dll MOD - [2014-08-13 17:37:35 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4d2ee13655653e64c6b91238e6b351df\System.Runtime.Remoting.ni.dll MOD - [2014-08-13 17:37:20 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\434e3a5de2f98ed740aac2b24c6d0890\System.Windows.Forms.ni.dll MOD - [2014-08-13 17:37:17 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bce52f0521c930a2e305badb3ea07128\System.Drawing.ni.dll MOD - [2014-08-13 17:37:14 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\abca6deea510151b5d8e51bdabd17bea\System.Xml.ni.dll MOD - [2014-08-13 17:37:12 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce5e2af0775efc3c91ba62d5d26fb39\System.Configuration.ni.dll MOD - [2014-08-13 17:37:06 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4aa535ef604745958a236cfbbbbf6297\WindowsBase.ni.dll MOD - [2014-08-13 17:36:59 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ee90c95adb50b0e75b814fcb9d87f8e\System.ni.dll MOD - [2014-08-13 17:36:53 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f8be9e33457f57805b4068f90099e428\mscorlib.ni.dll MOD - [2014-08-07 05:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll MOD - [2014-08-07 05:20:54 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll MOD - [2014-08-07 05:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll MOD - [2014-08-07 05:20:49 | 000,718,152 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll MOD - [2014-08-07 05:20:47 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll MOD - [2014-08-07 05:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll MOD - [2010-11-13 04:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-12-22 13:31:50 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe MOD - [2009-12-22 13:30:54 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe MOD - [2009-12-22 13:30:36 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK.dll MOD - [2009-12-22 13:30:34 | 000,065,536 | ---- | M] () -- C:\Windows\SysWOW64\LGErrorHandler.dll MOD - [2009-12-22 13:30:28 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EngRes.dll MOD - [2009-12-15 14:49:20 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009-12-15 14:46:38 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ========== Services (SafeList) ========== SRV:64bit: - [2014-07-25 15:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2013-12-10 04:14:39 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:64bit: - [2013-10-13 12:02:56 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:64bit: - [2013-06-29 23:37:42 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64) SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2012-04-26 10:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc) SRV:64bit: - [2011-01-12 17:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV:64bit: - [2011-01-12 17:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2014-08-17 09:17:17 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-08-04 22:38:11 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-06-29 11:55:38 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2014-03-21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013-12-10 04:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2013-11-11 09:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013-10-25 13:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc) SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-09-11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013-04-23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2012-12-13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service) SRV - [2012-08-01 16:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011-05-19 16:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011-03-01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2011-02-21 23:17:32 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc) SRV - [2010-12-02 12:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker) SRV - [2010-12-02 04:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc) SRV - [2010-11-03 11:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc) SRV - [2010-10-21 11:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:64bit: - [2014-08-21 21:26:31 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV:64bit: - [2014-05-12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl) DRV:64bit: - [2014-05-12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2013-12-05 10:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2013-11-14 13:57:05 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2013-10-28 02:12:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2013-10-28 02:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2013-10-08 19:23:28 | 000,024,032 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus) DRV:64bit: - [2013-10-02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2013-08-29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2013-07-16 12:33:04 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:64bit: - [2013-06-28 11:45:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem) DRV:64bit: - [2013-04-23 16:30:52 | 000,093,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis) DRV:64bit: - [2013-04-18 16:14:12 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag) DRV:64bit: - [2013-04-18 16:12:26 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetadb.sys -- (andnetadb) DRV:64bit: - [2012-12-24 17:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV:64bit: - [2012-12-24 17:45:48 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtAudioBusSrv) DRV:64bit: - [2012-12-24 17:42:26 | 000,031,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (IvtPanBusSrv) DRV:64bit: - [2012-12-24 17:42:26 | 000,031,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs) DRV:64bit: - [2012-08-29 19:46:14 | 000,028,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dfx11_1x64.sys -- (DFX11_1) DRV:64bit: - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012-06-27 15:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012-02-09 08:06:36 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:64bit: - [2012-01-18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2012-01-18 08:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2012-01-15 15:05:59 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012-01-09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2012-01-09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2012-01-09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2012-01-09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011-12-15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:64bit: - [2011-10-30 16:14:56 | 000,033,360 | ---- | M] (CrystalIdea Software) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CisUtMonitor.sys -- (CisUtMonitor) DRV:64bit: - [2011-06-10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011-05-16 07:39:26 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT) DRV:64bit: - [2011-05-10 18:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011-02-24 11:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011-02-24 11:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2010-12-21 16:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2010-12-21 16:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2010-12-21 14:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:64bit: - [2010-12-21 14:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:64bit: - [2010-12-21 14:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis) DRV:64bit: - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010-10-19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010-09-21 12:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus) DRV:64bit: - [2010-09-15 09:46:14 | 000,060,288 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MHIKEY10x64.sys -- (MHIKEY10) DRV:64bit: - [2010-02-08 23:28:10 | 000,148,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hrmports.sys -- (HRMPORTS) DRV:64bit: - [2010-02-08 23:28:10 | 000,133,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hrmcfgspc.sys -- (HRMCFGSPC) DRV:64bit: - [2010-02-08 23:28:10 | 000,128,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hrmints.sys -- (HRMINTS) DRV:64bit: - [2010-02-08 23:28:08 | 000,676,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dsfksvcs.sys -- (DSFKSVCS) DRV:64bit: - [2010-02-08 23:28:08 | 000,035,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dsfroot.sys -- (dsfroot) DRV:64bit: - [2010-02-08 21:58:56 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci_dsf.sys -- (usbehci_dsf) DRV:64bit: - [2010-02-08 21:06:46 | 000,675,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\softusbk.sys -- (SOFTUSBK) DRV:64bit: - [2010-02-08 21:06:46 | 000,366,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\softehci.sys -- (softehci) DRV:64bit: - [2010-02-08 21:06:42 | 000,206,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\softhidusbk.sys -- (SOFTHIDUSBK) DRV:64bit: - [2010-01-14 14:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60) DRV:64bit: - [2010-01-14 14:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) DRV:64bit: - [2010-01-14 14:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) DRV:64bit: - [2010-01-14 14:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) DRV:64bit: - [2009-08-13 09:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp) DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM) DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008-11-04 05:08:12 | 000,022,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GWHid.sys -- (GWHid) DRV:64bit: - [2008-09-23 01:24:00 | 000,050,176 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\shbecr.sys -- (Tdsshbecr) DRV:64bit: - [2008-03-30 04:16:46 | 000,031,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VL807.sys -- (VL807) DRV - [2010-09-16 21:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys) DRV - [2009-12-22 13:30:46 | 000,019,456 | ---- | M] (LG Soft India) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\LGPII2CDriver.sys -- (LGII2CDevice) DRV - [2009-12-22 13:30:36 | 000,016,384 | ---- | M] (LG Soft India) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\LGI2CDriver.sys -- (LGDDCDevice) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008-11-04 05:08:18 | 000,018,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\GWHid.sys -- (GWHid) DRV - [2008-03-30 04:17:18 | 000,025,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\VL807.sys -- (VL807) DRV - [2008-02-15 17:30:48 | 000,015,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys -- (FLASHSYS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/ [binary data] IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes,DefaultScope = {01AA3507-BBE7-437F-B89A-A4E240EF067E} IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes\{01AA3507-BBE7-437F-B89A-A4E240EF067E}: "URL" = http://www.idg.pl?q={searchTerms} IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledAddons: SkipScreen%40SkipScreen:0.7.2 FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3 FF - prefs.js..extensions.enabledAddons: %7B3e0e7d2a-070f-4a47-b019-91fe5385ba79%7D:3.5.9 FF - prefs.js..extensions.enabledAddons: YoutubeDownloader%40PeterOlayev.com:2.3.4 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0 FF - prefs.js..keyword.url: "http://isearch.avg.com/search?cid=%7B9b6f0ca3-7e12-4afe-b918-e1143ebfb52f%7D&mid=3c8acdbcac8547d095a0252442857de7-617abbcef06b250eea98b924de82af8847409f3a&ds=st011&v=11.1.0.7&lang=pl&pr=sa&d=2012-03-30%2017%3A42%3A10&sap=ku&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.1: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Dawid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012-12-10 21:52:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014-08-04 22:38:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-12-10 21:52:55 | 000,000,000 | ---D | M] [2011-11-29 21:31:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Extensions [2014-08-20 10:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions [2013-01-07 12:31:47 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2014-08-09 10:37:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-02-20 17:41:09 | 000,000,000 | ---D | M] (FullScreen+) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\FullScreen@muha.com [2014-07-19 20:59:17 | 000,000,000 | ---D | M] (Better Battlelog (BBLog)) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack [2014-08-20 10:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\Firefox\Profiles\ihgv3ubd.default\extensions\staged [2014-01-16 16:40:35 | 000,252,696 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\jid0-8C9kZOXgcsBN95BaPPbaKdSHEpU@jetpack.xpi [2013-06-20 22:59:29 | 000,255,232 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\jid1-GBYr3F9iI4n8IA@jetpack.xpi [2013-02-18 11:26:22 | 000,030,191 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\screensurfer@pjs.nl.xpi [2013-07-21 09:57:20 | 000,071,038 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\SkipScreen@SkipScreen.xpi [2013-02-04 11:44:31 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\translator@zoli.bod.xpi [2013-01-30 17:47:08 | 000,021,356 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\uss-button@uploadscreenshot.com.xpi [2014-07-25 10:17:20 | 000,076,615 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013-09-07 22:43:17 | 000,242,531 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi [2013-08-02 12:11:22 | 000,224,035 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2014-08-20 10:30:46 | 000,434,656 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-07-24 20:55:00 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Dawid\AppData\Roaming\mozilla\firefox\profiles\ihgv3ubd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-04 22:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2014-08-04 22:38:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-08-04 22:38:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2014-08-04 22:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014-08-04 22:38:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Error reading preferences file CHR - Extension: Dokumenty Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\ CHR - Extension: Dysk Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Szukaj w Google = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Wallet = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Gmail = C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2014-05-26 12:28:17 | 000,000,903 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O2:64bit: - BHO: (no name) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [TNOD UP] C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe (ecareme) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [F.lux] C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC) O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [Facebook Update] C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [GG] C:\Users\Dawid\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableThumbnails = 0 O7 - HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A07E7B8-1FD9-4107-B093-43C81F346573}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-06-26 22:38:36 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2014-05-26 12:48:53 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2013-07-24 14:54:55 | 000,000,000 | ---D | M] - E:\autocad -- [ NTFS ] O32 - AutoRun File - [2013-06-30 00:51:50 | 000,000,000 | ---D | M] - E:\Autodesk -- [ NTFS ] O33 - MountPoints2\{30c971b1-15dd-11e2-b2eb-f46d04619414}\Shell - "" = AutoRun O33 - MountPoints2\{30c971b1-15dd-11e2-b2eb-f46d04619414}\Shell\AutoRun\command - "" = K:\start.exe O33 - MountPoints2\{366f53d7-d822-11e3-b078-f46d04619414}\Shell - "" = AutoRun O33 - MountPoints2\{366f53d7-d822-11e3-b078-f46d04619414}\Shell\AutoRun\command - "" = L:\LG_PC_Programs.exe O33 - MountPoints2\{706d8922-e23b-11e1-9d52-f46d04619414}\Shell - "" = AutoRun O33 - MountPoints2\{706d8922-e23b-11e1-9d52-f46d04619414}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) ========== Files/Folders - Created Within 30 Days ========== [2014-08-13 17:11:00 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe [2014-08-13 17:11:00 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe [2014-08-13 17:11:00 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll [2014-08-13 17:11:00 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll [2014-08-13 17:10:58 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll [2014-08-13 17:10:58 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll [2014-08-13 17:10:08 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe [2014-08-13 17:10:08 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe [2014-08-13 17:09:01 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2014-08-13 17:09:01 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014-08-13 17:09:01 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2014-08-13 17:09:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2014-08-13 17:09:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2014-08-13 17:09:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2014-08-13 17:09:00 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014-08-13 17:08:59 | 002,001,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014-08-13 17:08:59 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014-08-13 17:08:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014-08-13 17:08:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014-08-13 17:08:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2014-08-13 17:08:58 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014-08-13 17:08:58 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014-08-13 17:08:58 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014-08-13 17:08:58 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2014-08-13 17:08:56 | 002,087,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014-08-13 17:08:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014-08-13 17:08:55 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2014-08-13 17:08:55 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014-08-13 17:08:55 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014-08-13 17:08:54 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014-08-13 17:08:54 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014-08-13 17:08:54 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014-08-13 17:08:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2014-08-13 17:08:53 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2014-08-13 17:08:53 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014-08-13 17:08:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014-08-13 17:08:51 | 005,824,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014-08-13 17:08:51 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2014-08-13 17:08:51 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014-08-13 17:08:50 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014-08-13 17:08:50 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014-08-13 17:08:50 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2014-08-13 17:08:49 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2014-08-13 17:08:42 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2014-08-13 17:08:41 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2014-08-13 17:08:41 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2014-08-13 17:08:41 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll [2014-08-13 17:08:41 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll [2014-08-13 17:08:41 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL [2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL [2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL [2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL [2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL [2014-08-13 17:08:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL [2014-08-13 17:08:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL [2014-08-13 17:08:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL [2014-08-13 17:08:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL [2014-08-13 17:08:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL [2014-08-13 17:08:30 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2014-08-13 17:08:25 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll [2014-08-13 17:07:35 | 000,529,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll [2014-08-13 17:07:35 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2014-08-04 22:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014-08-03 19:40:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games [2014-08-03 17:27:28 | 000,000,000 | ---D | C] -- C:\Users\Dawid\Desktop\Morze 2014 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014-08-21 21:37:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014-08-21 21:32:25 | 000,032,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014-08-21 21:32:25 | 000,032,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014-08-21 21:30:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job [2014-08-21 21:26:32 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014-08-21 21:26:31 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014-08-21 21:26:30 | 000,000,494 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job [2014-08-21 21:25:16 | 005,148,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014-08-21 21:23:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014-08-21 21:22:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2014-08-21 21:22:39 | 2131,857,407 | -HS- | M] () -- C:\hiberfil.sys [2014-08-21 21:00:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014-08-20 12:44:38 | 002,440,054 | ---- | M] () -- C:\Users\Dawid\Desktop\CAM00805.jpg [2014-08-20 12:38:58 | 002,420,032 | ---- | M] () -- C:\Users\Dawid\Desktop\CAM00804.jpg [2014-08-20 10:49:42 | 000,969,224 | ---- | M] () -- C:\Users\Dawid\Desktop\CAM00802.jpg [2014-08-20 09:51:29 | 002,039,589 | ---- | M] () -- C:\Users\Dawid\Desktop\CAM00803.jpg [2014-08-19 16:41:05 | 000,957,091 | ---- | M] () -- C:\Users\Dawid\Desktop\CAM00801.jpg [2014-08-17 12:30:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job [2014-08-17 09:17:16 | 000,699,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014-08-17 09:17:16 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014-08-16 14:46:35 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml [2014-08-16 14:46:35 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml [2014-08-16 11:59:06 | 003,722,082 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014-08-16 11:59:06 | 001,430,882 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2014-08-16 11:59:06 | 001,290,900 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014-08-16 11:59:06 | 000,544,654 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2014-08-16 11:59:06 | 000,424,572 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014-08-07 04:06:41 | 000,529,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll [2014-08-07 04:01:34 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2014-07-28 13:21:52 | 000,016,694 | ---- | M] () -- C:\Users\Dawid\Desktop\imgres.htm [2014-07-28 12:07:10 | 000,727,375 | ---- | M] () -- C:\Users\Dawid\Desktop\20140716_212642_2.jpg [2014-07-28 12:02:34 | 000,639,667 | ---- | M] () -- C:\Users\Dawid\Desktop\20140716_212642.jpg [2014-07-25 16:01:41 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2014-07-25 15:30:30 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014-07-25 15:28:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2014-07-25 15:28:27 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014-07-25 15:25:45 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2014-07-25 15:10:00 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014-07-25 15:03:50 | 000,598,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014-07-25 15:00:51 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014-07-25 15:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2014-07-25 14:59:28 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2014-07-25 14:47:25 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2014-07-25 14:40:12 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014-07-25 14:34:49 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014-07-25 14:33:08 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2014-07-25 14:30:32 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2014-07-25 14:28:15 | 005,824,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014-07-25 14:28:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2014-07-25 14:19:18 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014-07-25 14:17:33 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014-07-25 14:17:26 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014-07-25 14:12:35 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014-07-25 14:10:53 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014-07-25 14:10:15 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014-07-25 14:08:47 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2014-07-25 13:47:50 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014-07-25 13:43:16 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2014-07-25 13:42:31 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014-07-25 13:39:29 | 002,087,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014-07-25 13:39:25 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2014-07-25 13:36:30 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014-07-25 13:34:04 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014-07-25 13:07:49 | 002,001,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014-07-25 13:07:10 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2014-07-25 12:17:47 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014-07-25 12:09:19 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014-07-24 11:27:45 | 000,297,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2014-07-24 11:27:45 | 000,297,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2014-07-24 11:27:17 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2014-08-20 13:49:00 | 002,440,054 | ---- | C] () -- C:\Users\Dawid\Desktop\CAM00805.jpg [2014-08-20 13:49:00 | 002,420,032 | ---- | C] () -- C:\Users\Dawid\Desktop\CAM00804.jpg [2014-08-20 10:51:34 | 002,039,589 | ---- | C] () -- C:\Users\Dawid\Desktop\CAM00803.jpg [2014-08-20 10:51:34 | 000,969,224 | ---- | C] () -- C:\Users\Dawid\Desktop\CAM00802.jpg [2014-08-20 10:51:34 | 000,957,091 | ---- | C] () -- C:\Users\Dawid\Desktop\CAM00801.jpg [2014-08-02 12:37:13 | 000,753,347 | ---- | C] () -- C:\Users\Dawid\Desktop\CV_Adam_Burak.pdf [2014-07-28 13:21:52 | 000,016,694 | ---- | C] () -- C:\Users\Dawid\Desktop\imgres.htm [2014-07-28 12:07:10 | 000,727,375 | ---- | C] () -- C:\Users\Dawid\Desktop\20140716_212642_2.jpg [2014-07-28 12:06:41 | 000,639,667 | ---- | C] () -- C:\Users\Dawid\Desktop\20140716_212642.jpg [2014-06-19 08:15:57 | 000,000,024 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\temp.ini [2013-12-28 19:09:11 | 000,000,916 | ---- | C] () -- C:\Windows\SysWow64\SHORTCUT.INI [2013-12-28 19:08:59 | 000,000,104 | ---- | C] () -- C:\Windows\SysWow64\REMOTEDEVICE.INI [2013-12-15 11:00:46 | 000,000,126 | ---- | C] () -- C:\Windows\wininit.ini [2013-12-08 11:10:09 | 000,000,000 | ---- | C] () -- C:\Windows\QuickInstall.INI [2013-12-08 00:04:54 | 000,038,418 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Microsoft Excel 97-2003.ADR [2013-12-08 00:04:52 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI [2013-12-05 17:12:26 | 000,070,904 | ---- | C] () -- C:\Windows\SysWow64\VMProtectSDK32.dll [2013-12-05 17:11:44 | 000,311,032 | ---- | C] () -- C:\Windows\SysWow64\IVTCredentialProvider.dll [2013-12-05 17:10:38 | 000,273,144 | ---- | C] () -- C:\Windows\SysWow64\Adpush.dll [2013-12-02 00:23:33 | 000,000,132 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP [2013-12-02 00:20:50 | 000,000,132 | ---- | C] () -- C:\Users\Dawid\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG [2013-11-03 11:51:36 | 000,000,098 | ---- | C] () -- C:\Windows\SysWow64\91207717.sys [2013-10-19 11:45:51 | 000,000,093 | ---- | C] () -- C:\Users\Dawid\AppData\Local\fusioncache.dat [2013-06-29 23:38:42 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2012-12-07 22:05:48 | 000,000,096 | ---- | C] () -- C:\Windows\BsMobileModel.ini [2012-09-28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2011-12-21 14:44:05 | 000,007,645 | ---- | C] () -- C:\Users\Dawid\AppData\Local\resmon.resmoncfg ========== ZeroAccess Check ========== [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014-06-25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2014-08-14 15:06:21 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIMP3 [2012-02-22 15:36:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIWI [2011-12-18 17:05:40 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ashampoo [2011-12-30 17:23:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ASUS WebStorage [2013-11-03 11:53:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Audacity [2013-06-30 00:33:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Autodesk [2012-06-02 13:27:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\BANDISOFT [2012-01-28 12:06:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\com.adobe.DC3Module.AdobeADC [2012-08-30 15:51:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CrystalIdea Software [2012-03-29 17:09:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Lite [2011-11-29 17:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Pro [2012-10-20 17:48:05 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dexpot [2014-02-04 10:17:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dropbox [2011-12-17 21:07:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DxO Labs [2012-01-22 20:10:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\e-pity [2012-01-14 20:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ESET [2012-06-09 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\EurekaLog [2012-01-27 19:40:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gadu-Gadu 10 [2012-05-15 17:55:28 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GanymedeNet [2014-08-21 21:27:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GG [2013-12-14 10:28:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gholam_Inc [2013-12-14 15:16:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\hdd_guardian [2012-05-02 11:34:16 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HDRsoft [2013-12-08 11:05:47 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HotSync [2014-02-11 15:10:21 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IObit [2014-05-19 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ipla [2013-12-15 00:52:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IsolatedStorage [2012-04-06 13:04:43 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Leadertech [2013-12-14 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\LG Electronics [2014-05-27 10:59:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Logs [2014-01-27 22:30:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\MOBILedit [2012-12-10 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia [2012-12-10 19:22:52 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia Suite [2012-01-01 14:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nseries [2013-04-14 18:21:31 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nvu [2012-01-24 20:57:45 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\OpenFM [2013-07-16 13:17:32 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Origin [2011-12-17 21:06:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PACE Anti-Piracy [2012-01-19 20:15:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PC Suite [2013-12-24 19:44:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PearlMountain [2011-12-24 17:59:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Personal [2011-12-23 14:50:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PunkBuster [2014-03-16 10:12:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Radmin [2012-04-02 22:38:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Rovio [2012-03-09 19:49:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\S.A.D [2013-10-18 18:12:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Softativity [2012-01-28 17:46:54 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-03-25 18:21:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SuperUtils.com [2013-12-07 23:26:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TeamViewer [2011-12-26 12:45:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Tific [2014-06-23 22:16:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TS3Client [2012-04-10 11:23:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ts3overlay [2012-07-08 22:10:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TSNotifier [2012-04-18 14:56:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TuneUp Software [2012-06-07 18:35:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ubisoft [2011-12-10 16:19:39 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ulead Systems [2012-06-17 14:50:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinAVI ========== Purity Check ========== ========== Custom Scans ========== < C:\*.* > [2014-05-26 12:48:53 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2014-08-21 21:22:39 | 2131,857,407 | -HS- | M] () -- C:\hiberfil.sys [2013-12-08 11:06:52 | 003,806,062 | ---- | M] () -- C:\HuskyInstallerLog.txt [2014-08-21 21:22:47 | 4274,135,039 | -HS- | M] () -- C:\pagefile.sys [2012-02-24 15:31:04 | 000,179,054 | ---- | M] () -- C:\TDSSKiller.2.7.13.0_24.02.2012_14.29.38_log.txt [2012-03-18 13:32:45 | 000,090,740 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_18.03.2012_12.31.31_log.txt [2012-03-18 17:39:16 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_18.03.2012_16.39.14_log.txt [2012-02-24 15:35:44 | 000,091,570 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_24.02.2012_14.34.50_log.txt [2012-02-26 14:14:01 | 000,092,604 | ---- | M] () -- C:\TDSSKiller.2.7.14.0_26.02.2012_13.13.18_log.txt [2012-03-18 17:47:27 | 000,090,740 | ---- | M] () -- C:\TDSSKiller.2.7.20.0_18.03.2012_16.46.10_log.txt [2012-06-18 12:10:49 | 000,092,934 | ---- | M] () -- C:\TDSSKiller.2.7.20.0_18.06.2012_12.10.17_log.txt [2009-07-14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009-07-14 07:08:49 | 000,032,604 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012-04-01 18:42:06 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012-04-11 22:02:43 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job [2012-04-11 22:02:44 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job [2012-07-06 17:17:38 | 000,001,042 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012-07-06 17:17:38 | 000,001,046 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2013-10-20 12:41:50 | 000,000,410 | ---- | C] () -- C:\Windows\Tasks\RegCure Pro.job [2013-10-20 12:41:52 | 000,000,494 | ---- | C] () -- C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job < D:\*.* > [2012-01-24 18:23:59 | 000,258,492 | ---- | M] () -- D:\00-00-00.jpg [2012-01-24 18:27:28 | 000,350,024 | ---- | M] () -- D:\00-00-00_et.jpg [2012-01-24 18:23:59 | 000,256,656 | ---- | M] () -- D:\00-00-02.jpg [2013-07-04 17:59:03 | 1557,383,068 | ---- | M] () -- D:\17 urodziny danona przejazd moto noca.avi [2013-07-04 17:59:03 | 018,693,868 | ---- | M] () -- D:\17 urodziny danona przejazd moto noca~2.avi [2013-07-04 17:53:17 | 000,011,264 | ---- | M] () -- D:\17 urodziny danona przejazdza moto.VSP [2011-08-24 21:51:58 | 003,050,163 | ---- | M] () -- D:\2fotkiorygprzerobka_kolaz.jpg [2011-08-24 21:52:54 | 002,784,026 | ---- | M] () -- D:\2fotkiorygprzerobka_kolaz22.jpg [2011-04-02 10:47:29 | 957,273,448 | ---- | M] () -- D:\ACBSP 2011-04-02 10-43-51-23.avi [2011-04-02 10:47:45 | 023,624,872 | ---- | M] () -- D:\ACBSP 2011-04-02 10-47-38-89.avi [2014-04-30 18:18:41 | 000,836,091 | ---- | M] () -- D:\billing (10).txt [2014-05-30 18:24:23 | 000,918,791 | ---- | M] () -- D:\billing (11).txt [2014-06-19 17:24:34 | 001,137,296 | ---- | M] () -- D:\billing (12).txt [2013-11-29 20:06:05 | 000,647,626 | ---- | M] () -- D:\billing (2).txt [2013-12-08 15:40:23 | 000,630,136 | ---- | M] () -- D:\billing (3).txt [2013-12-14 23:55:11 | 000,192,065 | ---- | M] () -- D:\billing (4).txt [2013-12-27 22:25:03 | 000,196,011 | ---- | M] () -- D:\billing (5).txt [2014-01-18 21:04:57 | 000,536,412 | ---- | M] () -- D:\billing (6).txt [2014-02-23 15:32:24 | 000,502,561 | ---- | M] () -- D:\billing (7).txt [2014-03-16 17:29:56 | 000,776,098 | ---- | M] () -- D:\billing (8).txt [2014-04-05 16:55:04 | 000,912,228 | ---- | M] () -- D:\billing (9).txt [2013-10-26 20:12:46 | 000,538,759 | ---- | M] () -- D:\billing.txt [2011-02-27 16:19:06 | 559,481,986 | ---- | M] () -- D:\CoDMW2.wmv [2012-12-17 16:43:30 | 050,040,832 | ---- | M] () -- D:\Credo Prawko B.iso [2011-09-29 20:34:36 | 003,957,706 | ---- | M] () -- D:\crosskolaz1.jpg [2013-03-31 20:02:38 | 004,249,281 | ---- | M] () -- D:\crosskolaz2.jpg [2007-02-01 16:04:06 | 061,236,062 | ---- | M] () -- D:\CRYSpcVIDTRdx10.wmv [2013-04-18 20:59:46 | 000,819,831 | ---- | M] () -- D:\dwe.mp4 [2014-03-06 17:03:47 | 000,014,635 | ---- | M] () -- D:\kontakty 07.12.2013 - update 06.03.2014.docx [2013-12-12 19:01:19 | 000,011,007 | ---- | M] () -- D:\kontakty 07.12.2013.txt [2012-03-18 13:30:40 | 000,041,183 | ---- | M] () -- D:\KontaktyDawid_18.03.2012 [2012-02-24 15:26:06 | 000,041,837 | ---- | M] () -- D:\KontaktyggDawid_24.02.2012 [2012-07-04 15:54:27 | 000,041,618 | ---- | M] () -- D:\Kontakty_9207423_04.07.2012 [2012-05-15 19:15:38 | 000,040,493 | ---- | M] () -- D:\Kontakty_9207423_15.05.2012 [2012-07-29 23:16:42 | 000,041,069 | ---- | M] () -- D:\Kontakty_9207423_29.07.2012 [2012-06-17 15:09:04 | 000,927,188 | ---- | M] () -- D:\ludzie, lodożerca.mp3 [2010-02-16 19:53:20 | 000,052,070 | ---- | M] () -- D:\ludzie.amr [2010-02-16 19:53:20 | 000,527,079 | ---- | M] () -- D:\ludzie.mp3 [2012-11-03 01:54:26 | 015,740,409 | ---- | M] () -- D:\MOV00321.3gp [2014-04-06 11:57:50 | 000,010,104 | ---- | M] () -- D:\nr do usuniecia.docx [2012-11-05 22:45:27 | 2020,266,143 | ---- | M] () -- D:\Osiemnastka Danona.mp4 [2008-03-05 19:16:30 | 096,558,090 | ---- | M] () -- D:\P1010399.MOV [2008-03-05 19:22:20 | 029,908,310 | ---- | M] () -- D:\P1010403.MOV [2008-03-22 16:03:28 | 067,235,722 | ---- | M] () -- D:\P1020379.MOV [2010-02-10 20:22:24 | 003,646,352 | ---- | M] () -- D:\P1080184.JPG [2010-02-15 12:42:26 | 003,417,346 | ---- | M] () -- D:\P1080190.JPG [2010-02-15 12:50:04 | 003,938,113 | ---- | M] () -- D:\P1080191.JPG [2010-03-22 17:13:06 | 003,575,334 | ---- | M] () -- D:\P1080392.JPG [2010-03-22 17:13:32 | 003,854,951 | ---- | M] () -- D:\P1080393.JPG [2011-11-06 15:03:12 | 003,020,341 | ---- | M] () -- D:\P1160593.JPG [2011-11-07 16:21:22 | 001,950,575 | ---- | M] () -- D:\P1160593_3.jpeg [2011-11-27 17:39:40 | 002,506,626 | ---- | M] () -- D:\P1160754.JPG [2011-11-27 18:19:26 | 000,773,794 | ---- | M] () -- D:\P1160754_2.jpg [2011-11-27 18:37:50 | 000,787,302 | ---- | M] () -- D:\P1160754_3.jpeg [2013-12-01 23:27:03 | 000,990,569 | ---- | M] () -- D:\Picture 28.jpg [2011-10-16 18:13:10 | 000,070,941 | ---- | M] () -- D:\screen320.jpg [2013-04-18 20:11:11 | 000,531,728 | ---- | M] () -- D:\Skok przez okno na lekcji GEOGRAFII.mp4 [2011-11-25 20:37:17 | 268,435,456 | -HS- | M] () -- D:\WinPEpge.sys [2013-05-09 19:17:33 | 180,403,915 | ---- | M] () -- D:\wiosny - przypomnienie.psd [2012-11-08 20:00:32 | 108,882,807 | ---- | M] () -- D:\Wojtas na Paka urodzinach.mp4 [2012-11-08 20:00:58 | 000,008,704 | ---- | M] () -- D:\Wojtas na urodzinach u Paka.VSP < E:\*.* > [2013-12-01 00:45:56 | 000,011,017 | ---- | M] () -- E:\00001.vcf [2014-05-30 18:24:23 | 000,918,791 | ---- | M] () -- E:\01.05.-30.05.2014.txt [2011-11-20 16:08:22 | 007,891,551 | ---- | M] (A.I.SOFT,INC.) -- E:\465-USB-WIN7-64-PNP-A-PL(1).EXE [2012-06-05 19:57:45 | 094,039,935 | ---- | M] () -- E:\AC3 - Oficjalny zwiastun z E3 [PL].mp4 [2012-03-29 09:25:54 | 733,779,968 | ---- | M] () -- E:\american pie 6 beta house lektor pl.avi [2012-04-02 22:32:34 | 034,995,726 | ---- | M] () -- E:\Angry Birds Space 1.0.0.THETA www.exsite.pl.rar [2012-06-11 16:14:57 | 729,248,342 | ---- | M] () -- E:\bf3_2012_06_11_16_10_49_808.avi [2012-10-07 13:00:23 | 071,831,387 | ---- | M] () -- E:\BF3_Premium_Guide02_EN_v2.pdf [2012-12-30 13:28:09 | 090,682,025 | ---- | M] () -- E:\BF3_Premium_Guide03_EN.pdf [2013-04-02 14:30:22 | 081,254,005 | ---- | M] () -- E:\BF3_Premium_Guide04_EN.pdf [2014-05-30 18:24:23 | 000,918,791 | ---- | M] () -- E:\billing 01.05-30.05.2014.txt [2013-12-14 23:55:11 | 000,192,065 | ---- | M] () -- E:\billing 05.12.2013 - 14.12.2013.txt [2014-04-05 16:55:04 | 000,912,228 | ---- | M] () -- E:\billing 07.03-05.04.2014.txt [2013-12-08 15:40:23 | 000,630,136 | ---- | M] () -- E:\billing 09.11.2013 - 08.12.2013.txt [2014-03-16 17:29:56 | 000,776,098 | ---- | M] () -- E:\billing 15.02-16.03.2014.txt [2014-01-18 21:04:57 | 000,536,412 | ---- | M] () -- E:\billing 20.12.2013 - 18.01.2014.txt [2014-06-19 17:24:34 | 001,137,296 | ---- | M] () -- E:\billing 21.05-19.06.2014.txt [2014-02-23 15:32:24 | 000,502,561 | ---- | M] () -- E:\billing 25.01.2014 - 23.02.2014.txt [2013-10-26 20:12:46 | 000,538,759 | ---- | M] () -- E:\billing 27.09.2013 - 26.10.2013.txt [2013-12-27 22:25:03 | 000,196,011 | ---- | M] () -- E:\billing 28.11.2013 - 27.12.2013.txt [2013-12-08 18:41:49 | 000,181,408 | ---- | M] () -- E:\billing 29.11-08.12.txt [2013-11-29 20:06:05 | 000,647,626 | ---- | M] () -- E:\billing 31.10.2013 - 29.11.2013.txt [2011-04-23 00:11:50 | 726,675,276 | ---- | M] () -- E:\cfy-newkids.avi [2011-04-26 00:59:46 | 000,032,634 | ---- | M] () -- E:\cfy-newkids.txt [2011-11-26 10:03:16 | 000,042,101 | ---- | M] () -- E:\Dawidkontakty_26.11.2011 [2012-11-02 10:56:54 | 000,000,680 | ---- | M] () -- E:\dedykacje.txt [2014-02-11 11:34:34 | 000,104,372 | ---- | M] () -- E:\Extras.Txt [2012-06-03 13:39:43 | 108,508,108 | ---- | M] () -- E:\F1 2012 Monaco GP Official race edit.mp4 [2014-04-12 13:15:58 | 001,232,077 | ---- | M] () -- E:\Fuelio v1.21.0.apk [2014-05-30 18:24:23 | 000,918,791 | ---- | M] () -- E:\h5.txt [2012-07-23 19:23:49 | 017,532,198 | ---- | M] () -- E:\iCEnhancer2_1FINAL.zip [2014-04-07 18:03:15 | 003,012,325 | ---- | M] () -- E:\Just 6 Weeks v1.8.3.apk [2011-07-01 19:45:10 | 000,000,198 | ---- | M] () -- E:\kod corel x4 video.txt [2013-12-12 19:01:19 | 000,011,007 | ---- | M] () -- E:\kontakty 07.12.2013 (2).txt [2014-07-08 20:42:17 | 000,014,898 | ---- | M] () -- E:\kontakty 07.12.2013 up 08.07.2014.txt.docx [2013-12-12 19:01:19 | 000,011,007 | ---- | M] () -- E:\kontakty 07.12.2013.txt [2011-11-13 11:47:12 | 003,035,825 | ---- | M] () -- E:\livebox_USB_Vista_7_366825985.zip [2013-12-15 13:50:09 | 000,003,752 | ---- | M] () -- E:\MBAM.txt [2011-12-19 21:56:59 | 000,000,528 | R--- | M] () -- E:\MediaID.bin [2012-05-31 16:56:34 | 011,042,294 | ---- | M] () -- E:\Nie pomalujesz ! To je amelinium (Oryginał HD)~1.mp4 [2013-12-09 17:26:56 | 000,000,020 | ---- | M] () -- E:\nieznajomy 2.txt [2013-12-02 22:32:12 | 000,000,009 | ---- | M] () -- E:\nieznajomy.txt [2010-03-20 18:11:58 | 068,484,620 | ---- | M] () -- E:\Opel_Omega_B_sam_naprawiam.pdf [2014-02-11 11:33:53 | 000,193,000 | ---- | M] () -- E:\OTL.Txt [2014-04-07 17:58:13 | 004,528,228 | ---- | M] () -- E:\Rayman Jungle Run.apk [2014-08-11 22:00:54 | 000,000,064 | ---- | M] () -- E:\rgh.txt [2000-06-17 13:32:10 | 000,049,168 | ---- | M] () -- E:\Super Mario Bros. (PC10).nes [2014-04-12 13:16:10 | 006,718,315 | ---- | M] () -- E:\SwiftKey 3 Keyboard.apk [2012-11-07 20:30:03 | 155,786,365 | ---- | M] () -- E:\The_Origin_of_Battlefield_1942.pdf [2013-10-12 11:05:17 | 002,823,266 | ---- | M] () -- E:\trasa.png [2013-12-15 16:51:57 | 000,002,080 | ---- | M] () -- E:\ustawienia sim.txt [2012-02-27 17:56:16 | 000,023,055 | ---- | M] () -- E:\video.pass [2012-02-19 21:42:43 | 000,000,025 | ---- | M] () -- E:\wirus zawiecha.bat [2014-04-07 16:04:39 | 005,009,234 | ---- | M] () -- E:\Worms 2 Armageddon v1.3.apk [2013-01-10 22:03:40 | 322,319,705 | ---- | M] () -- E:\[nvmovies][archiwum prywatne] tough night 12'_13'.mp4 [1 E:\*.tmp files -> E:\*.tmp -> ] < F:\*.* > < G:\*.* > < H:\*.* > < %ALLUSERSPROFILE%\Application Data\*. > < %APPDATA%\*. > [2012-05-05 13:49:30 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe [2012-04-22 11:11:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe Mini Bridge CS5 [2012-01-28 17:46:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Adobe Mini Bridge CS5.1 [2014-08-14 15:06:21 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIMP3 [2012-02-22 15:36:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\AIWI [2013-11-02 15:26:13 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Apple Computer [2011-12-18 17:05:40 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ashampoo [2011-12-30 17:23:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ASUS WebStorage [2013-11-03 11:53:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Audacity [2013-06-30 00:33:55 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Autodesk [2012-06-02 13:27:08 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\BANDISOFT [2011-11-30 22:43:03 | 000,000,000 | R--D | M] -- C:\Users\Dawid\AppData\Roaming\Brother [2012-01-28 12:06:00 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\com.adobe.DC3Module.AdobeADC [2011-12-10 16:11:42 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Corel [2012-08-30 15:51:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CrystalIdea Software [2012-01-01 19:50:36 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\CyberLink [2012-03-29 17:09:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Lite [2011-11-29 17:17:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DAEMON Tools Pro [2012-10-20 17:48:05 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dexpot [2014-02-04 10:17:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Dropbox [2011-12-17 21:07:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\DxO Labs [2012-01-22 20:10:02 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\e-pity [2012-01-14 20:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ESET [2012-06-09 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\EurekaLog [2012-01-27 19:40:09 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gadu-Gadu 10 [2012-05-15 17:55:28 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GanymedeNet [2014-08-21 21:27:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\GG [2013-12-14 10:28:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Gholam_Inc [2013-12-14 15:16:57 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\hdd_guardian [2012-05-02 11:34:16 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HDRsoft [2013-12-08 11:05:47 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\HotSync [2011-11-29 16:51:59 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Identities [2011-11-29 17:01:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\InstallShield [2011-11-29 17:24:50 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Intel Corporation [2014-02-11 15:10:21 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IObit [2014-05-19 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ipla [2013-12-15 00:52:49 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\IsolatedStorage [2012-04-06 13:04:43 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Leadertech [2013-12-14 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\LG Electronics [2014-05-27 10:59:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Logs [2011-11-29 18:46:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Macromedia [2014-05-20 14:36:34 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Malwarebytes [2011-04-12 15:32:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Media Center Programs [2014-02-23 20:53:57 | 000,000,000 | --SD | M] -- C:\Users\Dawid\AppData\Roaming\Microsoft [2014-05-28 09:49:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Microsoft FxCop [2014-01-27 22:30:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\MOBILedit [2012-06-10 21:05:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Mozilla [2012-12-10 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia [2012-12-10 19:22:52 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nokia Suite [2012-01-01 14:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nseries [2011-12-10 16:18:51 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\NVIDIA [2013-04-14 18:21:31 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Nvu [2012-01-24 20:57:45 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\OpenFM [2013-07-16 13:17:32 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Origin [2011-12-17 21:06:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PACE Anti-Piracy [2012-01-19 20:15:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PC Suite [2013-12-24 19:44:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PearlMountain [2011-12-24 17:59:14 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Personal [2011-12-23 14:50:04 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\PunkBuster [2014-03-16 10:12:11 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Radmin [2012-04-02 22:38:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Rovio [2012-03-09 19:49:56 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\S.A.D [2011-12-10 20:08:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SecuROM [2014-08-21 21:44:44 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Skype [2013-10-18 18:12:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Softativity [2012-01-28 17:46:54 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-03-25 18:21:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\SuperUtils.com [2013-12-07 23:26:35 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TeamViewer [2011-12-26 12:45:26 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Tific [2014-06-23 22:16:33 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TS3Client [2012-04-10 11:23:18 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\ts3overlay [2012-07-08 22:10:24 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TSNotifier [2012-04-18 14:56:06 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\TuneUp Software [2012-08-09 18:50:25 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\U3 [2012-06-07 18:35:12 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ubisoft [2011-12-10 16:19:39 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\Ulead Systems [2012-12-17 22:15:03 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\vlc [2012-06-17 14:50:20 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinAVI [2011-11-29 19:43:58 | 000,000,000 | ---D | M] -- C:\Users\Dawid\AppData\Roaming\WinRAR < %SYSTEMDRIVE%\*. /mp /s > < MD5 for: AGP440.SYS > [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys [2009-07-14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys < MD5 for: BEEP.SYS > [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys < MD5 for: EXPLORER.EXE > [2011-02-26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2012-02-27 17:40:42 | 000,004,608 | ---- | M] () MD5=181066E31AD20869CF049262A0DB0BC2 -- C:\Users\Dawid\AppData\Local\Xenocode\ApplianceCaches\GameCamV2.exe_v049D98E1\Native\STUBEXE\@SYSTEM@\explorer.exe [2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011-02-25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011-02-26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010-11-21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010-11-21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe < MD5 for: NTFS.SYS > [2010-11-21 05:23:55 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys [2014-01-24 04:37:55 | 001,684,928 | ---- | M] (Microsoft Corporation) MD5=1A29A59A4C5BA6F8C85062A613B7E2B2 -- C:\Windows\SysNative\drivers\ntfs.sys [2014-01-24 04:37:55 | 001,684,928 | ---- | M] (Microsoft Corporation) MD5=1A29A59A4C5BA6F8C85062A613B7E2B2 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18378_none_045a363833b85029\ntfs.sys [2014-01-24 04:40:06 | 001,684,416 | ---- | M] (Microsoft Corporation) MD5=48B6047F82D5A8D0AEC71593F4ACD79B -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22580_none_04d102ad4ce53e53\ntfs.sys [2011-03-11 08:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys [2011-03-11 08:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys [2013-04-12 16:16:02 | 001,686,888 | ---- | M] (Microsoft Corporation) MD5=A6AE4551BF8EED09FA3B6FCDF472F3E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22297_none_04cd2f154ce71430\ntfs.sys [2013-04-12 16:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18127_none_048f41be3390b0cf\ntfs.sys < MD5 for: SVCHOST.EXE > [2014-05-12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe [2009-07-14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe < MD5 for: USERINIT.EXE > [2010-11-21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010-11-21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010-11-21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010-11-21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WINLOGON.EXE > [2014-05-12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe [2010-11-21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2014-03-04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe [2014-03-04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe [2014-03-04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe < %systemroot%\system32\ws2_32.dll /md5 > [2010-11-21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\system32\ws2_32.dll < %systemroot%\system32\kernel32.dll /md5 > [2014-03-04 11:16:17 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=76161B9D78A275F8F28DD67436013110 -- C:\Windows\system32\kernel32.dll < %systemroot%\system32\user32.dll /md5 > [2010-11-21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\system32\user32.dll < %systemroot%\Tasks\*.* /lockedfiles > [2014-08-21 10:25:47 | 000,032,604 | ---- | M] () Unable to obtain MD5 -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Restore Points Found ========== ========== Files - Unicode (All) ========== [2014-03-16 11:51:51 | 000,000,923 | ---- | M] ()(C:\Users\Dawid\Desktop\Un?nstall Tool.lnk) -- C:\Users\Dawid\Desktop\Unіnstall Tool.lnk [2014-03-16 11:16:40 | 000,000,923 | ---- | C] ()(C:\Users\Dawid\Desktop\Un?nstall Tool.lnk) -- C:\Users\Dawid\Desktop\Unіnstall Tool.lnk ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\Users\All Users] -> -> Unknown point type ========== Alternate Data Streams ========== @Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences @Alternate Data Stream - 117 bytes -> C:\Users\All Users\Temp:1C209B86 @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:1C209B86 < End of report > [/log] Extras [log]OTL Extras logfile created on: 2014-08-21 21:39:50 - Run 5 OTL by OldTimer - Version 3.2.69.0 Folder = E:\OTL 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 5,30 Gb Available Physical Memory | 66,38% Memory free 15,96 Gb Paging File | 12,78 Gb Available in Paging File | 80,05% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 155,25 Gb Total Space | 8,88 Gb Free Space | 5,72% Space Free | Partition Type: NTFS Drive D: | 155,16 Gb Total Space | 28,40 Gb Free Space | 18,30% Space Free | Partition Type: NTFS Drive E: | 155,25 Gb Total Space | 30,87 Gb Free Space | 19,88% Space Free | Partition Type: NTFS Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{051EB8ED-D2FD-415D-9713-F60F230D90E6}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{067202FA-FB20-4EB7-989C-3859D15A1A09}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{08617120-8914-4034-81A7-07F0E96341F7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0A0401B9-7C28-4978-92A1-F1C0DAB985F4}" = rport=137 | protocol=17 | dir=out | app=system | "{0C2D0C78-D8C8-44CF-A1A2-5238B6DA2BC9}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{15026F90-DF7B-4407-8E41-D8144DD71D21}" = lport=139 | protocol=6 | dir=in | app=system | "{1DF44B3D-2AEC-4987-8985-BC178E1854E6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{2056652C-64D8-406A-833D-6C60F4CAD105}" = lport=445 | protocol=6 | dir=in | app=system | "{2B376A50-0512-41D1-8CC5-B5190EC6FE20}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{345020B2-A6F4-4AB1-A39F-F9A8857A5CBB}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{34F6984E-9E3A-4CA0-AB14-89BFEB84E13B}" = rport=138 | protocol=17 | dir=out | app=system | "{3A177BE4-2F2D-483C-B806-AD6C37691043}" = lport=4899 | protocol=17 | dir=in | name=4899 udp | "{455C4DD2-462D-41A9-B20B-8BB1CF806EC9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{4806CE93-4785-4088-A35D-F0D42392E2C0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{4AA1072B-DCC4-48B2-AE67-67B1477A29EF}" = rport=4899 | protocol=6 | dir=out | name=4899 tcp | "{55D70FE6-9318-4287-97A0-41A1C845C476}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{69ED7FA8-A8E7-4770-A760-869558C00481}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{6E8A9786-641D-4CEB-89C0-A492DAB26BDB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{72190C1D-61E2-4C6C-88ED-2D2E0504770D}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service | "{7508478E-8008-474A-889D-16DD679EFFDB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{84F9193D-E4CC-48B9-B414-FAEE61C4743E}" = lport=10243 | protocol=6 | dir=in | app=system | "{8E8809CC-569C-4C58-9627-B36CD5BF1BBA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{940EE33A-50AB-4FD8-B12B-EC21CF159CE4}" = lport=137 | protocol=17 | dir=in | app=system | "{945C2275-D6D1-4012-9150-946901ED2278}" = lport=2869 | protocol=6 | dir=in | app=system | "{95285DB7-1613-446F-8431-25FABB39FD48}" = rport=139 | protocol=6 | dir=out | app=system | "{98F4E4AC-F703-4428-A545-D1E34715706D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{9C922B2A-0969-4E4B-B299-CFA441A5BC38}" = rport=4899 | protocol=17 | dir=out | name=4899 udp | "{9F8A8BE1-C517-4F0C-89CE-290641E28AF1}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{AC8948A1-102B-4E2F-AB51-3CB8C250D943}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AE097083-C0CD-42ED-96B5-9F0CD79E122C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{C3593B60-2EE2-451B-BF16-5A5B5DA71575}" = rport=10243 | protocol=6 | dir=out | app=system | "{C6C7D2AE-61F4-4174-9637-89440067F051}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{D38BC28C-53D5-4F97-A114-10921CE535E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E046E66E-2BA8-47E7-B241-14FB35D31792}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E16E2025-DAC2-4C81-A49F-A1F5AA7A7287}" = rport=445 | protocol=6 | dir=out | app=system | "{E9B4CBEA-AB89-4C05-B2B9-5E6BA84B4988}" = lport=4899 | protocol=6 | dir=in | name=4899 tcp | "{EDBC7A31-AD62-4076-8BDB-9C8A88A78691}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F65A4E17-26ED-4A02-AE9C-D2CE5AF2349B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{FA020FF2-3D82-4E52-A80C-B12396CD4BCC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FF2A64AB-D235-418C-8078-A91BC721692B}" = lport=138 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0994B7F4-A440-43F3-A425-F5FB71A3C646}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{11AFD906-3D0C-4529-B2F7-E96D329F44D6}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{1547B707-677E-423F-963C-1BCD7E6ECA49}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{155B3876-96A3-4635-A945-41CBC093DA96}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{17408F70-A0BE-47E6-821B-4C78EF466E5D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{1923B629-1606-475F-8A22-4543D60282AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1BDBDD68-5592-481E-B245-B6EBE8125D51}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1BE72711-CC5A-4EE9-B097-B69DEFFC04EB}" = dir=in | app=%programfiles% (x86)\radmin viewer 3\radmin.exe | "{211AC75A-4C3C-4AB0-B157-D032317CE3BC}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe | "{27792FA4-ED21-426D-8B4A-07B6441308A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2BFEDC87-A56D-4849-A748-C191E70E6302}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{32444DDF-A6A7-4E3C-A2C9-8D6738892FE5}" = dir=in | app=c:\users\dawid\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{39BEEA53-78C3-4308-9752-8752A39A5F81}" = protocol=6 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe | "{3E582B93-96E3-4EBD-88BA-4F2D7136CBFD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3E5E3B04-9BB5-4D30-A074-CC4FE5E90979}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4868991E-81C1-4315-80A4-BB013C873438}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{4B514292-0C6E-4BDC-9689-3DD074FCDCC5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{4D428C51-2BEE-4066-A114-0649CA63A237}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{54E557F5-7305-41C0-88C4-2CD09C411590}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5860B855-191C-421A-BE61-3856368EC406}" = protocol=6 | dir=out | app=system | "{5FF66FF0-99C5-4943-868B-9B1D4DC5BCBF}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe | "{69CF4335-01A6-4CED-97E7-F5A2F4A035AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6A916F85-06B8-4F93-862B-CBADCBAC8B37}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{6BC4FC3B-0055-451D-B0F1-1CA4354C3430}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{6BD161BB-80B2-419A-84A0-C3DD6A2D53BA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{7540C063-5F62-4114-963B-03F2A6B3DCB6}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "{7B48A4C2-5C13-41CF-9322-08B5F2005FFA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{7D0F0EB6-7DE4-4730-8A84-14A0C5FB9B5A}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe | "{804FCF24-CAF3-4EEE-9855-DC1777C862BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{81050B87-9B31-4BBE-862A-A0A0EEE91FA1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{82D90AD8-4023-44BE-A944-68D354B1CF37}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{856CCCDB-3FFA-4BC1-BF20-2E4C24F60028}" = protocol=6 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe | "{886950DC-2A5F-465E-9FCA-C70D06C22D15}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{918512A2-A5F4-46CC-8F48-9FE8DAEAC9F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{972012F9-A2E9-4486-A0C6-CD8296E06ACF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{A3B4FACB-2D8B-4947-BB51-F25C51C631DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{A6B25DF3-55A1-4EDA-9A0F-18AA6D2B17AC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{AA197DE7-2835-45D7-9199-51F1638D6F6F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{ADB91B4E-26E2-4614-A154-E5391E0DE910}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{AF240F08-E43F-4284-9E1A-CDE86C3473A0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B08BF8EF-0172-405D-B245-493336237DF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B65E9A0B-01F4-4838-822C-32C66F19176E}" = protocol=17 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe | "{BDC8AED4-5753-4AF2-A3F1-A6C8EB066D35}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{C5A4A066-BCFA-4A67-AAFA-68CE3BE34B3B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{C9B3ADEC-EFED-462B-B888-1152FE7B5DF1}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe | "{CB0C6A3F-A2C3-4219-82AA-448C62008318}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{DA3FE40C-A3A2-4573-8984-B14BB46C3162}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{DB6C9C1C-1AA6-43EB-9EAE-BDA940C38114}" = protocol=17 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe | "{DBAFEFB0-F5C7-465D-BD9C-D72E7BEE9E38}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E2D3E600-3393-469C-BD1C-8523FB809ADF}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "{E40E3999-C599-42E6-817F-8FD13F0378A0}" = dir=out | app=%programfiles% (x86)\radmin viewer 3\radmin.exe | "{EA8AB3D3-CE48-4B25-AE67-461BC640B2CA}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{EB0F49C9-F2CE-4318-836B-C6031828F82B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F9F5A550-BB7D-4A49-8501-FA20EA7991F9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{FF1FDAEF-4032-4CAF-A83E-90BB02BC901D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{20E5E139-277F-4FE3-BD6A-9B8FAEF19923}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "TCP Query User{7AE8B3D8-FA66-43F9-A4C6-2DEF69EE1250}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "TCP Query User{C77753D0-38F6-4969-8210-F4461D9652B5}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{FFD469CF-B67B-4D9E-BEB4-3E4C06DB7E4F}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe | "UDP Query User{0D693FB2-E70D-4B2C-B438-406442314D17}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe | "UDP Query User{437E473F-B055-4E34-94AD-AFE7B32BF217}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{6611A0CD-E5E2-420C-9591-EC9600EA206F}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "UDP Query User{6EAB7657-AF00-4803-8661-D5AC9125F2C4}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 "{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap "{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English "{33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}" = ESET Smart Security "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{3DCF00F5-04A5-4543-A088-70548081120E}_is1" = Compiled Driver Disc (Full) 1.0 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK) "{48BB9EBA-C929-4D7E-AF43-21B4427373EB}" = AIWI JoyStick "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360 "{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish) "{5783F2D7-D001-0415-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack – Polski (Polish) "{5783F2D7-D001-0415-2102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{669A82E0-43E2-4645-8A2E-1A3DE78F8312}" = Adobe Photoshop Lightroom 4 64-bit "{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64 "{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 331.82 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 10.11.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19 "{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour "{C7966AB3-A8D9-48D5-B7DF-922674C40098}" = Device Simulation Framework 1.0.1 "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) "AutoCAD 2014 — Polski (Polish)" = Autodesk AutoCAD 2014 — Polski (Polish) "Autodesk ReCap" = Autodesk ReCap "AutoHotkey" = AutoHotkey 1.1.13.01 "BurnInTest_is1" = BurnInTest v7.1 Pro "CCleaner" = CCleaner "CCleaner_is1" = CCleaner wersja 4.14.4707 "CPUID HWMonitor_is1" = CPUID HWMonitor 1.24 "CyberGhost VPN_is1" = CyberGhost VPN Patch 4.7.19 "JottiQSetup_is1" = JottiQ v1.0.2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "TNod" = TNod User & Password Finder "Uninstall Tool_is1" = Uninstall Tool "WinRAR archiver" = WinRAR 4.11 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.5.0 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{199127DC-7BDB-41AB-825B-4229A86F8F0D}" = Radmin Viewer 3.5 "{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521 "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{266725C1-716F-43AC-BBFB-4201131ED656}" = EasySetPackage "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker "{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver "{2E6044C5-3495-485F-91BC-46D1B6430E51}" = Windows 7 Logon Background Changer "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic "{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{3F6C0B68-F8CC-4F6A-8346-44E247A92CB6}_is1" = Multi AV wersja 1.0.1 "{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT) "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C35E42C-98B4-4A82-87C7-8E73FBDDFBCC}" = AIMP2 MegaPack v6 by UppeD "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014 "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8303}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8304}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8305}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8306}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8307}" = Grand Theft Auto IV "{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}" = TS Notifier "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Oprogramowanie "{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service "{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014 "{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014 "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution "{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16 "{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7C4F2AE9-4D57-4A5D-B20A-B52DC24EC953}_is1" = Counter-Strike 1.6 v40 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit) "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}" = Machinery DEMO "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{8F196892-666A-4A40-8587-6AE38F78A5C2}" = FARO LS 1.1.501.0 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}" = Microsoft Keyboard Layout Creator 1.4 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A781940-AC41-4D5E-8E1E-76A04B916FB9}" = Helium "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 "{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite "{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro "{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A864167F-970B-4673-8FD2-AA1FD7AF3C1C}" = DxO Optics Pro 7 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common "{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF549236-6258-4AC6-A043-5B5B89C6EB61}" = SpyHunter "{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro "{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}" = Speed-Link SL-6535 USB Pad "{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI "{B4008666-3C27-4B67-9D89-80B4E31FA685}" = Paraben's Device Seizure "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share "{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint "{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM "{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1" = MOBILedit! Enterprise ver. 7.5.0.4173 "{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}" = Disk Unlocker "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F40963EC-223E-4E65-8CF0-A60E9A227245}_is1" = Prawo Jazdy ABCDT - egzamin wewnętrzny "{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps "{FA1BD6B7-9740-4C9A-81EA-42D5196FA592}" = Angry Birds Space "{FC274982-5AAD-4C20-848D-A9D60D18D757}_is1" = ScanMyReg 2.02 "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Afterburner" = MSI Afterburner 2.3.1 "AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.30 "AIMP3" = AIMP3 "AQQ" = WapSter AQQ "Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15 "Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3 v.3.20 "Ashampoo Snap 4_is1" = Ashampoo Snap 4 v.4.3.0 "ASUS WebStorage" = ASUS WebStorage "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode) "Audacity_is1" = Audacity 2.0.4 "Autodesk Content Service" = Autodesk Content Service "Battlelog Web Plugins" = Battlelog Web Plugins "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DFX for AIMP2 1.2.5" = DFX for AIMP2 1.2.5 "easyHDR_BASIC_2" = easyHDR BASIC 2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "ExifCleaner" = ExifCleaner 1.7 "FormatFactory" = FormatFactory 3.0.1 "FotoSender_is1" = FotoSender 3.0 "Fraps" = Fraps (remove only) "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Google Chrome" = Google Chrome "HD Tune Pro_is1" = HD Tune Pro 3.00 "Image Grabber II" = Image Grabber II "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go "InstallShield_{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint "ipla" = ipla 2.7 "JDownloader" = JDownloader "jv16 PowerTools_is1" = jv16 PowerTools 1.3 "KLiteCodecPack_is1" = K-Lite Codec Pack 10.0.5 Full "Komputer Świat Plus_is1" = Komputer Świat Plus "LAME for Audacity_is1" = LAME v3.98.2 for Audacity "LAME_is1" = LAME v3.99.3 (for Windows) "LG PC Suite" = LG PC Suite "Lightning_is1" = Lightning "Liveupdate4_is1" = Liveupdate4 "Logitech Vid" = Logitech Vid HD "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.2.1012 "Mozilla Firefox 24.0 (x86 pl)" = Mozilla Firefox 24.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Nokia Suite" = Nokia Suite "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Nvu_is1" = Nvu 1.0 "OCCT" = OCCT 4.2.0 "Origin" = Origin "PC Alert 4" = PC Alert 4 "PowerISO" = PowerISO "Project 64_is1" = Project 64 version 2.1.0.1 "Protected Folder_is1" = Protected Folder "PunkBusterSvc" = PunkBuster Services "Silver Efex Pro 2" = Silver Efex Pro 2 "SM7192" = USB Cobra Joystick V4 "SystemRequirementsLab" = System Requirements Lab "TeamViewer 8" = TeamViewer 8 "The KMPlayer" = The KMPlayer (remove only) "Undelete 360_is1" = Undelete 360 "Uninstall Tool_is1" = Uninstall Tool "Uplay" = Uplay "Uplay Install 273" = Assassin's Creed IV Black Flag "VCardExport_is1" = VCardExportTool "Visual Watermark_is1" = Visual Watermark 2.9.30 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite" = Podstawowe programy Windows Live "WinRAR archiver" = WinRAR archiver ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "Dexpot" = Dexpot "Flux" = f.lux "GG" = GG "KeyTurion" = KeyTurion version 2.8 "Polska lokalizacja Lightroom 4" = Polska lokalizacja Lightroom 4 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2014-08-21 11:31:12 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-08-21 11:31:12 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-08-21 11:31:25 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2013-08-21 12:10:29 | Computer Name = Dawid-Komputer | Source = SideBySide | ID = 16842832 Description = Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 2014-08-21 13:45:44 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-08-21 13:45:44 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-08-21 13:46:11 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-08-21 15:24:15 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-08-21 15:24:15 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-08-21 15:24:33 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 2012-01-10 12:31:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:31:51 - Błąd podczas nawiązywania połączenia z Internetem. 17:31:51 - Nie można skontaktować się z serwerem.. Error - 2012-01-10 12:31:59 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:31:56 - Błąd podczas nawiązywania połączenia z Internetem. 17:31:56 - Nie można skontaktować się z serwerem.. Error - 2012-01-11 13:15:09 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 18:15:09 - Błąd podczas nawiązywania połączenia z Internetem. 18:15:09 - Nie można skontaktować się z serwerem.. Error - 2012-01-11 13:15:17 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 18:15:14 - Błąd podczas nawiązywania połączenia z Internetem. 18:15:14 - Nie można skontaktować się z serwerem.. Error - 2012-01-12 12:01:15 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:01:15 - Błąd podczas nawiązywania połączenia z Internetem. 17:01:15 - Nie można skontaktować się z serwerem.. Error - 2012-01-12 12:01:24 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:01:20 - Błąd podczas nawiązywania połączenia z Internetem. 17:01:20 - Nie można skontaktować się z serwerem.. Error - 2012-01-13 11:45:32 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 16:45:32 - Błąd podczas nawiązywania połączenia z Internetem. 16:45:32 - Nie można skontaktować się z serwerem.. Error - 2012-01-13 11:45:42 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 16:45:37 - Błąd podczas nawiązywania połączenia z Internetem. 16:45:37 - Nie można skontaktować się z serwerem.. Error - 2012-01-14 10:05:39 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 15:05:39 - Błąd podczas nawiązywania połączenia z Internetem. 15:05:39 - Nie można skontaktować się z serwerem.. Error - 2012-01-14 10:05:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 15:05:47 - Błąd podczas nawiązywania połączenia z Internetem. 15:05:47 - Nie można skontaktować się z serwerem.. [ OSession Events ] Error - 2014-01-06 11:09:30 | Computer Name = Dawid-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 2014-08-21 11:40:26 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2014-08-21 11:51:50 | Computer Name = Dawid-Komputer | Source = nvlddmkm | ID = 11141134 Description = Error - 2014-08-21 13:44:34 | Computer Name = Dawid-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 18:17:08 na ?2014-?08-?21 było nieoczekiwane. Error - 2014-08-21 13:44:30 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error - 2014-08-21 13:45:38 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: BTHidMgr Error - 2014-08-21 13:54:28 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2014-08-21 14:57:16 | Computer Name = Dawid-Komputer | Source = nvlddmkm | ID = 11141134 Description = Error - 2014-08-21 15:23:02 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error - 2014-08-21 15:24:09 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: BTHidMgr Error - 2014-08-21 15:26:56 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 < End of report > [/log] Gmer [log]GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2014-08-21 22:01:49 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB Running: gmer.exe; Driver: C:\Users\Dawid\AppData\Local\Temp\awddikob.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800037be000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...] INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff800037be02f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1824] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000075738791 4 bytes [C2, 04, 00, 00] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1824] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1824] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1664] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2104] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 .text C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000072081a22 2 bytes [08, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000072081ad0 2 bytes [08, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000072081b08 2 bytes [08, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000072081bba 2 bytes [08, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000072081bda 2 bytes [08, 72] .text C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Windows\SysWOW64\PnkBstrA.exe[2492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[3216] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[3216] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe[4404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe[4404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 .text C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe[4860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe[4860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 .text C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 .text C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 00000000734e11a8 2 bytes [4E, 73] .text C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 00000000734e13a8 2 bytes [4E, 73] .text C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 00000000734e1422 2 bytes [4E, 73] .text C:\Program Files (x86)\Skype\Phone\Skype.exe[4172] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 00000000734e1498 2 bytes [4E, 73] .text C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe[1668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 .text C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe[5616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075bd1465 2 bytes [BD, 75] .text C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe[5616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075bd14bb 2 bytes [BD, 75] .text ... * 2 ---- Threads - GMER 2.1 ---- Thread System [4:468] fffffa800bc25360 Thread C:\Windows\System32\svchost.exe [3144:3364] 000007fef49e9688 ---- Registry - GMER 2.1 ---- Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2}@jakcjdklmejkincploba 0x62 0x61 0x66 0x65 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{35052DFB-C19B-BF67-9A27-E559BEDD78D2}@jakcjdklmejkincplofa 0x62 0x61 0x66 0x65 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@jamhbmaoceodkhbochia 0x62 0x61 0x6A 0x69 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@iamgmcekjdkjbknegc 0x6B 0x61 0x62 0x6B ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@jamhbmaoceodkhbochmp 0x62 0x61 0x61 0x6B ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@haaifjjkgcfhlmai 0x70 0x61 0x70 0x68 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{88E2262B-E5FA-F247-7D1E-8D1FA96DB056}@japhoiniofgaomhkilij 0x64 0x62 0x61 0x6B ... Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Dawid\AppData\Local\Logitech\xae Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe 1 ---- EOF - GMER 2.1 ---- [/log] FRST [log]Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2014 Ran by Dawid (administrator) on DAWID-KOMPUTER on 21-08-2014 22:04:12 Running from C:\Users\Dawid\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Flux Software LLC) C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe (TODO: <Company name>) C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\ESP64Proxy.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Duplex Secure Ltd.) C:\Users\Dawid\Desktop\SPTDinst-v186-x64.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [TNOD UP] => C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe [1028800 2014-05-27] (Tukero[X]Team) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2918656 2011-01-12] (ESET) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation) HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-04-20] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-19] (Intel Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe [734544 2011-04-11] (ecareme) HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation) HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Run: [F.lux] => C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC) HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Run: [Facebook Update] => C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-03-15] (Facebook Inc.) HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Run: [GG] => C:\Users\Dawid\AppData\Local\GG\Application\gghub.exe [4023360 2014-07-13] (GG Network S.A.) HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.) HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Policies\Explorer: [DisableThumbnails] 0 HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\Policies\Explorer: [] HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\MountPoints2: {30c971b1-15dd-11e2-b2eb-f46d04619414} - K:\start.exe HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\MountPoints2: {366f53d7-d822-11e3-b078-f46d04619414} - L:\LG_PC_Programs.exe HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\...\MountPoints2: {706d8922-e23b-11e1-9d52-f46d04619414} - K:\LaunchU3.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EasySetPackage.lnk ShortcutTarget: EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe () ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\ASUSWSShellExt64.dll (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\ASUSWSShellExt64.dll (eCareme Technologies, Inc.) ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: GGDriveOverlay1 -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: GGDriveOverlay2 -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: GGDriveOverlay3 -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: GGDriveOverlay4 -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.) ShellIconOverlayIdentifiers: Outpost -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {01AA3507-BBE7-437F-B89A-A4E240EF067E} URL = http://www.idg.pl?q={searchTerms} SearchScopes: HKCU - {01AA3507-BBE7-437F-B89A-A4E240EF067E} URL = http://www.idg.pl?q={searchTerms} BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> No File BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.pl/ FF Keyword.URL: hxxp://isearch.avg.com/search?cid=%7B9b6f0ca3-7e12-4afe-b918-e1143ebfb52f%7D&mid=3c8acdbcac8547d095a0252442857de7-617abbcef06b250eea98b924de82af8847409f3a&ds=st011&v=11.1.0.7&lang=pl&pr=sa&d=2012-03-30%2017%3A42%3A10&sap=ku&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.116.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dawid\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: facebook.com/fbDesktopPlugin -> C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF Extension: FullScreen+ - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\FullScreen@muha.com [2014-02-20] FF Extension: Better Battlelog (BBLog) - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack [2014-07-19] FF Extension: No Name - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\staged [2013-10-18] FF Extension: AddThis - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2013-01-07] FF Extension: DownloadHelper - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-09] FF Extension: SeenBlock - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\jid0-8C9kZOXgcsBN95BaPPbaKdSHEpU@jetpack.xpi [2014-01-16] FF Extension: SoundCloud Sounds in Google Mail™ - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\jid1-GBYr3F9iI4n8IA@jetpack.xpi [2013-05-03] FF Extension: Screen Surfer - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\screensurfer@pjs.nl.xpi [2013-01-30] FF Extension: SkipScreen - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\SkipScreen@SkipScreen.xpi [2013-01-30] FF Extension: Google Translator for Firefox - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\translator@zoli.bod.xpi [2013-02-03] FF Extension: UploadScreenshot.com Capture - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\uss-button@uploadscreenshot.com.xpi [2013-01-30] FF Extension: 1-Click YouTube Video Downloader - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013-10-29] FF Extension: Abduction! - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi [2013-01-30] FF Extension: Easy YouTube Video Downloader - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012-06-12] FF Extension: SoundCloud Downloader - Technowise - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2013-03-02] FF Extension: Adblock Plus - C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\ihgv3ubd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-24] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-08-04] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} [2014-08-04] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-12-10] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird Chrome: ======= CHR StartupUrls: "hxxp://google.pl/" CHR Extension: (Dokumenty Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-21] CHR Extension: (Dysk Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-21] CHR Extension: (YouTube) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-21] CHR Extension: (Szukaj w Google) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-21] CHR Extension: (Google Wallet) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21] CHR Extension: (Gmail) - C:\Users\Dawid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-21] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] () R2 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [258688 2010-12-02] (ASUSTeK Computer Inc.) R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] () S3 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed] S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH) S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [42360 2011-01-12] (ESET) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [810144 2011-01-12] (ESET) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-08-16] (Hewlett-Packard Company) [File not signed] R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-02-21] (Nalpeiron Ltd.) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-10-13] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-29] () S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.) S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.) R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc) S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24032 2013-10-08] (IVT Corporation.) S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.) S3 CisUtMonitor; C:\Windows\System32\DRIVERS\CisUtMonitor.sys [33360 2011-10-30] (CrystalIdea Software) R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows (R) Win 7 DDK provider) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-01-15] (DT Soft Ltd) R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [170640 2010-12-21] (ESET) R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [34144 2010-12-21] (ESET) R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2010-12-21] (ESET) S3 FLASHSYS; C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [15192 2008-02-15] () S3 GWHid; C:\Windows\System32\DRIVERS\GWHid.sys [22576 2008-11-04] (Microsoft Corporation) S3 GWHid; C:\Windows\SysWOW64\DRIVERS\GWHid.sys [18992 2008-11-04] (Microsoft Corporation) S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.) S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.) S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.) S3 LGDDCDevice; C:\Windows\SysWOW64\LGI2CDriver.sys [16384 2009-12-22] (LG Soft India) [File not signed] S3 LGII2CDevice; C:\Windows\SysWOW64\LGPII2CDriver.sys [19456 2009-12-22] (LG Soft India) [File not signed] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-21] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation) R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2013-07-16] (Sony Ericsson Mobile Communications) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) U0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-21] (Duplex Secure Ltd.) S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB) R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [43136 2010-09-21] (ASUSTeK Computer Inc.) S3 VL807; C:\Windows\System32\DRIVERS\VL807.sys [31848 2008-03-30] () [File not signed] S3 VL807; C:\Windows\SysWOW64\DRIVERS\VL807.sys [25064 2008-03-30] () [File not signed] U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X] S3 BT; system32\DRIVERS\btnetdrv.sys [X] S3 BTCOM; system32\DRIVERS\btcomport.sys [X] S3 BTCOMBUS; System32\Drivers\btcombus.sys [X] S3 Btcsrusb; System32\Drivers\btcusb.sys [X] S0 BTHidEnum; System32\Drivers\vbtenum.sys [X] S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X] S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X] U3 DfSdkS; S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 gfiark; system32\drivers\gfiark.sys [X] S3 HRMACPI; SYSTEM32\DRIVERS\HRMACPI.SYS [X] S3 IvtComBusSrv; System32\Drivers\btcombus.sys [X] S3 MSICDSetup; \??\F:\CDriver64.sys [X] S2 sbapifs; system32\DRIVERS\sbapifs.sys [X] S3 SOFTUSBTESTHUB; SYSTEM32\DRIVERS\SOFTUSBTESTHUB.SYS [X] S3 SOFTWADP; SYSTEM32\DRIVERS\SOFTWADP.SYS [X] S3 VComm; system32\DRIVERS\VComm.sys [X] S3 VcommMgr; System32\Drivers\VcommMgr.sys [X] S3 WSOFTUSBK; SYSTEM32\DRIVERS\WSOFTUSBK.SYS [X] U3 awddikob; \??\C:\Users\Dawid\AppData\Local\Temp\awddikob.sys [X] ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\System32\Drivers\lgandnetadb.sys 8769A70C4E7648D1885BECF0119AEA1C C:\Windows\System32\DRIVERS\lgandnetdiag64.sys B46840E5BDAEE0C749A3E5778F65EBE4 C:\Windows\System32\DRIVERS\lgandnetmodem64.sys 130701C53E4DF44B54FED8C3892150F5 C:\Windows\System32\DRIVERS\lgandnetndis64.sys E3EC070581BBE36BA9F48BBB04E74FAC C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\drivers\arc.sys ==> MD5 is legit C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys 2921131F9A111FD6C6D2C5E1E5B6B75C C:\Windows\SysWow64\drivers\AsIO.sys FEF9DD9EA587F8886ADE43C1BEFBDAFE C:\Windows\System32\DRIVERS\asmthub3.sys 954950D11ADA98AC1B7EE3C770E4622C C:\Windows\System32\DRIVERS\asmtxhci.sys 01DBB05DB1DB95803E3C9F2B49AFE79C C:\Windows\SysWow64\drivers\AsUpIO.sys 1392B92179B07B672720763D9B1028A5 C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\BthAvrcp.sys 832B121E4532919CC49F2438F1DCAA21 C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315 C:\Windows\System32\Drivers\BtHidBus.sys D386D98652F5951E83C055102932EA98 C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4 C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37 C:\Windows\System32\Drivers\btnetBus.sys 9CBE73FA49C2C9ACFF162D40ABD9E54F C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CisUtMonitor.sys 887A9970E711232E2C93F0FD343A1C9D C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706 C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit C:\Windows\System32\drivers\csc.sys ==> MD5 is legit C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\drivers\dfx11_1x64.sys 51D50A9A72C18E4629891BF381D123BA C:\Windows\System32\DRIVERS\ssudbus.sys 955FFE2B1D74A9E0E3E0E558E6A17F3B C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\drivers\disk.sys ==> MD5 is legit C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415 C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\dsfksvcs.sys 4C639A503201E3F9FB001B840B934A3F C:\Windows\System32\DRIVERS\dsfroot.sys 13699BA0680D8EEEF67945F5A405610C C:\Windows\System32\DRIVERS\dtsoftbus01.sys 400582B09E0BB557D0EC28A945150EEB C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868 C:\Windows\System32\DRIVERS\eamonm.sys ACA3FE4F18A945B7BF2618A79F6F670B C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ehdrv.sys 6672438BDCBFD87250D22112D458294D C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\epfw.sys 443805B5B11C859AC8CA35297648FF0C C:\Windows\System32\DRIVERS\Epfwndis.sys 66E61BC6C9F519A99275EB0F0E530BF4 C:\Windows\System32\DRIVERS\epfwwfp.sys F72C97F3D34EA5EC919C73E3901266BB C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys 5B314CC7640D091DE8F3BC822490DA28 C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\GWHid.sys 5C2CD67845D77E3BC968EF84E1090754 C:\Windows\SysWOW64\DRIVERS\GWHid.sys 090301084BDA33DA327C6FAAE2BB12B9 C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\HRMCFGSPC.SYS 1696A06C0EF55DFCD540B32556D3819A C:\Windows\System32\DRIVERS\HRMINTS.SYS F58F8F2A11CE4A695C9333C416D0321F C:\Windows\System32\DRIVERS\HRMPORTS.SYS 6BC42DC759D42A4EDCA7452B4D08D870 C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\iaStor.sys D1E30259353E7D8D1B713A76CDDEB88B C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\System32\DRIVERS\ICCWDT.sys C1010ADD3DDAE1196ED21057AF7B2AAE C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit C:\Windows\System32\drivers\RTKVHD64.sys 589B94A9B73A0E819FF873743A480834 C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6 C:\Windows\System32\Drivers\IvtBtBus.sys 689B5432F82705BDE9652A4BB1A5AF7D C:\Windows\System32\Drivers\IvtBtBus.sys 689B5432F82705BDE9652A4BB1A5AF7D C:\Windows\System32\Drivers\btnetBus.sys 9CBE73FA49C2C9ACFF162D40ABD9E54F C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\SysWOW64\LGI2CDriver.sys ED2536079D6A7E9DB6864CF1029B6D39 C:\Windows\SysWOW64\LGPII2CDriver.sys 02D2A421D7D49E07617CA4A090592616 C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lvrs64.sys 0C85B2B6FB74B36A251792D45E0EF860 C:\Windows\System32\DRIVERS\lvuvc64.sys FF3A488924B0032B1A9CA6948C1FA9E8 C:\Windows\system32\drivers\mbam.sys F92B0E478C0FAA6D6661E6E977247E60 C:\Windows\system32\drivers\MBAMSwissArmy.sys 8A50D5304E6AE48664CF5838EC32F647 C:\Windows\system32\drivers\mwac.sys 15E8ABC06843672955CE26A009533BAD C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567 C:\Windows\System32\Drivers\MHIKEY10x64.sys BA7E071E855D4C502916164A31B05D4D C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404 C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit C:\Windows\System32\drivers\ccdcmbx64.sys 5FE6F8C05F0769BBB74AFAC11453B182 C:\Windows\System32\drivers\ccdcmbox64.sys 73C929945C0850B8D1FE2FEA05FDF05D C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\drivers\nvhda64v.sys 554964B900AE2954B8B589B6287034AC C:\Windows\System32\DRIVERS\nvlddmkm.sys F554291C0A11F5B713B54C5886D4AA31 C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Windows\System32\drivers\nvvad64v.sys 09216A70CC364D0974F606F6F2109210 C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\system32\drivers\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\DRIVERS\pccsmcfdx64.sys 3FDE033DFB0D07F8B7D5C9A3044AA121 C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\drivers\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34 C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932 C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1 C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0 C:\Windows\System32\DRIVERS\RtNdPt60.sys E16B7C030A05EF649B18FAB0A93D871F C:\Windows\System32\DRIVERS\RtTeam60.sys 1DE78F5008120CD79B34C12394DCD493 C:\Windows\System32\DRIVERS\RtVlan60.sys B1018AA1B5735F5FA89FD4DADF4BEA7A C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\Drivers\SCDEmu.sys C81EB41E9FFC35560E5025891DC01A6E C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\seehcri.sys EDE7A1D2715AAC2190D51DC07AFD44E3 C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\softehci.sys 5DA8039E58B3A557C6A744E476CDEB7F C:\Windows\System32\DRIVERS\SOFTHIDUSBK.SYS 26D2B0FF718219809C0BC3A8B061C6EC C:\Windows\System32\DRIVERS\SOFTUSBK.SYS E1702BBE8D31B6EDD5C6881C80F123A8 C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\Drivers\sptd.sys 74D30C2EF66C2EB19F17ED5423AA8038 C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\System32\DRIVERS\ssudmdm.sys BB94A5E2CEE5FD83BA5A72A37AECADDF C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tap0901.sys F9BE29D5E097F03F81D3CD12B794CB66 C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\shbecr.sys 03E62CD83A62859F4F796434EE6C385E C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RtTeam60.sys 1DE78F5008120CD79B34C12394DCD493 C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09 C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426 C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07 C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys 34AFB83C7BBA370E404E52CC2290350C C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2 C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31 C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965 C:\Windows\System32\DRIVERS\usbehci_dsf.sys DC2B97B8865042FC17C82381AC426D1C C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24 C:\Windows\System32\drivers\usbser.sys B57B4F0BEC4270A281B9F8537EB2FA04 C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys AA75E1EFBEE7186B4CBAAACF1F15E6CA C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3 C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7 C:\Windows\System32\DRIVERS\VDiskBus64.sys 1D3D716E05CAA17122DE65D0DBA4F6D7 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\VL807.sys F6627D3BDD1E4747EBB0B5E9F2FCB706 C:\Windows\SysWOW64\DRIVERS\VL807.sys 0222F745A991F5D15EEC2726D58CA14D C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\drivers\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-21 22:04 - 2014-08-21 22:04 - 00049115 _____ () C:\Users\Dawid\Desktop\FRST.txt 2014-08-21 22:03 - 2014-08-21 22:04 - 00000000 ____D () C:\FRST 2014-08-21 22:02 - 2014-08-21 22:03 - 02101760 _____ (Farbar) C:\Users\Dawid\Desktop\FRST64.exe 2014-08-21 22:01 - 2014-08-21 22:01 - 00013495 _____ () C:\Users\Dawid\Desktop\gmer log 2.log 2014-08-21 21:54 - 2014-08-21 21:54 - 00623224 _____ (Duplex Secure Ltd.) C:\Users\Dawid\Desktop\SPTDinst-v186-x64.exe 2014-08-21 21:54 - 2014-08-21 21:54 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2014-08-13 17:11 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-13 17:11 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-13 17:11 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-13 17:11 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-13 17:10 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-13 17:10 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-13 17:10 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-13 17:10 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-13 17:09 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-13 17:09 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-13 17:09 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-13 17:09 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-13 17:09 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-13 17:09 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-13 17:09 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-13 17:09 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-13 17:09 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-13 17:09 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-13 17:09 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-13 17:08 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-13 17:08 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-13 17:08 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-13 17:08 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-13 17:08 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-13 17:08 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-13 17:08 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-13 17:08 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-13 17:08 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-13 17:08 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-13 17:08 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-13 17:08 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-13 17:08 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-13 17:08 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-13 17:08 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-13 17:08 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-13 17:08 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-13 17:08 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-13 17:08 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-13 17:08 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-13 17:08 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-13 17:08 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-13 17:08 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-13 17:08 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-13 17:08 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-13 17:08 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-13 17:08 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-13 17:08 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-13 17:08 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-13 17:08 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-13 17:08 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-13 17:08 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-13 17:08 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-13 17:08 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-13 17:08 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-13 17:08 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-13 17:08 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-13 17:08 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-13 17:08 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-13 17:08 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-13 17:08 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-13 17:08 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-13 17:08 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-13 17:08 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-13 17:08 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-13 17:08 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-13 17:08 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-13 17:08 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-13 17:08 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-13 17:08 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-13 17:08 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-13 17:08 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-13 17:08 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-13 17:08 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-13 17:08 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-13 17:08 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-13 17:08 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-13 17:08 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-13 17:08 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-13 17:08 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-13 17:08 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-13 17:08 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-13 17:08 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-13 17:08 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-13 17:08 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-13 17:08 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-13 17:08 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-13 17:08 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-13 17:08 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-13 17:08 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-13 17:08 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-13 17:08 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-13 17:08 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-13 17:08 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-13 17:07 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-13 17:07 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-04 22:38 - 2014-08-04 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-08-03 19:40 - 2014-08-03 19:40 - 00000000 ____D () C:\Users\Public\Documents\EA Games 2014-08-03 17:40 - 2014-08-03 17:40 - 00928346 _____ () C:\Users\Dawid\Desktop\billing.txt 2014-08-03 17:27 - 2014-08-03 19:35 - 00000000 ____D () C:\Users\Dawid\Desktop\Morze 2014 2014-07-28 13:21 - 2014-07-28 13:21 - 00016694 _____ () C:\Users\Dawid\Desktop\imgres.htm 2014-07-24 10:39 - 2014-08-21 21:31 - 00000071 _____ () C:\Users\Dawid\Desktop\NIEZNANE.txt ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-21 22:04 - 2014-08-21 22:04 - 00049115 _____ () C:\Users\Dawid\Desktop\FRST.txt 2014-08-21 22:04 - 2014-08-21 22:03 - 00000000 ____D () C:\FRST 2014-08-21 22:03 - 2014-08-21 22:02 - 02101760 _____ (Farbar) C:\Users\Dawid\Desktop\FRST64.exe 2014-08-21 22:01 - 2014-08-21 22:01 - 00013495 _____ () C:\Users\Dawid\Desktop\gmer log 2.log 2014-08-21 22:01 - 2012-06-17 15:40 - 00000000 ____D () C:\Users\Dawid\AppData\Roaming\Skype 2014-08-21 22:00 - 2012-04-01 18:42 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-21 21:54 - 2014-08-21 21:54 - 00623224 _____ (Duplex Secure Ltd.) C:\Users\Dawid\Desktop\SPTDinst-v186-x64.exe 2014-08-21 21:54 - 2014-08-21 21:54 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2014-08-21 21:47 - 2011-11-29 16:47 - 01733484 _____ () C:\Windows\WindowsUpdate.log 2014-08-21 21:37 - 2012-07-06 17:17 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-21 21:32 - 2009-07-14 06:45 - 00032096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-21 21:32 - 2009-07-14 06:45 - 00032096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-21 21:31 - 2014-07-24 10:39 - 00000071 _____ () C:\Users\Dawid\Desktop\NIEZNANE.txt 2014-08-21 21:30 - 2012-04-11 22:02 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job 2014-08-21 21:27 - 2012-07-29 10:46 - 00000000 ____D () C:\Users\Dawid\AppData\Roaming\GG 2014-08-21 21:26 - 2014-05-20 14:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-21 21:26 - 2013-10-20 12:41 - 00000494 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job 2014-08-21 21:26 - 2012-07-06 17:17 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-21 21:25 - 2009-07-14 06:45 - 05148816 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-21 21:23 - 2013-10-20 13:05 - 00003941 _____ () C:\Windows\setupact.log 2014-08-21 21:23 - 2013-01-26 11:36 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-08-21 21:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-21 21:22 - 2012-04-06 13:04 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs 2014-08-21 18:16 - 2011-11-29 17:50 - 00000000 ____D () C:\ProgramData\Temp 2014-08-21 10:25 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-08-20 19:27 - 2013-12-12 18:04 - 00000000 ____D () C:\ProgramData\ProductData 2014-08-20 13:45 - 2012-05-16 20:29 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{17034A08-9999-4798-B2F8-CCEC11624C3F} 2014-08-20 10:52 - 2014-06-04 09:36 - 00000000 ____D () C:\Users\Dawid\Desktop\fociaki 2014-08-17 14:25 - 2011-12-03 17:02 - 00000000 ____D () C:\ProgramData\Origin 2014-08-17 12:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-17 12:30 - 2012-04-11 22:02 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job 2014-08-17 11:04 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-08-17 10:30 - 2012-06-11 12:37 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-08-17 09:17 - 2012-04-01 18:42 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-17 09:17 - 2012-04-01 18:42 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-17 09:17 - 2012-02-21 18:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-16 14:46 - 2013-10-20 13:05 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-16 14:46 - 2011-12-29 18:17 - 00002562 _____ () C:\Windows\diagwrn.xml 2014-08-16 14:46 - 2011-12-29 18:17 - 00001908 _____ () C:\Windows\diagerr.xml 2014-08-16 11:59 - 2011-04-12 15:21 - 01430882 _____ () C:\Windows\system32\perfh015.dat 2014-08-16 11:59 - 2011-04-12 15:21 - 00544654 _____ () C:\Windows\system32\perfc015.dat 2014-08-16 11:59 - 2009-07-14 07:13 - 03722082 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-14 15:06 - 2012-02-22 14:40 - 00000000 ____D () C:\Users\Dawid\AppData\Roaming\AIMP3 2014-08-13 17:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-13 17:25 - 2011-11-29 19:57 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-13 17:21 - 2013-07-11 15:26 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-13 17:15 - 2011-11-30 21:35 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-13 17:09 - 2014-04-28 20:03 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-11 12:50 - 2011-11-29 19:22 - 00000000 ____D () C:\Users\Dawid\AppData\Local\CrashDumps 2014-08-10 11:26 - 2013-06-30 00:33 - 00727873 _____ () C:\Windows\system32\webservice4.log 2014-08-07 04:06 - 2014-08-13 17:07 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-13 17:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-05 12:37 - 2012-06-10 21:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-08-04 22:38 - 2014-08-04 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-08-03 19:40 - 2014-08-03 19:40 - 00000000 ____D () C:\Users\Public\Documents\EA Games 2014-08-03 19:40 - 2012-03-18 18:02 - 00000000 ____D () C:\Users\Dawid\Documents\EA Games 2014-08-03 19:35 - 2014-08-03 17:27 - 00000000 ____D () C:\Users\Dawid\Desktop\Morze 2014 2014-08-03 17:40 - 2014-08-03 17:40 - 00928346 _____ () C:\Users\Dawid\Desktop\billing.txt 2014-08-01 01:41 - 2014-08-13 17:08 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-01 01:16 - 2014-08-13 17:08 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-28 13:21 - 2014-07-28 13:21 - 00016694 _____ () C:\Users\Dawid\Desktop\imgres.htm 2014-07-25 16:52 - 2014-08-13 17:08 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-25 16:02 - 2014-08-13 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-25 16:01 - 2014-08-13 17:08 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-25 15:51 - 2014-08-13 17:09 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-25 15:30 - 2014-08-13 17:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-25 15:28 - 2014-08-13 17:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-25 15:28 - 2014-08-13 17:08 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-25 15:25 - 2014-08-13 17:08 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-25 15:25 - 2014-08-13 17:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-25 15:11 - 2014-08-13 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-25 15:10 - 2014-08-13 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-25 15:04 - 2014-08-13 17:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-25 15:03 - 2014-08-13 17:08 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-25 15:00 - 2014-08-13 17:08 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-25 15:00 - 2014-08-13 17:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-25 14:59 - 2014-08-13 17:08 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-25 14:47 - 2014-08-13 17:08 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-25 14:40 - 2014-08-13 17:08 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-25 14:34 - 2014-08-13 17:08 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-25 14:34 - 2014-08-13 17:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-25 14:33 - 2014-08-13 17:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-25 14:30 - 2014-08-13 17:08 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-25 14:28 - 2014-08-13 17:09 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-25 14:28 - 2014-08-13 17:08 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-25 14:21 - 2014-08-13 17:08 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-25 14:19 - 2014-08-13 17:08 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-25 14:18 - 2014-08-13 17:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-25 14:17 - 2014-08-13 17:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-25 14:17 - 2014-08-13 17:08 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-25 14:12 - 2014-08-13 17:08 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-25 14:10 - 2014-08-13 17:08 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-25 14:10 - 2014-08-13 17:08 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-25 14:08 - 2014-08-13 17:09 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-25 14:06 - 2014-08-13 17:08 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-25 13:52 - 2014-08-13 17:09 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-25 13:47 - 2014-08-13 17:08 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-25 13:43 - 2014-08-13 17:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-25 13:42 - 2014-08-13 17:08 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-25 13:39 - 2014-08-13 17:08 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-25 13:39 - 2014-08-13 17:08 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-25 13:36 - 2014-08-13 17:08 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-25 13:34 - 2014-08-13 17:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-25 13:29 - 2014-08-13 17:08 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-25 13:23 - 2014-08-13 17:08 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-25 13:13 - 2014-08-13 17:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-25 13:07 - 2014-08-13 17:08 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-25 13:07 - 2014-08-13 17:08 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-25 13:03 - 2014-08-13 17:08 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-25 12:52 - 2014-08-13 17:08 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-25 12:26 - 2014-08-13 17:08 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-25 12:17 - 2014-08-13 17:08 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-25 12:09 - 2014-08-13 17:08 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-25 12:05 - 2014-08-13 17:08 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-25 12:00 - 2014-08-13 17:09 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-24 16:53 - 2012-03-19 18:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-24 16:52 - 2012-03-19 18:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-24 12:20 - 2012-03-19 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-24 11:27 - 2011-12-03 19:14 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-07-24 11:27 - 2011-12-03 18:12 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-07-24 11:27 - 2011-12-03 18:12 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 ZeroAccess: C:\Users\Dawid\AppData\Local\Temp C:\Users\Dawid\AppData\Local\Temp\adminlevel.ini C:\Users\Dawid\AppData\Local\Temp\au-descriptor-1.7.0_67-b01.xml C:\Users\Dawid\AppData\Local\Temp\cc3data_init.xml C:\Users\Dawid\AppData\Local\Temp\chrome_installer.log C:\Users\Dawid\AppData\Local\Temp\Cleaning.ico C:\Users\Dawid\AppData\Local\Temp\CLW9F16.tmp C:\Users\Dawid\AppData\Local\Temp\Donate.ico C:\Users\Dawid\AppData\Local\Temp\drm_dyndata_7400009.dll C:\Users\Dawid\AppData\Local\Temp\EsgScanner.inf C:\Users\Dawid\AppData\Local\Temp\ESGScanner.sys C:\Users\Dawid\AppData\Local\Temp\esnA00.tmp C:\Users\Dawid\AppData\Local\Temp\etilqs_4nY5ikseuJeeqmB C:\Users\Dawid\AppData\Local\Temp\etilqs_7DgC4k2ZRdvDBcr C:\Users\Dawid\AppData\Local\Temp\etilqs_9gWDeL3l62hjlux C:\Users\Dawid\AppData\Local\Temp\etilqs_A1TnDIeHLQgci5P C:\Users\Dawid\AppData\Local\Temp\etilqs_a3e46vfeaYp31vd C:\Users\Dawid\AppData\Local\Temp\etilqs_b2yCba1Rf9z2yxS C:\Users\Dawid\AppData\Local\Temp\etilqs_d1x3hA3NI44cQry C:\Users\Dawid\AppData\Local\Temp\etilqs_Fi6vpR6q9cTTuqg C:\Users\Dawid\AppData\Local\Temp\etilqs_G5slpSHaCm4fzE5 C:\Users\Dawid\AppData\Local\Temp\etilqs_IM0j05Li8n8P1LK C:\Users\Dawid\AppData\Local\Temp\etilqs_ldPCYdtnXqT3Wxs C:\Users\Dawid\AppData\Local\Temp\etilqs_mdar7DIwmHrkOKp C:\Users\Dawid\AppData\Local\Temp\etilqs_OdvnEAOjYhsuSIX C:\Users\Dawid\AppData\Local\Temp\etilqs_OVgDYJzqFwgjAqd C:\Users\Dawid\AppData\Local\Temp\etilqs_Pfvhkjkx7w4P0bP C:\Users\Dawid\AppData\Local\Temp\etilqs_qqMGrZnpnD9P6XL C:\Users\Dawid\AppData\Local\Temp\etilqs_SOpkfVPmAv71qhy C:\Users\Dawid\AppData\Local\Temp\etilqs_TefLjm0Pi1yPk0J C:\Users\Dawid\AppData\Local\Temp\etilqs_Tzeut0gmPV4KVzx C:\Users\Dawid\AppData\Local\Temp\etilqs_xS8aORhs7UBghqf C:\Users\Dawid\AppData\Local\Temp\etilqs_y8zrmlfTrTf1y7n C:\Users\Dawid\AppData\Local\Temp\etilqs_ZIoQRHJoBzhhuKc C:\Users\Dawid\AppData\Local\Temp\etilqs_zTFqdRd0tThfNEE C:\Users\Dawid\AppData\Local\Temp\eulNlY188.tmp C:\Users\Dawid\AppData\Local\Temp\FXSAPIDebugLogFile.txt C:\Users\Dawid\AppData\Local\Temp\ggdrive-menu.exe C:\Users\Dawid\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\Dawid\AppData\Local\Temp\installstats.exe C:\Users\Dawid\AppData\Local\Temp\JavaDeployReg.log C:\Users\Dawid\AppData\Local\Temp\jusched.log C:\Users\Dawid\AppData\Local\Temp\KMP_3.9.0.124.exe C:\Users\Dawid\AppData\Local\Temp\LGAutoRun_C.Log C:\Users\Dawid\AppData\Local\Temp\LGAutoRun_L.Log C:\Users\Dawid\AppData\Local\Temp\manaem188.tmp C:\Users\Dawid\AppData\Local\Temp\MSI19dd5.LOG C:\Users\Dawid\AppData\Local\Temp\MSI1eaeb.LOG C:\Users\Dawid\AppData\Local\Temp\others C:\Users\Dawid\AppData\Local\Temp\Quarantine.exe C:\Users\Dawid\AppData\Local\Temp\reboot.exe C:\Users\Dawid\AppData\Local\Temp\Report.ico C:\Users\Dawid\AppData\Local\Temp\Scan.ico C:\Users\Dawid\AppData\Local\Temp\SHSetup.exe C:\Users\Dawid\AppData\Local\Temp\TWAIN.LOG C:\Users\Dawid\AppData\Local\Temp\Twain001.Mtx C:\Users\Dawid\AppData\Local\Temp\Twunk001.MTX C:\Users\Dawid\AppData\Local\Temp\Twunk002.MTX C:\Users\Dawid\AppData\Local\Temp\Uninstall.ico C:\Users\Dawid\AppData\Local\Temp\vsimage.bmp C:\Users\Dawid\AppData\Local\Temp\WC9EF6.tmp C:\Users\Dawid\AppData\Local\Temp\WER4C83.tmp.resp.erc.xml C:\Users\Dawid\AppData\Local\Temp\WER7C60.tmp.WERInternalMetadata.xml C:\Users\Dawid\AppData\Local\Temp\wmplog00.sqm C:\Users\Dawid\AppData\Local\Temp\wmplog01.sqm C:\Users\Dawid\AppData\Local\Temp\wmsetup.log C:\Users\Dawid\AppData\Local\Temp\~DF0078A8FB9D8693C7.TMP C:\Users\Dawid\AppData\Local\Temp\~DF01BF70128AFDCF5F.TMP C:\Users\Dawid\AppData\Local\Temp\~DF02B06A3B4B6F29C0.TMP C:\Users\Dawid\AppData\Local\Temp\~DF049979314B5331C8.TMP C:\Users\Dawid\AppData\Local\Temp\~DF0508EEEFD550E6C7.TMP C:\Users\Dawid\AppData\Local\Temp\~DF05C59B3198AE8BE2.TMP C:\Users\Dawid\AppData\Local\Temp\~DF068D5EEC0139E271.TMP C:\Users\Dawid\AppData\Local\Temp\~DF06D52939439BC54D.TMP C:\Users\Dawid\AppData\Local\Temp\~DF0730E12EF6AC7E70.TMP C:\Users\Dawid\AppData\Local\Temp\~DF08D89C11C18B2E89.TMP C:\Users\Dawid\AppData\Local\Temp\~DF0EE0A0DD3CBE32FB.TMP C:\Users\Dawid\AppData\Local\Temp\~DF10891EBE2A77DE03.TMP C:\Users\Dawid\AppData\Local\Temp\~DF128D0D6F115AEC22.TMP C:\Users\Dawid\AppData\Local\Temp\~DF161FF93094954CFD.TMP C:\Users\Dawid\AppData\Local\Temp\~DF179408EBD7CC9429.TMP C:\Users\Dawid\AppData\Local\Temp\~DF18DA4B137A27C1D0.TMP C:\Users\Dawid\AppData\Local\Temp\~DF195C7FA7E51A7C48.TMP C:\Users\Dawid\AppData\Local\Temp\~DF1B43108942F5A674.TMP C:\Users\Dawid\AppData\Local\Temp\~DF20311FF9B8B16E7F.TMP C:\Users\Dawid\AppData\Local\Temp\~DF2653E13B42978DD2.TMP C:\Users\Dawid\AppData\Local\Temp\~DF27846BD59DF77D56.TMP C:\Users\Dawid\AppData\Local\Temp\~DF2A043EC47F9870C3.TMP C:\Users\Dawid\AppData\Local\Temp\~DF2E4E5BF49C6C5AF6.TMP C:\Users\Dawid\AppData\Local\Temp\~DF32B5C91EF2F54BD5.TMP C:\Users\Dawid\AppData\Local\Temp\~DF32F01E8503ACCD79.TMP C:\Users\Dawid\AppData\Local\Temp\~DF3681A451A656A32E.TMP C:\Users\Dawid\AppData\Local\Temp\~DF36BB78C377E53B06.TMP C:\Users\Dawid\AppData\Local\Temp\~DF37041CD453D3F663.TMP C:\Users\Dawid\AppData\Local\Temp\~DF390302973A14A6E7.TMP C:\Users\Dawid\AppData\Local\Temp\~DF3B09773FC61A1A29.TMP C:\Users\Dawid\AppData\Local\Temp\~DF3BF7A0B8E208D807.TMP C:\Users\Dawid\AppData\Local\Temp\~DF3EA66D6FB7180EE4.TMP C:\Users\Dawid\AppData\Local\Temp\~DF3FDB5D3CE255E71C.TMP C:\Users\Dawid\AppData\Local\Temp\~DF431DF4EFF5F99472.TMP C:\Users\Dawid\AppData\Local\Temp\~DF469C492D8D678D17.TMP C:\Users\Dawid\AppData\Local\Temp\~DF485BB2CC9517A620.TMP C:\Users\Dawid\AppData\Local\Temp\~DF48773AA75C4C7CF6.TMP C:\Users\Dawid\AppData\Local\Temp\~DF4C88DF5D8B52A4FA.TMP C:\Users\Dawid\AppData\Local\Temp\~DF4CB932029A56F353.TMP C:\Users\Dawid\AppData\Local\Temp\~DF4D878B13BE8732AE.TMP C:\Users\Dawid\AppData\Local\Temp\~DF4DDFDAF7B2B6E31F.TMP C:\Users\Dawid\AppData\Local\Temp\~DF51E320347D7750B9.TMP C:\Users\Dawid\AppData\Local\Temp\~DF5447F750ED759338.TMP C:\Users\Dawid\AppData\Local\Temp\~DF5463E0D083A605F6.TMP C:\Users\Dawid\AppData\Local\Temp\~DF555D4B1C00DA4405.TMP C:\Users\Dawid\AppData\Local\Temp\~DF568071D2D1D8CD6B.TMP C:\Users\Dawid\AppData\Local\Temp\~DF5A76B38199CFEC2E.TMP C:\Users\Dawid\AppData\Local\Temp\~DF5B340934C8AFCF0C.TMP C:\Users\Dawid\AppData\Local\Temp\~DF5B5698C9CD6ECA08.TMP C:\Users\Dawid\AppData\Local\Temp\~DF5B762CFFC412EDB2.TMP C:\Users\Dawid\AppData\Local\Temp\~DF5C64DC10D5960219.TMP C:\Users\Dawid\AppData\Local\Temp\~DF5D6B473F38F9EC4B.TMP C:\Users\Dawid\AppData\Local\Temp\~DF5EB2947BBFF2110B.TMP C:\Users\Dawid\AppData\Local\Temp\~DF634E44B3F87CEC8C.TMP C:\Users\Dawid\AppData\Local\Temp\~DF64AFD953BBB1FB3D.TMP C:\Users\Dawid\AppData\Local\Temp\~DF6596D879F9B628B8.TMP C:\Users\Dawid\AppData\Local\Temp\~DF6687A04FCA8B0ED0.TMP C:\Users\Dawid\AppData\Local\Temp\~DF6A45B0A09957C95A.TMP C:\Users\Dawid\AppData\Local\Temp\~DF6D52BF908399027D.TMP C:\Users\Dawid\AppData\Local\Temp\~DF6D96AC6A1C2EFBF4.TMP C:\Users\Dawid\AppData\Local\Temp\~DF707770E9B6477C98.TMP C:\Users\Dawid\AppData\Local\Temp\~DF7226B11D5F37E0A1.TMP C:\Users\Dawid\AppData\Local\Temp\~DF735C51F1C8ED1AE8.TMP C:\Users\Dawid\AppData\Local\Temp\~DF7760246334550910.TMP C:\Users\Dawid\AppData\Local\Temp\~DF77E5F2D1D8334D07.TMP C:\Users\Dawid\AppData\Local\Temp\~DF790E990EBB66C13E.TMP C:\Users\Dawid\AppData\Local\Temp\~DF7AB87F50ECE87FA5.TMP C:\Users\Dawid\AppData\Local\Temp\~DF7ADEBB91D24775EE.TMP C:\Users\Dawid\AppData\Local\Temp\~DF7B49CA76C1F9174E.TMP C:\Users\Dawid\AppData\Local\Temp\~DF7BA00028A776EF1D.TMP C:\Users\Dawid\AppData\Local\Temp\~DF7C2C703ACB9443AF.TMP C:\Users\Dawid\AppData\Local\Temp\~DF7D41D193C9B0B006.TMP C:\Users\Dawid\AppData\Local\Temp\~DF7F8BF5E652D83D78.TMP C:\Users\Dawid\AppData\Local\Temp\~DF7FC3B4CCE8B56D00.TMP C:\Users\Dawid\AppData\Local\Temp\~DF80DC647900D49D0A.TMP C:\Users\Dawid\AppData\Local\Temp\~DF812B4EFEA874F631.TMP C:\Users\Dawid\AppData\Local\Temp\~DF8291233E9D4F346D.TMP C:\Users\Dawid\AppData\Local\Temp\~DF833FDC9957F1A168.TMP C:\Users\Dawid\AppData\Local\Temp\~DF8CAAB64ECADFBC56.TMP C:\Users\Dawid\AppData\Local\Temp\~DF8E0E219C82317F51.TMP C:\Users\Dawid\AppData\Local\Temp\~DF8EDC3ABFE727E497.TMP C:\Users\Dawid\AppData\Local\Temp\~DF92318B1751680747.TMP C:\Users\Dawid\AppData\Local\Temp\~DF9469D7102C35B9B6.TMP C:\Users\Dawid\AppData\Local\Temp\~DF951F921FBBB80370.TMP C:\Users\Dawid\AppData\Local\Temp\~DF952D2ED6EB0CA657.TMP C:\Users\Dawid\AppData\Local\Temp\~DF9949B5AC31E5DECD.TMP C:\Users\Dawid\AppData\Local\Temp\~DF9C858B8B9028CAA6.TMP C:\Users\Dawid\AppData\Local\Temp\~DF9E552759102EDEED.TMP C:\Users\Dawid\AppData\Local\Temp\~DFA06F4DBC3F6055E4.TMP C:\Users\Dawid\AppData\Local\Temp\~DFA276BED331BDFAEF.TMP C:\Users\Dawid\AppData\Local\Temp\~DFA93DD5D47995D142.TMP C:\Users\Dawid\AppData\Local\Temp\~DFAC3D7836BD1E350D.TMP C:\Users\Dawid\AppData\Local\Temp\~DFAD4AB7B80F0ACC02.TMP C:\Users\Dawid\AppData\Local\Temp\~DFB0C22590ABCE8C59.TMP C:\Users\Dawid\AppData\Local\Temp\~DFB1C793A5B7D0A98C.TMP C:\Users\Dawid\AppData\Local\Temp\~DFB233821B6D8759B1.TMP C:\Users\Dawid\AppData\Local\Temp\~DFB292C7F3504F2EA7.TMP C:\Users\Dawid\AppData\Local\Temp\~DFB29851DE14E258F5.TMP C:\Users\Dawid\AppData\Local\Temp\~DFB33870FFDB3F8D3C.TMP C:\Users\Dawid\AppData\Local\Temp\~DFB5BC022646F4CA65.TMP C:\Users\Dawid\AppData\Local\Temp\~DFBE6A8BF20B436CA5.TMP C:\Users\Dawid\AppData\Local\Temp\~DFBEEBF7C1EDA8E86E.TMP C:\Users\Dawid\AppData\Local\Temp\~DFC167F49937E004EF.TMP C:\Users\Dawid\AppData\Local\Temp\~DFC1F5D7D2EE0DA229.TMP C:\Users\Dawid\AppData\Local\Temp\~DFC3B1918ED56477ED.TMP C:\Users\Dawid\AppData\Local\Temp\~DFC3CC2B81427BC304.TMP C:\Users\Dawid\AppData\Local\Temp\~DFC75CC0A55D218F94.TMP C:\Users\Dawid\AppData\Local\Temp\~DFC8386FCE25D808E7.TMP C:\Users\Dawid\AppData\Local\Temp\~DFC85393B59C633AB0.TMP C:\Users\Dawid\AppData\Local\Temp\~DFC915969686E6E106.TMP C:\Users\Dawid\AppData\Local\Temp\~DFCB313679B1A67EE3.TMP C:\Users\Dawid\AppData\Local\Temp\~DFCB8F7A181E501C1F.TMP C:\Users\Dawid\AppData\Local\Temp\~DFD17E8663CED2BD3A.TMP C:\Users\Dawid\AppData\Local\Temp\~DFD36A201E33A9334D.TMP C:\Users\Dawid\AppData\Local\Temp\~DFD5B2685B9F4457BB.TMP C:\Users\Dawid\AppData\Local\Temp\~DFD8409BE9E4DA8790.TMP C:\Users\Dawid\AppData\Local\Temp\~DFD9DCF9A4E7A66C1C.TMP C:\Users\Dawid\AppData\Local\Temp\~DFDA669967D9E79857.TMP C:\Users\Dawid\AppData\Local\Temp\~DFDB77B4A48BB977AB.TMP C:\Users\Dawid\AppData\Local\Temp\~DFDDE6EE2A6347BE99.TMP C:\Users\Dawid\AppData\Local\Temp\~DFDF15B3B258334CC7.TMP C:\Users\Dawid\AppData\Local\Temp\~DFDF4B0298FFE0D4A9.TMP C:\Users\Dawid\AppData\Local\Temp\~DFE481D3CF4DD34F81.TMP C:\Users\Dawid\AppData\Local\Temp\~DFE591D44847B8D1FB.TMP C:\Users\Dawid\AppData\Local\Temp\~DFEAE2B96640F92674.TMP C:\Users\Dawid\AppData\Local\Temp\~DFEB42C78A4B0D6E17.TMP C:\Users\Dawid\AppData\Local\Temp\~DFEB64EC105ED8C58A.TMP C:\Users\Dawid\AppData\Local\Temp\~DFECA8B27D89A0CCDC.TMP C:\Users\Dawid\AppData\Local\Temp\~DFECE890B1B9316E07.TMP C:\Users\Dawid\AppData\Local\Temp\~DFED860AEA76F173B0.TMP C:\Users\Dawid\AppData\Local\Temp\~DFF17DDD7FDDC8CB27.TMP C:\Users\Dawid\AppData\Local\Temp\~DFF21CBCD347846A5F.TMP C:\Users\Dawid\AppData\Local\Temp\~DFF4CB3967C5FDDD1D.TMP C:\Users\Dawid\AppData\Local\Temp\~DFF54905ED636B512E.TMP C:\Users\Dawid\AppData\Local\Temp\~DFF5E37E600BC42439.TMP C:\Users\Dawid\AppData\Local\Temp\~DFF6F7EF8145057639.TMP C:\Users\Dawid\AppData\Local\Temp\~DFF9303AC9882B21F5.TMP C:\Users\Dawid\AppData\Local\Temp\~DFF95785F0F1628A10.TMP C:\Users\Dawid\AppData\Local\Temp\~DFF97DAEDFF5886DCC.TMP C:\Users\Dawid\AppData\Local\Temp\~DFFAE345462CE6784B.TMP C:\Users\Dawid\AppData\Local\Temp\~DFFDD697C0419B8B1B.TMP C:\Users\Dawid\AppData\Local\Temp\~DFFF12F5B9C1C6AC7C.TMP C:\Users\Dawid\AppData\Local\Temp\~PIC707.tmp C:\Users\Dawid\AppData\Local\Temp\~PIC708.tmp C:\Users\Dawid\AppData\Local\Temp\Skype\DbTemp\temp-jTnOmhGTvGeB8cGFRKDEkmhL C:\Users\Dawid\AppData\Local\Temp\Skype\DbTemp\temp-U86h6tNuo2DP0xgy0T0cTOkd C:\Users\Dawid\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml C:\Users\Dawid\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx C:\Users\Dawid\AppData\Local\Temp\L\config.ini C:\Users\Dawid\AppData\Local\Temp\L\LG_PC_Programs.exe C:\Users\Dawid\AppData\Local\Temp\L\P5_LGPsLvDlChk.dll C:\Users\Dawid\AppData\Local\Temp\L\Progress.avi C:\Users\Dawid\AppData\Local\Temp\L\SendScsiCmd.dll C:\Users\Dawid\AppData\Local\Temp\chrome_BITS_5892_2753\BIT38AD.tmp Some content of TEMP: ==================== C:\Users\Dawid\AppData\Local\Temp\drm_dyndata_7400009.dll C:\Users\Dawid\AppData\Local\Temp\ggdrive-menu.exe C:\Users\Dawid\AppData\Local\Temp\ggdrive-overlay.exe C:\Users\Dawid\AppData\Local\Temp\installstats.exe C:\Users\Dawid\AppData\Local\Temp\KMP_3.9.0.124.exe C:\Users\Dawid\AppData\Local\Temp\Quarantine.exe C:\Users\Dawid\AppData\Local\Temp\reboot.exe C:\Users\Dawid\AppData\Local\Temp\SHSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed ==================== BCD ================================ Menedľer rozruchu systemu Windows --------------------------------- Identyfikator {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale pl-PL inherit {globalsettings} default {current} resumeobject {8d7e95a3-1a98-11e1-a0a1-c2bbabc01381} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Modu adujĄcy rozruchu systemu Windows --------------------------------------- Identyfikator {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale pl-PL inherit {bootloadersettings} recoverysequence {8d7e95a5-1a98-11e1-a0a1-c2bbabc01381} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {8d7e95a3-1a98-11e1-a0a1-c2bbabc01381} nx OptOut Modu adujĄcy rozruchu systemu Windows --------------------------------------- Identyfikator {8d7e95a5-1a98-11e1-a0a1-c2bbabc01381} device ramdisk=[C:]\Recovery\8d7e95a5-1a98-11e1-a0a1-c2bbabc01381\Winre.wim,{8d7e95a6-1a98-11e1-a0a1-c2bbabc01381} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\8d7e95a5-1a98-11e1-a0a1-c2bbabc01381\Winre.wim,{8d7e95a6-1a98-11e1-a0a1-c2bbabc01381} systemroot \windows nx OptIn winpe Yes Wznawianie ze stanu hibernacji ------------------------------ Identyfikator {8d7e95a3-1a98-11e1-a0a1-c2bbabc01381} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale pl-PL inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Modu testujĄcy pami©† systemu Windows -------------------------------------- Identyfikator {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Diagnostyka pami©ci systemu Windows locale pl-PL inherit {globalsettings} badmemoryaccess Yes Ustawienia usug EMS -------------------- Identyfikator {emssettings} bootems Yes Ustawienia debugera ------------------- Identyfikator {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Uszkodzenia pami©ci RAM ----------------------- Identyfikator {badmemory} Ustawienia globalne ------------------- Identyfikator {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Ustawienia moduu adujĄcego rozruchu ------------------------------------- Identyfikator {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Ustawienia funkcji hypervisor ----------------------------- Identyfikator {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Ustawienia moduu adujĄcego wznawiania --------------------------------------- Identyfikator {resumeloadersettings} inherit {globalsettings} Opcje urzĄdzenia ---------------- Identyfikator {8d7e95a6-1a98-11e1-a0a1-c2bbabc01381} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\8d7e95a5-1a98-11e1-a0a1-c2bbabc01381\boot.sdi LastRegBack: 2014-08-17 10:59 ==================== End Of Log ============================[/log] Addition [log]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2014 Ran by Dawid at 2014-08-21 22:04:35 Running from C:\Users\Dawid\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Smart Security 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1} AS: ESET Smart Security 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Zapora osobista (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.) Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 4 64-bit (HKLM\...\{669A82E0-43E2-4645-8A2E-1A3DE78F8312}) (Version: 4.0.1 - Adobe) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.) AIDA64 Extreme Edition v2.30 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.30 - FinalWire Ltd.) AIMP2 MegaPack v6 by UppeD (HKLM-x32\...\{4C35E42C-98B4-4A82-87C7-8E73FBDDFBCC}) (Version: 1.00.0000 - EXSite.pl) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1345, 26.03.2014 - AIMP DevTeam) AIWI (HKLM-x32\...\InstallShield_{B3E74336-F275-40D9-BFAB-2FCB765609F5}) (Version: 1.1.0.9291 - Aibelive Co., Ltd.) AIWI (x32 Version: 1.1.0.9291 - Aibelive Co., Ltd.) Hidden AIWI JoyStick (HKLM\...\{48BB9EBA-C929-4D7E-AF43-21B4427373EB}) (Version: 1.0.0 - aibelive) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Aktualizacje NVIDIA 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden Angry Birds Space (HKLM-x32\...\{FA1BD6B7-9740-4C9A-81EA-42D5196FA592}) (Version: 1.2.2 - Rovio) Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG) Ashampoo Internet Accelerator 3 v.3.20 (HKLM-x32\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG) Ashampoo Snap 4 v.4.3.0 (HKLM-x32\...\Ashampoo Snap 4_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology) Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft) ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.94.193 - eCareme Technologies, Inc.) Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team) Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team) AutoCAD 2014 — Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 Language Pack – Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk) Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk) Autodesk AutoCAD 2014 — Polski (Polish) (HKLM\...\AutoCAD 2014 — Polski (Polish)) (Version: 19.1.18.0 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk) Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk) Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk) Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.) Brother MFL-Pro Suite (HKLM-x32\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.00 - Brother Industries, Ltd.) BurnInTest v7.1 Pro (HKLM\...\BurnInTest_is1) (Version: 7.1 - Passmark Software) CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform) CCleaner wersja 4.14.4707 (HKLM\...\CCleaner_is1) (Version: 4.14.4707 - ) Common (x32 Version: 14.0.0.342 - Corel Corporation) Hidden Compiled Driver Disc (Full) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-70548081120E}_is1) (Version: 1.0.8.1 - COMPELSON Labs) Contents (x32 Version: 14.0.0.342 - Corel Corporation) Hidden Corel VideoStudio Pro X4 (HKLM-x32\...\_{AA902C31-B49D-4608-BCCF-2519EB77722D}) (Version: 14.3.0.5 - Corel Corporation) Counter-Strike 1.6 v40 (HKLM-x32\...\{7C4F2AE9-4D57-4A5D-B20A-B52DC24EC953}_is1) (Version: - Exe Games PL) CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) CyberGhost VPN Patch 4.7.19 (HKLM\...\CyberGhost VPN_is1) (Version: - CyberGhost S.R.L.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Device Simulation Framework 1.0.1 (HKLM\...\{C7966AB3-A8D9-48D5-B7DF-922674C40098}) (Version: 1.0.1 - Microsoft) DeviceIO (x32 Version: 14.0.0.342 - Corel Corporation) Hidden Dexpot (HKCU\...\Dexpot) (Version: 1.6.3 - Dexpot GbR) DFX for AIMP2 1.2.5 (HKLM-x32\...\DFX for AIMP2 1.2.5) (Version: - ) Disk Unlocker (HKLM-x32\...\{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}) (Version: 2.0.6 - ASUS) DxO Optics Pro 7 (HKLM-x32\...\{A864167F-970B-4673-8FD2-AA1FD7AF3C1C}) (Version: 7.0.0 - DxO Labs) easyHDR BASIC 2 (HKLM-x32\...\easyHDR_BASIC_2) (Version: 2.13.3 - SIMPARTEK - Bartlomiej Okonek) EasySetPackage (HKLM-x32\...\{266725C1-716F-43AC-BBFB-4201131ED656}) (Version: 2.4 - LG Soft India) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ESET Smart Security (HKLM\...\{33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}) (Version: 4.2.71.2 - ESET, spol. s r.o.) ExifCleaner 1.7 (HKLM-x32\...\ExifCleaner) (Version: 1.7 - SuperUtils.com Software) f.lux (HKCU\...\Flux) (Version: - ) Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production) FARO LS 1.1.501.0 (HKLM-x32\...\{8F196892-666A-4A40-8587-6AE38F78A5C2}) (Version: 5.1.0.30630 - FARO Scanner Production) FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time) FotoSender 3.0 (HKLM-x32\...\FotoSender_is1) (Version: - Foto-Kontakt) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation) Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden GameDesire-Pool & Snooker (HKLM-x32\...\GameDesire-Pool & Snooker) (Version: - ) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GG (HKCU\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden HD Tune Pro 3.00 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod) ICA (x32 Version: 14.0.0.342 - Corel Corporation) Hidden Image Grabber II (HKLM-x32\...\Image Grabber II) (Version: - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.1.1001 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) ipla 2.7 (HKLM-x32\...\ipla) (Version: 2.7 - Redefine Sp z o.o.) IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden ISCOM (x32 Version: 14.0.0.342 - Corel Corporation) Hidden Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle) Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden JDownloader (HKLM-x32\...\JDownloader) (Version: - AppWork UG (haftungsbeschränkt)) JottiQ v1.0.2 (HKLM\...\JottiQSetup_is1) (Version: 1.0.2 - Gholam, Inc.) jv16 PowerTools 1.3 (HKLM-x32\...\jv16 PowerTools_is1) (Version: - ) KeyTurion version 2.8 (HKCU\...\KeyTurion) (Version: - Datpol) K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - ) Komputer Świat Plus (HKLM-x32\...\Komputer Świat Plus_is1) (Version: 1.4.5.110 - Komputer Świat) LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LG CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3109 - CyberLink Corp.) LG CyberLink LabelPrint (x32 Version: 2.5.3109 - CyberLink Corp.) Hidden LG CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.) LG CyberLink Power2Go (x32 Version: 6.2.4009 - CyberLink Corp.) Hidden LG CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.5529 - CyberLink Corp.) LG CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304a - CyberLink Corp.) LG CyberLink YouCam (x32 Version: 2.0.3304a - CyberLink Corp.) Hidden LG ODD Auto Oprogramowanie (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - ) LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.14.20140117 - LG Electronics) LG Power Tools (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.) LG Power Tools (x32 Version: 6.0.3316 - CyberLink Corp.) Hidden LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics) Lightning (HKLM-x32\...\Lightning_is1) (Version: - MSI, Inc.) LightScribe System Software (HKLM-x32\...\{705B639E-FAAF-40D7-AD58-C445321C7C3F}) (Version: 1.18.18.1 - LightScribe) Liveupdate4 (HKLM-x32\...\Liveupdate4_is1) (Version: - MSI, Inc.) Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.) LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden LWS Gallery (x32 Version: 13.50.854.0 - Logitech) Hidden LWS Help_main (x32 Version: 13.50.862.0 - Logitech) Hidden LWS Launcher (x32 Version: 13.50.859.0 - Logitech) Hidden LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden LWS Pictures And Video (x32 Version: 13.50.861.0 - Logitech) Hidden LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden Machinery DEMO (HKLM-x32\...\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}) (Version: 1.5.5 - Maszyneria) Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (Polish) 2007 (x32 Version: 12.0.4518.1020 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Polish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden MOBILedit! Enterprise ver. 7.5.0.4173 (HKLM-x32\...\{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1) (Version: 7.5.0.4173 - COMPELSON Labs) MOBILedit! Support Libraries (HKLM-x32\...\{1A834332-A9EE-440C-9505-2D07F445F05A}) (Version: 4.0.0 - COMPELSON Labs) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 24.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 pl)) (Version: 24.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD) MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Multi AV wersja 1.0.1 (HKLM-x32\...\{3F6C0B68-F8CC-4F6A-8346-44E247A92CB6}_is1) (Version: 1.0.1 - ) Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia) Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.5.34.0 - Nokia) Nokia Suite (x32 Version: 3.5.34.0 - Nokia) Hidden NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Oprogramowanie systemu PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden NVIDIA Sterownik 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation) NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation) Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: - Linspire Inc.) OCCT 4.2.0 (HKLM-x32\...\OCCT) (Version: 4.2.0 - Ocbase.com) Origin (HKLM-x32\...\Origin) (Version: 8.6.0.357 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) Panel sterowania NVIDIA 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden Paraben's Device Seizure (HKLM-x32\...\{B4008666-3C27-4B67-9D89-80B4E31FA685}) (Version: 6.1.4925.28192 - Paraben Corporation) PC Alert 4 (HKLM-x32\...\PC Alert 4) (Version: - ) PC Connectivity Solution (HKLM-x32\...\{7390478C-8581-415E-92E9-2997D9306B81}) (Version: 12.0.32.0 - Nokia) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.201.0 - Tracker Software Products Ltd.) Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Polska lokalizacja Lightroom 4 (HKCU\...\Polska lokalizacja Lightroom 4) (Version: - ) PowerISO (HKLM-x32\...\PowerISO) (Version: 5.0 - Power Software Ltd) Prawo Jazdy ABCDT - egzamin wewnętrzny (HKLM-x32\...\{F40963EC-223E-4E65-8CF0-A60E9A227245}_is1) (Version: - Grupa IMAGE sp. z o.o.) Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - ) Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version: - IObit) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.) PureHD (x32 Version: 14.0.0.342 - Corel Corporation) Hidden QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.) Radmin Viewer 3.5 (HKLM-x32\...\{199127DC-7BDB-41AB-825B-4229A86F8F0D}) (Version: 3.50.0000 - Famatech) Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.) ScanMyReg 2.02 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-A9D60D18D757}_is1) (Version: - YL Computing, Inc) Setup (x32 Version: 14.0.0.342 - Corel Corporation) Hidden Share (x32 Version: 14.0.0.342 - Corel Corporation) Hidden Share64 (Version: 14.0.0.342 - Corel Corporation) Hidden SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden Silver Efex Pro 2 (HKLM-x32\...\Silver Efex Pro 2) (Version: 2.0.0.0 - Nik Software, Inc.) SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.) SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden Speed-Link SL-6535 USB Pad (HKLM-x32\...\{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}) (Version: 1.00.0000 - GASIA) SpyHunter (HKLM-x32\...\{AF549236-6258-4AC6-A043-5B5B89C6EB61}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - ) System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH) TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer) The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - ) TNod User & Password Finder (HKLM\...\TNod) (Version: 1.4.1.0 - Tukero[X]Team) TS Notifier (HKLM-x32\...\{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}) (Version: 1.5.1000 - Andreas Gebert) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version: - File Recovery Ltd.) Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.3.3 - CrystalIDEA Software, Inc.) Uninstall Tool (HKLM-x32\...\Uninstall Tool_is1) (Version: 2.9.6 - CrystalIdea Software, Inc.) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{840D15BD-72E8-4710-ABDD-8E883B88BD5D}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) USB Cobra Joystick V4 (HKLM-x32\...\SM7192) (Version: - ) VCardExportTool (HKLM-x32\...\VCardExport_is1) (Version: - ) VIO (x32 Version: 14.0.0.342 - Corel Corporation) Hidden Visual Watermark 2.9.30 (HKLM-x32\...\Visual Watermark_is1) (Version: - VisualWatermark.com) VSClassic (x32 Version: 14.0.0.342 - Corel Corporation) Hidden VSPro (x32 Version: 14.0.0.342 - Corel Corporation) Hidden WapSter AQQ (HKLM-x32\...\AQQ) (Version: 2.6.0.10 - Creative Team S.A.) Windows 7 Logon Background Changer (HKLM-x32\...\{2E6044C5-3495-485F-91BC-46D1B6430E51}) (Version: 1.5.2 - Julien MANICI) Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden WinRAR 4.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1744233449-2869872091-3771974885-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> E:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1744233449-2869872091-3771974885-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> E:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1744233449-2869872091-3771974885-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> E:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1744233449-2869872091-3771974885-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> E:\Autodesk\AutoCAD 2014\pl-PL\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1744233449-2869872091-3771974885-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Dawid\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= 05-08-2014 15:46:25 Windows Update 13-08-2014 15:09:14 Windows Update 19-08-2014 07:30:33 Windows Update 21-08-2014 19:54:25 SPTD setup V1.86 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-05-26 12:28 - 00000903 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost 127.0.0.1 activate.adobe.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {013955AA-C72C-4158-A62C-4F6A7BA0A5AE} - System32\Tasks\Usługa aktualizacji oprogramowania InstallShield => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13] (InstallShield Software Corporation) Task: {0FFE709B-8DF8-4281-89E8-808F978397AE} - System32\Tasks\{5E9AC45C-DE48-4BCB-8CFF-FB041950E0F8} => Firefox.exe http://ui.skype.com/ui/0/5.8.0.158/pl/abandoninstall?page=tsMain Task: {113E2C28-0C8B-4972-9C3E-9B6C3F481C50} - System32\Tasks\{7244E1F3-F0F4-4A65-BF61-315ED40D683F} => C:\Program Files (x86)\FotoSender\FotoSender.exe [2011-09-27] () Task: {162F4B70-1EF2-4C52-9904-D171AC54737C} - System32\Tasks\Symantec\Norton Error Analyzer 18.6.0.29 => C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\SymErr.exe Task: {1743582A-55EA-44D4-A6B5-BB862A128C62} - System32\Tasks\{7AB85007-EA04-4668-8CBE-65DB1D6207C9} => F:\Prawko.exe Task: {1D697B95-1997-439D-9010-2D947771E590} - System32\Tasks\{81DB0962-961C-4F69-9186-98A2925783C4} => Firefox.exe http://ui.skype.com/ui/0/5.8.0.158/pl/abandoninstall?page=tsMain Task: {1E3CB9B2-6150-430B-B232-C5BB8123C549} - System32\Tasks\{3BEC2721-789E-4A0D-9F04-F03CF4484830} => C:\Program Files (x86)\Uninstall Tool\utool.exe [2010-03-16] (CrystalIDEA Software) Task: {1E6AD5B7-0877-46B9-8588-D637837EBAA9} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe Task: {1FCB6FE3-BDBD-48C1-89C4-3AB957FB88FA} - System32\Tasks\{3FDF962F-1D48-4406-9E7A-4410C9D955BE} => Firefox.exe http://ui.skype.com/ui/0/6.6.0.106/pl/go/help.faq.installer?LastError=1603 Task: {225F40D8-F549-4BB0-848B-5DF99E03FB14} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {278F1E86-617E-4EBB-9589-1F5F8A563983} - System32\Tasks\{7E28678F-67B3-4F94-93FA-10349519E01B} => Firefox.exe http://ui.skype.com/ui/0/5.10.0.114/pl/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {3078EF54-960D-4871-BED2-1DF1FEF366D5} - System32\Tasks\{541BA438-1C80-444C-BA3A-6128D0855447} => C:\Program Files (x86)\FotoSender\FotoSender.exe [2011-09-27] () Task: {34B0177F-A38F-4873-82B6-987042BE1E1C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA => C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-15] (Facebook Inc.) Task: {3563D845-DFB4-437D-8D2A-A7287C617642} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {39773D5E-E794-4220-8052-6976D088A5BD} - \Program aktualizacji online firmy InstallShield Software. No Task File <==== ATTENTION Task: {55E16910-B5AB-4A14-9722-3AC6C4FF0E8C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-17] (Adobe Systems Incorporated) Task: {5C9352E2-9982-4537-984F-3F2371929B91} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation) Task: {5FB9CC01-31D9-4DB3-BD2C-9EBCD3F4440A} - System32\Tasks\ASC7_SkipUac_Dawid => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe Task: {6469F155-7DBF-4B5A-AC2A-37449E16D2D6} - System32\Tasks\{3472E79A-6EF8-4E9E-BCB3-FF36020A71CF} => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe Task: {691561BF-9DDF-4D7C-BE6A-22DDD99F2D4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06] (Google Inc.) Task: {6BB4B778-7D22-4199-A4D9-F4044B61329C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core => C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-15] (Facebook Inc.) Task: {704F0F05-72B5-4B3A-96C2-CF5F8ECC9BC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06] (Google Inc.) Task: {818357C7-F0F5-4711-9F5D-669116245235} - System32\Tasks\{CDACD967-4069-4076-86C3-3811F2CE51F4} => Firefox.exe http://ui.skype.com/ui/0/6.6.0.106/pl/go/help.faq.installer?LastError=1603 Task: {8212E392-AC56-4A3D-85A7-2CCDE54E5404} - System32\Tasks\{1B99CC1D-B156-4E48-B020-F6569B25B2EC} => Firefox.exe http://ui.skype.com/ui/0/6.9.0.106/pl/abandoninstall?page=tsMain Task: {8E98E93B-F3D2-4EA0-88EB-C24190D9DA18} - System32\Tasks\RegCure Pro => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe Task: {8EFC9511-D324-4EA7-A5E6-73B9D33BFA63} - System32\Tasks\Symantec\Norton Error Processor 18.6.0.29 => C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\SymErr.exe Task: {AF3D663A-485B-49C1-BB09-276A7D847CA2} - \ParetoLogic Registration3 No Task File <==== ATTENTION Task: {C88FD9A3-7E7E-40D1-AB04-9AF24B5B05D6} - System32\Tasks\{8A30D91A-795E-4CA4-9D91-FE5601CD9AA6} => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe Task: {DACDB29C-F515-4DF2-979E-64C7D3B6694A} - System32\Tasks\{7A6C8C36-9867-442B-B8C6-A38BC8EA3F47} => F:\Prawko.exe Task: {DD8242FB-9C3C-4E8D-AD34-4B6589478BC8} - System32\Tasks\{8771F270-05D7-4D6F-A90C-C3BC6E771C2B} => F:\Prawko.exe Task: {E1C46CF6-0FDB-47EF-A13D-C25286D7158B} - System32\Tasks\{0519588A-49CA-4E75-A527-72FB6E7F7CDE} => Firefox.exe http://ui.skype.com/ui/0/6.6.0.106/pl/go/help.faq.installer?LastError=1603 Task: {EC74A5AC-99EA-4ACE-8A69-50E783C23855} - \ParetoLogic Update Version3 No Task File <==== ATTENTION Task: {F5271610-55A3-424B-AB14-60C8D90616AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000Core.job => C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1744233449-2869872091-3771974885-1000UA.job => C:\Users\Dawid\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe Task: C:\Windows\Tasks\RegCure Pro.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe ==================== Loaded Modules (whitelisted) ============= 2011-11-30 21:22 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-11-03 11:30 - 2010-11-03 11:30 - 00918144 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe 2010-12-02 04:15 - 2010-12-02 04:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe 2011-11-29 17:11 - 2010-10-21 11:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe 2011-12-03 18:12 - 2014-06-29 11:55 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2011-11-29 18:06 - 2009-12-04 18:15 - 00062976 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK64.dll 2011-11-29 18:06 - 2009-12-22 13:30 - 00159744 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe 2011-11-29 18:06 - 2009-12-22 13:31 - 00024576 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe 2011-08-12 12:20 - 2011-08-12 12:20 - 01260568 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\UMVPLMute.dll 2011-08-12 12:19 - 2011-08-12 12:19 - 00221208 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\FxPreview.dll 2011-08-12 12:20 - 2011-08-12 12:20 - 01349656 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\MRSystem.dll 2011-08-12 12:20 - 2011-08-12 12:20 - 00135192 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\MapTrackData.dll 2011-08-12 12:20 - 2011-08-12 12:20 - 01323032 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\MMSystem.dll 2011-08-12 12:20 - 2011-08-12 12:20 - 00294424 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\VMSystem.dll 2011-11-29 17:10 - 2014-08-21 21:23 - 00020480 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll 2011-11-29 17:10 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll 2014-08-13 17:40 - 2014-08-13 17:40 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a66e495ff6608f31b4987c13f205ef00\IsdiInterop.ni.dll 2011-11-29 17:02 - 2011-05-19 16:34 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2011-11-29 18:06 - 2009-12-22 13:30 - 00057344 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK.dll 2011-11-29 18:06 - 2009-12-22 13:30 - 00012288 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EngRes.dll 2009-12-15 14:46 - 2009-12-15 14:46 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2009-12-15 14:49 - 2009-12-15 14:49 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2014-08-15 10:39 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll 2014-08-15 10:39 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll 2014-08-15 10:39 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll 2014-08-15 10:39 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll 2014-08-15 10:39 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll 2014-08-15 10:39 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\ProgramData\Temp:1C209B86 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24023874.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24023874.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) HKU\S-1-5-21-1744233449-2869872091-3771974885-1000\Software\Classes\exefile: <===== ATTENTION! ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: G:\ Description: FCR-HS3 -2 Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: H:\ Description: FCR-HS3 -3 Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: I:\ Description: FCR-HS3 -1 Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (08/21/2014 09:54:25 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {1f2da371-3596-4a62-9e8c-4eec9f49cee5} Error: (08/21/2014 09:24:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2014 09:24:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (08/21/2014 09:24:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (08/21/2014 07:46:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2014 07:45:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (08/21/2014 07:45:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (08/21/2013 06:10:29 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2” w wierszu C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (08/21/2014 05:31:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2014 05:31:12 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] System errors: ============= Error: (08/21/2014 09:26:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (08/21/2014 09:24:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: BTHidMgr Error: (08/21/2014 09:23:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (08/21/2014 08:57:16 PM) (Source: nvlddmkm) (EventID: 14) (User: ) Description: \Device\Video5!051d(2558) Error: (08/21/2014 07:54:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (08/21/2014 07:45:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: BTHidMgr Error: (08/21/2014 07:44:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error: (08/21/2014 07:44:34 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 18:17:08 na 2014-08-21 było nieoczekiwane. Error: (08/21/2014 05:51:50 PM) (Source: nvlddmkm) (EventID: 14) (User: ) Description: \Device\Video5!051d(2558) Error: (08/21/2014 05:40:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Microsoft Office Sessions: ========================= Error: (01/06/2014 05:09:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz Percentage of memory in use: 43% Total physical RAM: 8172.13 MB Available physical RAM: 4622.09 MB Total Pagefile: 16342.45 MB Available Pagefile: 12485.98 MB Total Virtual: 8192 MB Available Virtual: 8191.78 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:155.25 GB) (Free:10.49 GB) NTFS Drive d: () (Fixed) (Total:155.16 GB) (Free:28.4 GB) NTFS Drive e: () (Fixed) (Total:155.25 GB) (Free:30.87 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B30AB7E9) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=155.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=155.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=155.3 GB) - (Type=07 NTFS) ==================== End Of Log ============================[/log] Shortcut [log]Users shortcut scan result (x64) Version: 21-08-2014 Ran by Dawid at 2014-08-21 22:05:38 Running from C:\Users\Dawid\Desktop Boot Mode: Normal ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\LG PC Suite.Lnk -> C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk -> C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe (Adobe Systems Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4 64-bit.lnk -> C:\Program Files\Adobe\Adobe Photoshop Lightroom 4\lightroom.exe (Adobe Systems) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk -> C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe (The Audacity Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk -> C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4\MSKLC.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk -> C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Windows Media Encoder.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmenc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Encoding Script.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\WMEncUtil.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media File Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmeditor.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Profile Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\WMProEdt.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Stream Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmstreamedt.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Watermark\Uninstall Visual Watermark.lnk -> C:\Program Files (x86)\Visual Watermark\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Watermark\Visual Watermark on the Web.lnk -> C:\Program Files (x86)\Visual Watermark\vmark.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Watermark\Visual Watermark.lnk -> C:\Program Files (x86)\Visual Watermark\vmark.exe (Integrated Business Service Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VCardExport\VCardImport.lnk -> C:\Program Files (x86)\VCardExportTool\VCardExport.exe (Aegis Technologies) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool\Strona WWW programu Uninstall Tool.lnk -> C:\Program Files\Uninstall Tool\UninstallTool.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool\Uninstall Tool.lnk -> C:\Program Files (x86)\Uninstall Tool\utool.exe (CrystalIDEA Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool\Unіnstall Tool.lnk -> C:\Program Files\Uninstall Tool\UninstallTool.exe (CrystalIDEA Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undelete360\Undelete 360.lnk -> C:\Program Files (x86)\File Recovery\undelete360\undelete-360.exe (File Recovery Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSNotifier\DirectX Update.lnk -> C:\Windows\Installer\{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}\_E55A93B4730E1E40A5797F.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSNotifier\TSNotifier.lnk -> C:\Windows\Installer\{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}\_2512B98A4F2A89BF718D24.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\README.lnk -> C:\Program Files\ESET\TNod User & Password Finder\LEEME.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Run hidden.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Uninstall.lnk -> C:\Program Files\ESET\TNod User & Password Finder\uninst-tnod.exe (Tukero[X]Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Update license.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperUtils.com\ExifCleaner\ExifCleaner Readme.lnk -> C:\Program Files (x86)\SuperUtils.com\ExifCleaner\readme.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperUtils.com\ExifCleaner\ExifCleaner.lnk -> C:\Program Files (x86)\SuperUtils.com\ExifCleaner\ExifClnr.exe (SuperUtils.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperUtils.com\ExifCleaner\Uninstall.lnk -> C:\Program Files (x86)\SuperUtils.com\ExifCleaner\uninst.exe (SuperUtils.com Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperUtils.com\ExifCleaner\Web Site.lnk -> C:\Program Files (x86)\SuperUtils.com\ExifCleaner\ExifCleaner.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanMyReg\Deinstalacja programu ScanMyReg.lnk -> C:\Program Files (x86)\ScanMyReg\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanMyReg\ScanMyReg.lnk -> C:\Program Files (x86)\ScanMyReg\ScanMyReg.exe (YL Computing, Inc) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio\Angry Birds Space\Angry Birds Space.lnk -> E:\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek\Realtek Ethernet Diagnostic Utility\Realtek Ethernet Diagnostic Utility.lnk -> C:\Program Files (x86)\Realtek\Realtek Ethernet Diagnostic Utility\8169Diag.exe (Realtek Semiconductor Corporation.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin Viewer 3\Pomoc.lnk -> C:\Program Files (x86)\Radmin Viewer 3\Radmin30pl.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin Viewer 3\Radmin Viewer 3.lnk -> C:\Program Files (x86)\Radmin Viewer 3\Radmin.exe (Famatech Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\O programie QuickTime.lnk -> C:\Windows\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\RichText.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk -> C:\Windows\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\PictureViewer.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\QTPlayer.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Folder\Deinstalacja programu Protected Folder.lnk -> C:\Program Files (x86)\IObit\Protected Folder\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Folder\Protected Folder.lnk -> C:\Program Files (x86)\IObit\Protected Folder\ProtectedFolder.exe (IObit) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0\Project 64.lnk -> C:\Program Files (x86)\Project64 2.1\Project64.exe ( ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Help.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO Virtual Drive Manager.lnk -> C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\PowerISO.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.exe (Power Software Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO\Uninstall PowerISO.lnk -> C:\Program Files (x86)\PowerISO\uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange\Check for Updates.lnk -> C:\Program Files\Tracker Software\Live Update\LiveUpdate.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange\PDF-XChange Viewer.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paraben Corporation\Device Seizure\Device Seizure.lnk -> C:\Program Files (x86)\Paraben Corporation\Device Seizure\DeviceSeizure.exe (Paraben Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paraben Corporation\Device Seizure\Get Registration Key.lnk -> C:\Program Files (x86)\Paraben Corporation\Device Seizure\Registration Key\GetRegistrationKey.exe (Paraben Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paraben Corporation\Device Seizure\Help.lnk -> C:\Program Files (x86)\Paraben Corporation\Device Seizure\Help\deviceseizure.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Usuń Origin.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Electronic Arts, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT\Ocbase.com.lnk -> C:\Program Files (x86)\OCCTPT\OCCT.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT\OCCT.lnk -> C:\Program Files (x86)\OCCTPT\OCCT.exe (OCCT) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT\Uninstall.lnk -> C:\Program Files (x86)\OCCTPT\uninst.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nvu\Nvu.lnk -> C:\Program Files (x86)\Nvu\nvu.exe (Mozilla, Linspire Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia\Nokia Suite.lnk -> C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi AV\Deinstalacja programu Multi AV.lnk -> C:\Program Files (x86)\Multi AV\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi AV\Multi AV.lnk -> C:\Program Files (x86)\Multi AV\multiav.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\MSI Kombustor 2.5.lnk -> C:\Program Files (x86)\MSI Kombustor 2.5\KLoaderWin32.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Uninstall MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor 2.5\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\MSI Kombustor 2.4.lnk -> C:\Program Files (x86)\MSI Kombustor 2.4\KLoaderWin32.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\Uninstall MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor 2.4\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\DirectX installation for Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor 2.3\DirectX_Install\DXSETUP.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\MSI Kombustor 2.3.lnk -> C:\Program Files (x86)\MSI Kombustor 2.3\KLoaderWin32.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\Uninstall MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor 2.3\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\DirectX Install.lnk -> C:\Program Files (x86)\MSI Kombustor\DirectX_Install\DXSETUP.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\MSI Kombustor(DX10).lnk -> C:\Program Files (x86)\MSI Kombustor\MSIKombustorDX10.exe (MSI Co., LTD) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\MSI Kombustor(DX11).lnk -> C:\Program Files (x86)\MSI Kombustor\MSIKombustorDX11.exe (MSI Co., LTD) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\MSI Kombustor(DX9).lnk -> C:\Program Files (x86)\MSI Kombustor\MSIKombustorDX9.exe (MSI Co., LTD) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor\KLoaderWin32.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\Uninstall MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\VGA\MSI_APS\MSI_APS.lnk -> C:\Program Files (x86)\MSI\VGA\MSI_APS\MSI_APS.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\VGA\MSI_APS\Uninstall TWEAKER.lnk -> C:\Program Files (x86)\MSI\VGA\MSI_APS\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\VGA\Lightning\Lightning.lnk -> C:\Program Files (x86)\MSI\VGA\Lightning\Lightning.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\VGA\Lightning\Uninstall Lightning.lnk -> C:\Program Files (x86)\MSI\VGA\Lightning\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\PC Alert 4\PC Alert 4.lnk -> C:\Program Files (x86)\MSI\PC Alert 4\StartPCAlert4.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Live Update 4\Live Update 4.lnk -> C:\Program Files (x86)\MSI\Live Update 4\LU4\Liveupdate.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Live Update 4\Uninstall Live Update 4.lnk -> C:\Program Files (x86)\MSI\Live Update 4\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit! Enterprise\MOBILedit! Enterprise.lnk -> C:\Program Files (x86)\MOBILedit! Enterprise\MOBILedit!.exe (COMPELSON Labs) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Certyfikat cyfrowy dla projektów VBA.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Diagnostyka pakietu Microsoft Office.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Microsoft Office 2007 Ustawienia języka.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia Microsoft Office\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace\Games for Windows Marketplace.lnk -> C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Deinstalacja programu Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Vid HD.lnk -> C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Webcam Software.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Control Panel.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Website.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\LightScribe Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Tool Kit\LG ODD Auto Oprogramowanie.lnk -> C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (BitLeader) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Power Tools\PowerBackup\Online Registration.lnk -> C:\Program Files (x86)\CyberLink\PowerBackup\OLRSubmission\OLRSubmission.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Power Tools\PowerBackup\PowerBackup Online Help.lnk -> C:\Program Files (x86)\CyberLink\PowerBackup\PowerBackup.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Power Tools\PowerBackup\PowerBackup.lnk -> C:\Program Files (x86)\CyberLink\PowerBackup\PowerBackup.exe (CyberLink) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Power Tools\PowerBackup\Readme.lnk -> C:\Program Files (x86)\CyberLink\PowerBackup\Readme.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite\LG PC Suite.Lnk -> C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite\uninstall.lnk -> C:\Program Files (x86)\LG Electronics\LG PC Suite\uninstall.exe (LG Electronics) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Komputer Świat Plus\Deinstalacja programu Komputer Świat Plus.lnk -> C:\Program Files (x86)\Komputer Świat Plus\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Komputer Świat Plus\KŚ+.lnk -> C:\Program Files (x86)\Komputer Świat Plus\KSPlus.exe (Komputer Świat) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (MPC-HC Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext (x64).lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext64.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools\jv16 PowerTools.lnk -> C:\Program Files (x86)\jv16 PowerTools\jv16 PowerTools.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools\Uninstall.lnk -> C:\Program Files (x86)\jv16 PowerTools\unins000.exe (Jordan Russell) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JottiQ\JottiQ Changelog.lnk -> C:\Program Files\JottiQ\Changelog.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JottiQ\JottiQ Discussion Thread (NANY 2011).lnk -> C:\Program Files\JottiQ\JottiQ Discussion Thread (NANY 2011).url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JottiQ\JottiQ Readme.lnk -> C:\Program Files\JottiQ\Readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JottiQ\JottiQ Website.lnk -> C:\Program Files\JottiQ\JottiQ Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JottiQ\JottiQ.lnk -> C:\Program Files\JottiQ\JottiQ.exe (Gholam Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader.lnk -> C:\Program Files (x86)\JDownloader\JDownloaderD3D.exe (AppWork UG (haftungsbeschränkt)) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader\Uninstall JDownloader.lnk -> C:\Program Files (x86)\JDownloader\uninstall.exe (AppWork UG (haftungsbeschränkt)) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\Deinstalator.lnk -> C:\Program Files (x86)\ipla\uninst.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\ipla.lnk -> C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\Pomoc.lnk -> C:\Program Files (x86)\ipla\Pomoc.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ipla\Strona Domowa.lnk -> C:\Program Files (x86)\ipla\ipla.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Grabber II\Image Grabber II.lnk -> C:\Program Files (x86)\Image Grabber II\Image Grabber II.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Grabber II\Uninstall.lnk -> C:\Program Files (x86)\Image Grabber II\uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro\HD Tune Pro Manual.lnk -> C:\Program Files (x86)\HD Tune Pro\hdtunepro.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro\HD Tune Pro.lnk -> C:\Program Files (x86)\HD Tune Pro\HDTunePro.exe (EFD Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro\Uninstall HD Tune Pro.lnk -> C:\Program Files (x86)\HD Tune Pro\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Odinstaluj program.lnk -> C:\Program Files (x86)\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk -> C:\Program Files (x86)\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Testy.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Ustawienia klawiatury.lnk -> C:\Program Files (x86)\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\config.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\www.grupaimage.com.pl.lnk -> C:\Program Files (x86)\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Testy.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto-Kontakt\FotoSender.lnk -> C:\Program Files (x86)\FotoSender\FotoSender.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto-Kontakt\Nasza Strona WWW.lnk -> C:\Program Files (x86)\FotoSender\FotoSender.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto-Kontakt\Odinstaluj FotoSender.lnk -> C:\Program Files (x86)\FotoSender\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition Documentation.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition on the Web.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe (FinalWire Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\Uninstall AIDA64 Extreme Edition.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Dokumentacja.lnk -> C:\Program Files\ESET\ESET Smart Security\eset.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET Smart Security.lnk -> C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET SysInspector.lnk -> C:\Program Files\ESET\ESET Smart Security\SysInspector.exe (ESET) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET SysRescue.lnk -> C:\Program Files\ESET\ESET Smart Security\SysRescue.exe (ESET) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Umowa Licencyjna.lnk -> C:\Program Files\ESET\ESET Smart Security\eula.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasySetPackage\EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasySetPackage\Help.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\help\Help_Manual.hta () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO Optics Pro 7\DxO Optics Pro 7.lnk -> C:\Program Files (x86)\DxO Labs\DxO Optics Pro v7\DxOOpticsPro.exe (DxO Labs) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (No File) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DTGadget.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DT.gadget (No File) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\SPTD Setup.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\SPTDinst-x64.exe (No File) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost VPN\CyberGhost VPN Live-Support.lnk -> C:\Program Files\CyberGhost VPN\remotesupport.exe (TeamViewer GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost VPN\CyberGhost VPN odinstalować.lnk -> C:\Program Files\CyberGhost VPN\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost VPN\CyberGhost VPN zarzÄ…dzanie kontem.lnk -> C:\Program Files\CyberGhost VPN\account.URL () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost VPN\CyberGhost VPN.lnk -> C:\Program Files\CyberGhost VPN\CyberGhost.exe (CyberGhost SRL) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\CFG Editor.lnk -> E:\Counter-Strike\CFG Editor\CFG Editor.exe ((c) StempeK) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Half-Life Sound Selector.lnk -> E:\Counter-Strike\Half-Life Sound Selector\HLSS.exe (None) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\HL TooLz.lnk -> E:\Counter-Strike\HL TooLz\HLTooLz.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Odinstaluj.lnk -> E:\Counter-Strike\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Zaawansowane\Uruchom Half-Life.lnk -> E:\Counter-Strike\Counter-Strike\hl.exe (Valve) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Zaawansowane\Uruchom serwer.lnk -> E:\Counter-Strike\Counter-Strike\hlds.exe (Valve) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Zaawansowane\Usuń log sXe Injected.lnk -> E:\Counter-Strike\Counter-Strike\sxei-del.bat () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X4\Corel VideoStudio Pro X4.lnk -> E:\Corel\Corel VideoStudio Pro X4\vstudio.exe (Corel TW Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compiled Driver Disc (Full)\Apple Mobile Support Guide.lnk -> C:\Program Files\Compiled Driver Disc (Full)\Apple\AppleReadMe.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compiled Driver Disc (Full)\Windows Mobile Support Guide.lnk -> C:\Program Files\Compiled Driver Disc (Full)\WindowsMobile\WinMoReadMe.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk -> C:\Program Files\CCleaner\uninst.exe (Piriform Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest\BurnInTest Documentation.lnk -> C:\Program Files\BurnInTest\HTML\index.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest\BurnInTest on the Web.lnk -> C:\Program Files\BurnInTest\BurnInTest.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest\BurnInTest.lnk -> C:\Program Files\BurnInTest\bit.exe (PassMark Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest\Uninstall BurnInTest.lnk -> C:\Program Files\BurnInTest\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Podręczniki użytkownika w formacie HTML.lnk -> C:\Program Files (x86)\Brother\Brmfl07a\DCP-150C\cv_dcp135_poltop.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Read Me.lnk -> C:\Program Files (x86)\Brother\Brmfl07a\Rm07aPol.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Ustawienia skanera\Programy użytkowe do Skanera.lnk -> C:\Program Files (x86)\Brother\Brmfl07a\BrScUtil.exe (Brother Industries Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Ustawienia skanera\Programy użytkowe do Skanera.txt.lnk -> C:\Program Files (x86)\Brother\Brmfl07a\ScanRead.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Battlefield 3.lnk -> E:\Battlefield 3\Battlefield 3\bf3.exe (EA Digital Illusions CE AB) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\EA UMOWA UŻYTKOWNIKA.lnk -> E:\Battlefield 3\Battlefield 3\Support\eula\pl_PL_eula.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Plik Przeczytaj.lnk -> E:\Battlefield 3\Battlefield 3\Support\readme\Przeczytaj.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Pomoc techniczna.lnk -> E:\Battlefield 3\Battlefield 3\Support\EA Help\Electronic_Arts_Technical_Support.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey Help File.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey Setup.lnk -> C:\Program Files\AutoHotkey\Installer.ahk () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoIt3 Window Spy.lnk -> C:\Program Files\AutoHotkey\AU3_Spy.exe (DaloozaSoft) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Convert .ahk to .exe.lnk -> C:\Program Files\AutoHotkey\Compiler\Ahk2Exe.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Website.lnk -> C:\Program Files\AutoHotkey\AutoHotkey Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Uninstall Tool.lnk -> C:\Program Files (x86)\Common Files\Autodesk Shared\Uninstall Tool\R1\UninstallTool.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Content Service\Content Service — konsola konfiguracji.lnk -> C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.Admin.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk ReCap\Autodesk ReCap.lnk -> E:\Autodesk\Autodesk ReCap\recap.exe (Autodesk) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Dołącz podpisy cyfrowe.lnk -> E:\Autodesk\AutoCAD 2014\AcSignApply.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Menedżer odnośników.lnk -> E:\Autodesk\AutoCAD 2014\AdRefMan.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Wsadowy kontroler standardów.lnk -> E:\Autodesk\AutoCAD 2014\DwgCheckStandards.exe (Autodesk, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Disk Unlocker\Disk Unlocker.lnk -> C:\Windows\Installer\{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}\_695CD127CF6002633EF635.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS WebStorage\ASUS WebStorage.lnk -> C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe (ecareme) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS WebStorage\Uninstall.lnk -> C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Snap 4\Ashampoo Snap 4 .lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe (ashampoo GmbH & Co. KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Snap 4\Czytaj.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\readme_pl.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Snap 4\Deinstalacja programu Ashampoo Snap 4.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Snap 4\Pomoc.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\Help\asy-en-us.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Internet Accelerator 3\Ashampoo Internet Accelerator 3 .lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Internet Accelerator 3\iac3.exe (Ashampoo GmbH & Co. KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Internet Accelerator 3\Czytaj.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Internet Accelerator 3\readme_pl.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Internet Accelerator 3\Deinstalacja programu Ashampoo Internet Accelerator 3.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Internet Accelerator 3\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Internet Accelerator 3\Pomoc.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Internet Accelerator 3\translation\help.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2012\Ashampoo Burning Studio 2012 .lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\burningstudio2012.exe (Ashampoo) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2012\Ashampoo Burning Studio 2012 Gadget.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\gadget\bs2012.gadget () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2012\Czytaj.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\readme_pl.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2012\Deinstalacja programu Ashampoo Burning Studio 2012.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2012\Pomoc.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\lang\BurningStudio-en-us.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIWI\AIWI.lnk -> C:\Program Files (x86)\Aibelive\AIWI\AIWI.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Advanced Tag Editor.lnk -> C:\Program Files (x86)\AIMP2\AIMP3ate.exe (AIMP DevTeam) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Audio Converter.lnk -> C:\Program Files (x86)\AIMP2\AIMP3ac.exe (AIMP DevTeam) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Audio Library.lnk -> C:\Program Files (x86)\AIMP2\AIMP3lib.exe (AIMP DevTeam) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Home Page.lnk -> C:\Program Files (x86)\AIMP2\AIMP3.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3.lnk -> C:\Program Files (x86)\AIMP2\AIMP3.exe (AIMP DevTeam) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\History.lnk -> C:\Program Files (x86)\AIMP2\history.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\License.lnk -> C:\Program Files (x86)\AIMP2\license.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\Uninstall.lnk -> C:\Program Files (x86)\AIMP2\Uninstall.exe (AIMP DevTeam) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{DC397BE4-805B-43AB-8C82-CF9397052B6C}\PlayTasks\0\Play.lnk -> E:\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.) Shortcut: C:\Users\Dawid\Links\Desktop.lnk -> C:\Users\Dawid\Desktop () Shortcut: C:\Users\Dawid\Links\Downloads.lnk -> C:\Users\Dawid\Downloads () Shortcut: C:\Users\Dawid\Links\GG dysk.lnk -> C:\Users\Dawid\GG dysk () Shortcut: C:\Users\Dawid\Links\Muzyka.lnk -> D:\Muzyka () Shortcut: C:\Users\Dawid\Favorites\GG dysk.lnk -> C:\Users\Dawid\GG dysk () Shortcut: C:\Users\Dawid\Documents\Youcam\YouCam(Webcam).lnk -> C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.) Shortcut: C:\Users\Dawid\Desktop\Angry Birds.lnk -> E:\Angry Birds [PC-Game]\AngryBirds.exe () Shortcut: C:\Users\Dawid\Desktop\AQQ.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.) Shortcut: C:\Users\Dawid\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) Shortcut: C:\Users\Dawid\Desktop\Machinery 1.5.5.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_18be6784.exe () Shortcut: C:\Users\Dawid\Desktop\MSI Afterburner 2.3.1.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe () Shortcut: C:\Users\Dawid\Desktop\RockNESX.lnk -> E:\rocknesx v2.0\RockNESX.exe (by Alexandre da Veiga) Shortcut: C:\Users\Dawid\Desktop\SpyHunter.lnk -> C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.) Shortcut: C:\Users\Dawid\Desktop\Surgeon Simulator 2013.lnk -> E:\Surgeon_Simulator_2013_STEAM_RiP\ss2013.exe () Shortcut: C:\Users\Dawid\Desktop\Uninstall Tool.lnk -> C:\Program Files (x86)\Uninstall Tool\utool.exe (CrystalIDEA Software) Shortcut: C:\Users\Dawid\Desktop\Unіnstall Tool.lnk -> C:\Program Files\Uninstall Tool\UninstallTool.exe (CrystalIDEA Software) Shortcut: C:\Users\Dawid\Desktop\Programy\Advanced SystemCare 7.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (No File) Shortcut: C:\Users\Dawid\Desktop\Programy\AIDA64 Extreme Edition.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe (FinalWire Ltd.) Shortcut: C:\Users\Dawid\Desktop\Programy\AIMP3.lnk -> C:\Program Files (x86)\AIMP2\AIMP3.exe (AIMP DevTeam) Shortcut: C:\Users\Dawid\Desktop\Programy\AIWI.lnk -> C:\Program Files (x86)\Aibelive\AIWI\AIWI.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Ashampoo Internet Accelerator 3.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Internet Accelerator 3\iac3.exe (Ashampoo GmbH & Co. KG) Shortcut: C:\Users\Dawid\Desktop\Programy\Ashampoo Snap 4.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Snap 4\ashsnap.exe (ashampoo GmbH & Co. KG) Shortcut: C:\Users\Dawid\Desktop\Programy\ASUS WebStorage.lnk -> C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe (ecareme) Shortcut: C:\Users\Dawid\Desktop\Programy\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team) Shortcut: C:\Users\Dawid\Desktop\Programy\Autodesk ReCap.lnk -> E:\Autodesk\Autodesk ReCap\recap.exe (Autodesk) Shortcut: C:\Users\Dawid\Desktop\Programy\BurnInTest.lnk -> C:\Program Files\BurnInTest\bit.exe (PassMark Software) Shortcut: C:\Users\Dawid\Desktop\Programy\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) Shortcut: C:\Users\Dawid\Desktop\Programy\Corel VideoStudio Pro X4.lnk -> E:\Corel\Corel VideoStudio Pro X4\vstudio.exe (Corel TW Corp.) Shortcut: C:\Users\Dawid\Desktop\Programy\CPUID HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID) Shortcut: C:\Users\Dawid\Desktop\Programy\CyberGhost VPN.lnk -> C:\Program Files\CyberGhost VPN\CyberGhost.exe (CyberGhost SRL) Shortcut: C:\Users\Dawid\Desktop\Programy\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (No File) Shortcut: C:\Users\Dawid\Desktop\Programy\Dexpot.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) Shortcut: C:\Users\Dawid\Desktop\Programy\DFX for AIMP2.lnk -> C:\Program Files (x86)\AIMP2\PlugIns\DFX\dfxwsettings.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\DxO Optics Pro 7.lnk -> C:\Program Files (x86)\DxO Labs\DxO Optics Pro v7\DxOOpticsPro.exe (DxO Labs) Shortcut: C:\Users\Dawid\Desktop\Programy\easyHDR BASIC 2.lnk -> C:\Program Files (x86)\easyHDR BASIC 2\easyHDR_BASIC_2.exe (SIMPARTEK - Bartlomiej Okonek) Shortcut: C:\Users\Dawid\Desktop\Programy\EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\ExifCleaner.lnk -> C:\Program Files (x86)\SuperUtils.com\ExifCleaner\ExifClnr.exe (SuperUtils.com) Shortcut: C:\Users\Dawid\Desktop\Programy\Format Factory.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe (Free Time) Shortcut: C:\Users\Dawid\Desktop\Programy\FotoSender.lnk -> C:\Program Files (x86)\FotoSender\FotoSender.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Fraps.lnk -> C:\Fraps\fraps.exe (Beepa P/L) Shortcut: C:\Users\Dawid\Desktop\Programy\GG.lnk -> C:\Users\Dawid\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) Shortcut: C:\Users\Dawid\Desktop\Programy\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Dawid\Desktop\Programy\HD Tune Pro.lnk -> C:\Program Files (x86)\HD Tune Pro\HDTunePro.exe (EFD Software) Shortcut: C:\Users\Dawid\Desktop\Programy\Helium.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}\_D751D9D775A8FD8178CCB6.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Hooker.lnk -> C:\hooker\Hooker.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Image Grabber II.lnk -> C:\Program Files (x86)\Image Grabber II\Image Grabber II.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\IObit Uninstaller.lnk -> C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe (No File) Shortcut: C:\Users\Dawid\Desktop\Programy\ipla.lnk -> C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.) Shortcut: C:\Users\Dawid\Desktop\Programy\JottiQ.lnk -> C:\Program Files\JottiQ\JottiQ.exe (Gholam Inc.) Shortcut: C:\Users\Dawid\Desktop\Programy\jv16 PowerTools.lnk -> C:\Program Files (x86)\jv16 PowerTools\jv16 PowerTools.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\KeyTurion.lnk -> C:\Program Files (x86)\Datpol\KeyTurion.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\KMPlayer.lnk -> C:\Program Files (x86)\The KMPlayer\KMPlayer.exe (Pandora.TV) Shortcut: C:\Users\Dawid\Desktop\Programy\Komputer Świat Plus.lnk -> C:\Program Files (x86)\Komputer Świat Plus\KSPlus.exe (Komputer Świat) Shortcut: C:\Users\Dawid\Desktop\Programy\LG Burning Tool.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (CyberLink Corp.) Shortcut: C:\Users\Dawid\Desktop\Programy\LG PC Suite.Lnk -> C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\LG Power Tools.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe (CyberLink) Shortcut: C:\Users\Dawid\Desktop\Programy\Lightning.lnk -> C:\Program Files (x86)\MSI\VGA\Lightning\Lightning.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Lightroom 4 64-bit.lnk -> C:\Program Files\Adobe\Adobe Photoshop Lightroom 4\lightroom.exe (Adobe Systems) Shortcut: C:\Users\Dawid\Desktop\Programy\Live Update 4.lnk -> C:\Program Files (x86)\MSI\Live Update 4\LU4\Liveupdate.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Logitech Vid HD.lnk -> C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.) Shortcut: C:\Users\Dawid\Desktop\Programy\Logitech Webcam Software .lnk -> C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Machinery Explorer.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_2cd672ae.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) Shortcut: C:\Users\Dawid\Desktop\Programy\MOBILedit! Enterprise.lnk -> C:\Program Files (x86)\MOBILedit! Enterprise\MOBILedit!.exe (COMPELSON Labs) Shortcut: C:\Users\Dawid\Desktop\Programy\MSI Afterburner 2.2.1.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\MSI Kombustor 2.4.lnk -> C:\Program Files (x86)\MSI Kombustor 2.4\KLoaderWin32.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\MSI Kombustor 2.5.lnk -> C:\Program Files (x86)\MSI Kombustor 2.5\KLoaderWin32.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\MSI_APS.lnk -> C:\Program Files (x86)\MSI\VGA\MSI_APS\MSI_APS.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Multi AV.lnk -> C:\Program Files (x86)\Multi AV\multiav.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Nokia Suite.lnk -> C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) Shortcut: C:\Users\Dawid\Desktop\Programy\OCCT.lnk -> C:\Program Files (x86)\OCCTPT\OCCT.exe (OCCT) Shortcut: C:\Users\Dawid\Desktop\Programy\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) Shortcut: C:\Users\Dawid\Desktop\Programy\PC Alert 4.lnk -> C:\Program Files (x86)\MSI\PC Alert 4\StartPCAlert4.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\PDF-XChange Viewer.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\Users\Dawid\Desktop\Programy\Photoshop.lnk -> C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\Users\Dawid\Desktop\Programy\PowerISO.lnk -> C:\Program Files (x86)\PowerISO\PowerISO.exe (Power Software Ltd) Shortcut: C:\Users\Dawid\Desktop\Programy\Prawo Jazdy ABCDT - egzamin wewnętrzny.lnk -> C:\Program Files (x86)\Grupa IMAGE\Prawo Jazdy ABCDT - egzamin wewnetrzny\Testy.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Protected Folder.lnk -> C:\Program Files (x86)\IObit\Protected Folder\ProtectedFolder.exe (IObit) Shortcut: C:\Users\Dawid\Desktop\Programy\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.) Shortcut: C:\Users\Dawid\Desktop\Programy\Real Temp.lnk -> E:\Real_Temp3.60_www.INSTALKI.pl\RealTemp.exe (uWebb Software) Shortcut: C:\Users\Dawid\Desktop\Programy\ScanMyReg.lnk -> C:\Program Files (x86)\ScanMyReg\ScanMyReg.exe (YL Computing, Inc) Shortcut: C:\Users\Dawid\Desktop\Programy\SignSIS-GUI.lnk -> C:\Certyfikat\SignSIS-GUI\SignSIS-GUI.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH) Shortcut: C:\Users\Dawid\Desktop\Programy\Undelete 360.lnk -> C:\Program Files (x86)\File Recovery\undelete360\undelete-360.exe (File Recovery Ltd.) Shortcut: C:\Users\Dawid\Desktop\Programy\Update NOD32 license.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) Shortcut: C:\Users\Dawid\Desktop\Programy\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Dawid\Desktop\Programy\VCardExport.lnk -> C:\Program Files (x86)\VCardExportTool\VCardExport.exe (Aegis Technologies) Shortcut: C:\Users\Dawid\Desktop\Programy\vCardOrganizer.lnk -> C:\Program Files (x86)\vCardOrganizer\vCardOrganizer.exe (Stefano Toniolo) Shortcut: C:\Users\Dawid\Desktop\Programy\Veedub64.lnk -> E:\VirtualDub-1.9.11-AMD64\Veedub64.exe () Shortcut: C:\Users\Dawid\Desktop\Programy\Visual Watermark.lnk -> C:\Program Files (x86)\Visual Watermark\vmark.exe (Integrated Business Service Inc.) Shortcut: C:\Users\Dawid\Desktop\Programy\Windows 7 Logon Background Changer.lnk -> C:\Program Files (x86)\Julien MANICI\Windows 7 Logon Background Changer\Win7LogonBackgroundChanger.exe (http://www.julien-manici.com/) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\AQQ.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Dawid\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Watermark.lnk -> C:\Program Files (x86)\Visual Watermark\vmark.exe (Integrated Business Service Inc.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Logon Background Changer.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{2E6044C5-3495-485F-91BC-46D1B6430E51}\_38CF379FC0A8080C8E407C.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter\AQQ\Deinstalacja.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\uninstall.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter\AQQ\Uruchom AQQ.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Setup Wizard.lnk -> C:\Program Files (x86)\The KMPlayer\KMPSetup.exe (http://www.kmplayer.com) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer.lnk -> C:\Program Files (x86)\The KMPlayer\KMPlayer.exe (Pandora.TV) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\Uninstall KMPlayer.lnk -> C:\Program Files (x86)\The KMPlayer\uninstall.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter.lnk -> C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SignSIS-GUI\DevCertRequestControl.lnk -> C:\Certyfikat\SignSIS-GUI\DevCertRequestControl.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SignSIS-GUI\SignSIS-GUI.lnk -> C:\Certyfikat\SignSIS-GUI\SignSIS-GUI.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner On-Screen Display Server.lnk -> C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk -> C:\Program Files (x86)\MSI Afterburner\Doc\ReadMe.pdf () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk -> C:\Program Files (x86)\MSI Afterburner\Uninstall.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\Localization reference.pdf () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\USF skin format reference.pdf () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Samples () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinery\EULA.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_69525f90.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinery\Folder Machinery.lnk -> C:\Program Files (x86)\Machinery DEMO () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinery\Galeria.lnk -> C:\Program Files (x86)\Machinery DEMO\Samples () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinery\Machinery 1.5.5 DEMO.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_4ae13d6c.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinery\Machinery Explorer.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_5af141bb.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Power Tools.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe (CyberLink) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\CyberLink YouCam.lnk -> C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\CzytajTo.lnk -> C:\Program Files (x86)\CyberLink\YouCam\Language\YouCamPLK.htm () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\Pomoc online dla YouCam.lnk -> C:\Program Files (x86)\CyberLink\YouCam\Language\YouCamPlk.chm () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\LG Burning Tool.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (CyberLink Corp.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\Pomoc online dla Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Language\Plk\Power2Go.chm () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe (CyberLink Corp.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\CzytajTo.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Plk\Readme.htm () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe (CyberLink Corp.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\Pomoc online dla LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Plk\LabelPrint.chm () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IVMP\IVMP.lnk -> E:\GTA IV\IVMP\Client.Launcher.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IVMP\Uninstall IVMP.lnk -> E:\GTA IV\IVMP\Uninstall_IVMP.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk -> C:\Fraps\fraps.exe (Beepa P/L) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk -> C:\Fraps\uninstall.exe (Beepa Pty Ltd) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe (Free Time) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux\Flux.lnk -> C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux\Uninstall.lnk -> C:\Users\Dawid\AppData\Local\FluxSoftware\Flux\uninstall.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook\Facebook Messenger.lnk -> C:\Users\Dawid\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\easyHDR BASIC 2\easyHDR BASIC 2.lnk -> C:\Program Files (x86)\easyHDR BASIC 2\easyHDR_BASIC_2.exe (SIMPARTEK - Bartlomiej Okonek) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\easyHDR BASIC 2\Uninstall.lnk -> C:\Program Files (x86)\easyHDR BASIC 2\uninstall.exe (SIMPARTEK - Bartlomiej Okonek) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Dexpot Uninstall.lnk -> C:\Program Files (x86)\Dexpot\uninstall.exe (Dexpot GbR) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Dexpot-Updater.lnk -> C:\Program Files (x86)\Dexpot\updexer.exe (Dexpot GbR) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Dexpot.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Datpol\KeyTurion.lnk -> C:\Program Files (x86)\Datpol\KeyTurion.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Datpol\Uninstall.lnk -> C:\Program Files (x86)\Datpol\unins000.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod\Helium.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}\_D751D9D775A8FD8178CCB6.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aimp2\DFX\DfX for AIMP2.lnk -> C:\Program Files (x86)\AIMP2\PlugIns\DFX\dfxwsettings.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aimp2\DFX\Uninstall DFX for AIMP2.lnk -> C:\Program Files (x86)\AIMP2\Uninstall.exe (AIMP DevTeam) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\Format Factory.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe (Free Time) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\Transfer plików Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Image Grabber II.lnk -> C:\Program Files (x86)\Image Grabber II\Image Grabber II.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KeyTurion.lnk -> C:\Program Files (x86)\Datpol\KeyTurion.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Komputer Świat Plus.lnk -> C:\Program Files (x86)\Komputer Świat Plus\KSPlus.exe (Komputer Świat) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uruchom AQQ.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Visual Watermark.lnk -> C:\Program Files (x86)\Visual Watermark\vmark.exe (Integrated Business Service Inc.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CS5 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Lightroom 4 64-bit.lnk -> C:\Program Files\Adobe\Adobe Photoshop Lightroom 4\lightroom.exe (Adobe Systems) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Machinery 1.5.5.lnk -> C:\Users\Dawid\AppData\Roaming\Microsoft\Installer\{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}\_18be6784.exe () Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\Dawid\AppData\Roaming\Autodesk\AutoCAD 2014\R19.1\plk\Plotters\Plot Styles\Dodaj tabelę stylów wydruku.lnk -> E:\Autodesk\AutoCAD 2014\styshwiz.exe (Autodesk, Inc.) Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\Windows\GameExplorer\{874365F4-B5CA-4138-87E2-DBC3C7E769C2}\PlayTasks\0\Zagraj.lnk -> C:\Windows\SysWOW64\dtmcfg\mm.exe () Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\GFWLive\Logs\InstallLog.lnk -> C:\Users\Dawid\AppData\Local\Microsoft\GFWLive\Install\Logs () Shortcut: C:\Users\Dawid\AppData\Local\Microsoft\GFWLive\Install\Logs\ClientLog.lnk -> C:\Users\Dawid\AppData\Local\Microsoft\GFWLive\Logs () Shortcut: C:\Users\Dawid\AppData\Local\GG\Application\gg.lnk -> C:\Users\Dawid\AppData\Local\GG\Application\gghub.exe (GG Network S.A.) Shortcut: C:\Users\Default\Desktop\LG Burning Tool.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (CyberLink Corp.) Shortcut: C:\Users\Default\Desktop\LG Power Tools.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe (CyberLink) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Power Tools.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe (CyberLink) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\CyberLink YouCam.lnk -> C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\CzytajTo.lnk -> C:\Program Files (x86)\CyberLink\YouCam\Language\YouCamPLK.htm () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\YouCam\Pomoc online dla YouCam.lnk -> C:\Program Files (x86)\CyberLink\YouCam\Language\YouCamPlk.chm () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\LG Burning Tool.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (CyberLink Corp.) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\Pomoc online dla Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Language\Plk\Power2Go.chm () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LG Burning Tool\Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe (CyberLink Corp.) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\CzytajTo.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Plk\Readme.htm () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe (CyberLink Corp.) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\LabelPrint\Pomoc online dla LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Plk\LabelPrint.chm () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Angry Birds Space.lnk -> E:\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.) Shortcut: C:\Users\Public\Desktop\Ashampoo Burning Studio 2012.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2012\burningstudio2012.exe (Ashampoo) Shortcut: C:\Users\Public\Desktop\Battlefield 3.lnk -> E:\Battlefield 3\Battlefield 3\bf3.exe (EA Digital Illusions CE AB) Shortcut: C:\Users\Public\Desktop\JDownloader.lnk -> C:\Program Files (x86)\JDownloader\JDownloaderD3D.exe (AppWork UG (haftungsbeschränkt)) Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe () ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Download Licenses.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) -> /l ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Insert license with the maximum expiration date.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) -> /o /x ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Open Settings.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder\Recover current license.lnk -> C:\Program Files\ESET\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) -> /b ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe () -> -startup ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radmin Viewer 3\Odinstaluj.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {199127DC-7BDB-41AB-825B-4229A86F8F0D} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Odinstaluj QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {7BE15435-2D3E-4B58-867F-9C75BED0208C} /qf ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0\Uninstall Project64 2.0.lnk -> C:\Program Files (x86)\Project64 2.1\unins000.exe () -> /LOG ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange\PDF-XChange Viewer Manual.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.) -> /A "pxvhlp" "C:\Program Files\Tracker Software\PDF Viewer\Help\PDFVManual.pdf" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paraben Corporation\Device Seizure\Uninstall Device Seizure.lnk -> C:\Program Files (x86)\Paraben Corporation\Device Seizure\uninstall.exe (Paraben Corporation) -> "C:\Windows\SysWOW64\msiexec.exe /i {B4008666-3C27-4B67-9D89-80B4E31FA685}" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\PC Alert 4\UnInstall PC Alert 4.lnk -> C:\Windows\IsUninst.exe (InstallShield Software Corporation) -> -f"C:\Program Files (x86)\MSI\PC Alert 4\Uninst.isu" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter64.dll",DirectVobSub ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configureAudio ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configure ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavaudio.ax",OpenConfiguration ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavsplitter.ax",OpenConfiguration ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavvideo.ax",OpenConfiguration ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () -> /resetsettings ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Odinstaluj.lnk -> C:\Program Files\ESET\ESET Smart Security\callmsi.exe (ESET) -> /i {33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasySetPackage\Uninstall EasySetPackage.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{266725C1-716F-43AC-BBFB-4201131ED656}\setup.exe (InstallShield Software Corporation) -> /L0x0009 /removeonly ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO Optics Pro 7\Uninstall.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {A864167F-970B-4673-8FD2-AA1FD7AF3C1C} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Counter-Strike.lnk -> E:\Counter-Strike\Counter-Strike\hl.exe (Valve) -> -game cstrike ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Zaawansowane\Zaaplikuj fake CD-KEY.lnk -> C:\Windows\System32\regedt32.exe (Microsoft Corporation) -> "E:\Counter-Strike\Counter-Strike\cdkey.reg" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\ControlCenter3.lnk -> C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe (Brother Industries, Ltd.) -> /Model=DCP-150C ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Instalowanie diagnostyki.lnk -> C:\Program Files (x86)\Brother\Brmfl07a\Brinstck.exe (Brother Industries, Ltd.) -> DCP-150C ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Odinstaluj.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\setup.exe (Macrovision Corporation) -> -runfromtemp -l0x0015 Brunin03.dll ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Okno kontrolne.lnk -> C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) -> Brother DCP-150C Printer on USB001 /SHOW ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Rejestracja On-Line .lnk -> C:\Program Files (x86)\Brother\Brmfl07a\Brolink\Brolink0.exe (Brother Industories, Ltd.) -> OLR_URL /mDCP-150C ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 360.lnk -> C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) -> /browseLocal ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\AutoCAD 2014 — Polski (Polish).lnk -> C:\Windows\Installer\{5783F2D7-D001-0000-0102-0060B0CE6BBA}\Acad162_icon.exe () -> /product "ACAD" /language "pl-PL" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Narzędzie transferu licencji — AutoCAD 2014.lnk -> C:\Program Files\Common Files\Autodesk Shared\AdLM\R7\LTU.exe (Autodesk, Inc.) -> 001F1 2014.0.0.F -d SA -l pl-PL ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Przywróć ustawienia domyślne.lnk -> E:\Autodesk\AutoCAD 2014\AdMigrator.exe (Autodesk, Inc.) -> /reset /product "ACAD" /language "pl-PL" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Migracja ustawień niestandardowych\Eksportuj ustawienia programu AutoCAD 2014.lnk -> E:\Autodesk\AutoCAD 2014\AdMigrator.exe (Autodesk, Inc.) -> /e /product "ACAD" /language "pl-PL" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Migracja ustawień niestandardowych\Importuj ustawienia programu AutoCAD 2014.lnk -> E:\Autodesk\AutoCAD 2014\AdMigrator.exe (Autodesk, Inc.) -> /i /product "ACAD" /language "pl-PL" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\AutoCAD 2014 — Polski (Polish)\Migracja ustawień niestandardowych\Migracja z poprzedniej wersji.lnk -> E:\Autodesk\AutoCAD 2014\AdMigrator.exe (Autodesk, Inc.) -> /product "ACAD" /language "pl-PL" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Disk Unlocker\Uninstall.lnk -> C:\Windows\Installer\{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}\_D56300B98B4C89F9A57E30.exe () -> /i {E9275D69-7DEC-430B-BA1B-F74DFF9B0B43} /qf ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology\ASM104x USB 3.0 Driver\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Dawid\Desktop\Counter Strike.lnk -> E:\Counter-Strike\Counter-Strike\hl.exe (Valve) -> -nomaster -game cstrike ShortcutWithArgument: C:\Users\Dawid\Desktop\Programy\AutoCAD 2014 — Polski (Polish).lnk -> E:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) -> /product ACAD /language "pl-PL" ShortcutWithArgument: C:\Users\Dawid\Desktop\Programy\Autodesk 360.lnk -> C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) -> /browseLocal ShortcutWithArgument: C:\Users\Dawid\Desktop\Programy\Nvu.lnk -> C:\Program Files (x86)\Nvu\nvu.exe (Mozilla, Linspire Inc.) -> c ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\TuneUp Software\TU2011\StartUp Manager\Wyłącz obiekty\Logitech . Rejestracja produktu.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech) -> /remind /language=PLK /_WFM="." ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "%PROGRAMFILES%\Enigma Software Group\SpyHunter\SH4.com" ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall SpyHunter.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /X {AF549236-6258-4AC6-A043-5B5B89C6EB61} ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\Rejestracja Online.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\OLRSubmission\OLRSubmission.exe () -> /LANG:PLK ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk -> C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe (Free Time) -> /help ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Assign applications.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /aa ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Debug.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /debug ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Katalog okien.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /d ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Konfiguracja pulpitów.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /k ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Menedżer pulpitów.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /m ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\O Dexpot....lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /i ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Okna pulpitu.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /f ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Podgląd pełnoekranowy.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /V ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Podgląd pulpitów.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /v ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Przywróć domyślne ustawienia.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /reset ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Reguły pulpitu.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /g ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Ustawienia.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /e ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Zakończ.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /B ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Zastosuj reguły.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /R ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Add desktop.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /AddDesktop ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Desktop 1.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /w: 1 ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Desktop 2.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /w: 2 ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Desktop 3.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /w: 3 ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Desktop 4.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /w: 4 ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Desktop back.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /back ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Next desktop.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /next ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Previous desktop.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /prev ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Main menu\Pulpity\Remove desktop.lnk -> C:\Program Files (x86)\Dexpot\dexpot.exe (Dexpot GbR) -> /RemoveDesktop ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\AQQ.lnk -> C:\Program Files (x86)\WapSter\WapSter AQQ\AQQ.exe (AQQ Sp. z o.o.) -> AQQ_SHELL_EXTENSION ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto: ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation) -> /recycle ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AutoCAD 2014 — Polski (Polish).lnk -> E:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) -> /product ACAD /language "pl-PL" ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\Users\Dawid\AppData\Roaming\Autodesk\AutoCAD 2014\R19.1\plk\Plotters\Dodaj ploter.lnk -> E:\Autodesk\AutoCAD 2014\addplwiz.exe (Autodesk, Inc.) -> /LANGUAGE pl-PL ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools\Rejestracja Online.lnk -> C:\Program Files (x86)\CyberLink\DVD Suite\OLRSubmission\OLRSubmission.exe () -> /LANG:PLK ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanMyReg\Strona WWW programu ScanMyReg.url -> hxxp://scanmyreg.ylcomputing.com InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0\Support.url -> hxxp://forum.pj64-emu.com InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi AV\Strona WWW programu Multi AV.url -> hxxp://www.pcworld.pl InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Afterburner homepage.url -> hxxp://event.msi.com/vga/afterburner InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Kombustor and Afterburner forum.url -> hxxp://forums.guru3d.com/forumdisplay.php?f=55 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Kombustor latest news.url -> hxxp://www.ozone3d.net/redirect.php?id=210 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Kombustor online scores.url -> hxxp://www.ozone3d.net/redirect.php?id=710 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\What is Kombustor.url -> hxxp://www.ozone3d.net/redirect.php?id=223 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\Afterburner homepage.url -> hxxp://event.msi.com/vga/afterburner InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\Kombustor and Afterburner forum.url -> hxxp://forums.guru3d.com/forumdisplay.php?f=55 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\Kombustor latest news.url -> hxxp://www.ozone3d.net/redirect.php?id=210 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\Kombustor online scores.url -> hxxp://www.ozone3d.net/redirect.php?id=710 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.4\What is Kombustor.url -> hxxp://www.ozone3d.net/redirect.php?id=223 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\Afterburner homepage.url -> hxxp://event.msi.com/vga/afterburner InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\Kombustor and Afterburner forum.url -> hxxp://forums.guru3d.com/forumdisplay.php?f=55 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\Kombustor latest news.url -> hxxp://www.ozone3d.net/redirect.php?id=210 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\Kombustor online scores.url -> hxxp://www.ozone3d.net/redirect.php?id=710 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.3\What is Kombustor.url -> hxxp://www.ozone3d.net/redirect.php?id=223 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\Forum.url -> hxxp://forums.guru3d.com/forumdisplay.php?f=55 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\Homepage.url -> hxxp://event.msi.com/vga/afterburner InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\Latest news.url -> hxxp://www.ozone3d.net/redirect.php?id=210 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor\Online scores.url -> hxxp://www.ozone3d.net/redirect.php?id=710 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit! Enterprise\MOBILedit! Enterprise on the Web.url -> hxxp://www.compelson.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike\Strona WWW programu Counter-Strike.url -> hxxp://www.exegames.pl InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compiled Driver Disc (Full)\Download Apple iTunes.url -> hxxp://www.apple.com/itunes/download/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Compiled Driver Disc (Full)\Download Windows Mobile Support Files.url -> hxxp://www.microsoft.com/windowsphone/en-us/apps/65-downloads.aspx InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Podręczniki użytkownika w formacie PDF.url -> hxxp://solutions.brother.com InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\DCP-150C\Pomoc online i często zadawane pytania (FAQ).url -> hxxp://solutions.brother.com/cgi-bin/solutions.cgi?MDL=mfc157&LNG=pl&SRC=FAQ InternetURL: C:\Users\Dawid\Favorites\Windows Live\Galeria gadżetów Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkID=70742 InternetURL: C:\Users\Dawid\Favorites\Windows Live\Poczta usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681 InternetURL: C:\Users\Dawid\Favorites\Windows Live\Programy usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700 InternetURL: C:\Users\Dawid\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682 InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\MSN Gospodarka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923 InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\MSN Rozrywka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924 InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921 InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\MSN Technologie.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143 InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\MSN Wideo.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922 InternetURL: C:\Users\Dawid\Favorites\MSN — witryny sieci Web\Portal MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Centrum bezpieczeństwa Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkID=72887 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Dodatki programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Microsoft Office Online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72885 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Microsoft Technet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72886 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Microsoft w Polsce.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Oryginalne oprogramowanie firmy Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72900 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Strona główna programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Strona główna systemu Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\Technologia RSS.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72889 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\W domu.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406 InternetURL: C:\Users\Dawid\Favorites\Microsoft — witryny sieci Web\W pracy.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72407 InternetURL: C:\Users\Dawid\Favorites\Links for Polska\Bezpieczeństwo w trybie online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=142211 InternetURL: C:\Users\Dawid\Favorites\Links for Polska\Bezpieczny Internet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129626 InternetURL: C:\Users\Dawid\Favorites\Links for Polska\Kultura.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129625 InternetURL: C:\Users\Dawid\Favorites\Links for Polska\Pogodynka.pl — oficjalny serwis pogodowy IMGW.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129624 InternetURL: C:\Users\Dawid\Favorites\Links for Polska\Polska.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129622 InternetURL: C:\Users\Dawid\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Users\Dawid\Desktop\Assassin's Creed IV Black Flag.url -> uplay://launch/273 InternetURL: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter\AQQ\WapSter.url -> hxxp://aqq.eu InternetURL: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer\KMPlayer Home Page.url -> hxxp://www.kmplayer.com/forums InternetURL: C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Dexpot Homepage.url -> hxxp://www.dexpot.de ==================== End of log ============================= [/log] Inaczej nie dało się tego wstawić.
pawel315 komentarz 23 sierpnia 2014 komentarz 23 sierpnia 2014 [ Application Events ] Error - 2014-08-21 11:31:12 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = Error - 2014-08-21 11:31:12 | Computer Name = Dawid-Komputer | Source = NvStreamSvc | ID = 131073 Description = To chyba przez tą usługę, popatrz tu → http://forum.dobreprogramy.pl/nvstreamsvc-sprawd%C5%BA-je%C5%9Bli-gry-nagle-zawieszaj%C4%85-si%C4%99-t451447/
Dawid_Dj komentarz 24 sierpnia 2014 Autor komentarz 24 sierpnia 2014 Zrobiłem to co napisali. Teraz trzeba poczekać. Wiecie też dlaczego zamiast przecinka mam "b"? Pisałem kiedyś o tym na forum.
Dawid_Dj komentarz 25 sierpnia 2014 Autor komentarz 25 sierpnia 2014 Bez zmian ale teraz usunalem to w wierszu polecien. Zobaczymy co będzie dalej.
Dawid_Dj komentarz 28 sierpnia 2014 Autor komentarz 28 sierpnia 2014 Nadal mam problem z zamulanie uciekajacym izmieniajacym sie kursorem... Komp tez nie zawsze chce sie wylaczyc (wylaczy sie ale nadal pracuje). Nie znalazlem tego bledu co wczesniej ale sa za to inne. Sprawdzcie to. Extras [log]OTL Extras logfile created on: 2014-08-28 13:27:42 - Run 6 OTL by OldTimer - Version 3.2.69.0 Folder = E:\OTL 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 5,34 Gb Available Physical Memory | 66,87% Memory free 15,96 Gb Paging File | 12,93 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 155,25 Gb Total Space | 10,64 Gb Free Space | 6,85% Space Free | Partition Type: NTFS Drive D: | 155,16 Gb Total Space | 28,39 Gb Free Space | 18,30% Space Free | Partition Type: NTFS Drive E: | 155,25 Gb Total Space | 30,87 Gb Free Space | 19,88% Space Free | Partition Type: NTFS Computer Name: DAWID-KOMPUTER | User Name: Dawid | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htafile [open] -- "%1" %* htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{051EB8ED-D2FD-415D-9713-F60F230D90E6}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{067202FA-FB20-4EB7-989C-3859D15A1A09}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{08617120-8914-4034-81A7-07F0E96341F7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0A0401B9-7C28-4978-92A1-F1C0DAB985F4}" = rport=137 | protocol=17 | dir=out | app=system | "{0C2D0C78-D8C8-44CF-A1A2-5238B6DA2BC9}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{15026F90-DF7B-4407-8E41-D8144DD71D21}" = lport=139 | protocol=6 | dir=in | app=system | "{1DF44B3D-2AEC-4987-8985-BC178E1854E6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{2056652C-64D8-406A-833D-6C60F4CAD105}" = lport=445 | protocol=6 | dir=in | app=system | "{2B376A50-0512-41D1-8CC5-B5190EC6FE20}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{345020B2-A6F4-4AB1-A39F-F9A8857A5CBB}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{34F6984E-9E3A-4CA0-AB14-89BFEB84E13B}" = rport=138 | protocol=17 | dir=out | app=system | "{354334E5-4B96-4789-9857-B33250026CE3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{3A177BE4-2F2D-483C-B806-AD6C37691043}" = lport=4899 | protocol=17 | dir=in | name=4899 udp | "{455C4DD2-462D-41A9-B20B-8BB1CF806EC9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{4AA1072B-DCC4-48B2-AE67-67B1477A29EF}" = rport=4899 | protocol=6 | dir=out | name=4899 tcp | "{55D70FE6-9318-4287-97A0-41A1C845C476}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{69ED7FA8-A8E7-4770-A760-869558C00481}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{6E8A9786-641D-4CEB-89C0-A492DAB26BDB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{72190C1D-61E2-4C6C-88ED-2D2E0504770D}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service | "{7508478E-8008-474A-889D-16DD679EFFDB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{84F9193D-E4CC-48B9-B414-FAEE61C4743E}" = lport=10243 | protocol=6 | dir=in | app=system | "{8E8809CC-569C-4C58-9627-B36CD5BF1BBA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{940EE33A-50AB-4FD8-B12B-EC21CF159CE4}" = lport=137 | protocol=17 | dir=in | app=system | "{945C2275-D6D1-4012-9150-946901ED2278}" = lport=2869 | protocol=6 | dir=in | app=system | "{95285DB7-1613-446F-8431-25FABB39FD48}" = rport=139 | protocol=6 | dir=out | app=system | "{98F4E4AC-F703-4428-A545-D1E34715706D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{9C922B2A-0969-4E4B-B299-CFA441A5BC38}" = rport=4899 | protocol=17 | dir=out | name=4899 udp | "{9F8A8BE1-C517-4F0C-89CE-290641E28AF1}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{AC8948A1-102B-4E2F-AB51-3CB8C250D943}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AE097083-C0CD-42ED-96B5-9F0CD79E122C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{C3593B60-2EE2-451B-BF16-5A5B5DA71575}" = rport=10243 | protocol=6 | dir=out | app=system | "{C6C7D2AE-61F4-4174-9637-89440067F051}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{D38BC28C-53D5-4F97-A114-10921CE535E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E046E66E-2BA8-47E7-B241-14FB35D31792}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E16E2025-DAC2-4C81-A49F-A1F5AA7A7287}" = rport=445 | protocol=6 | dir=out | app=system | "{E9B4CBEA-AB89-4C05-B2B9-5E6BA84B4988}" = lport=4899 | protocol=6 | dir=in | name=4899 tcp | "{EDBC7A31-AD62-4076-8BDB-9C8A88A78691}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F65A4E17-26ED-4A02-AE9C-D2CE5AF2349B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{FA020FF2-3D82-4E52-A80C-B12396CD4BCC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FF2A64AB-D235-418C-8078-A91BC721692B}" = lport=138 | protocol=17 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0994B7F4-A440-43F3-A425-F5FB71A3C646}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{11AFD906-3D0C-4529-B2F7-E96D329F44D6}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{1547B707-677E-423F-963C-1BCD7E6ECA49}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{155B3876-96A3-4635-A945-41CBC093DA96}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{17408F70-A0BE-47E6-821B-4C78EF466E5D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{1923B629-1606-475F-8A22-4543D60282AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1BDBDD68-5592-481E-B245-B6EBE8125D51}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1BE72711-CC5A-4EE9-B097-B69DEFFC04EB}" = dir=in | app=%programfiles% (x86)\radmin viewer 3\radmin.exe | "{211AC75A-4C3C-4AB0-B157-D032317CE3BC}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe | "{27792FA4-ED21-426D-8B4A-07B6441308A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2BFEDC87-A56D-4849-A748-C191E70E6302}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{32444DDF-A6A7-4E3C-A2C9-8D6738892FE5}" = dir=in | app=c:\users\dawid\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{39BEEA53-78C3-4308-9752-8752A39A5F81}" = protocol=6 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe | "{3E582B93-96E3-4EBD-88BA-4F2D7136CBFD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3E5E3B04-9BB5-4D30-A074-CC4FE5E90979}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4868991E-81C1-4315-80A4-BB013C873438}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{4B514292-0C6E-4BDC-9689-3DD074FCDCC5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{4D428C51-2BEE-4066-A114-0649CA63A237}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{54E557F5-7305-41C0-88C4-2CD09C411590}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5860B855-191C-421A-BE61-3856368EC406}" = protocol=6 | dir=out | app=system | "{5FF66FF0-99C5-4943-868B-9B1D4DC5BCBF}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe | "{69CF4335-01A6-4CED-97E7-F5A2F4A035AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6A916F85-06B8-4F93-862B-CBADCBAC8B37}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{6BC4FC3B-0055-451D-B0F1-1CA4354C3430}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{6BD161BB-80B2-419A-84A0-C3DD6A2D53BA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{7540C063-5F62-4114-963B-03F2A6B3DCB6}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "{7B48A4C2-5C13-41CF-9322-08B5F2005FFA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{7D0F0EB6-7DE4-4730-8A84-14A0C5FB9B5A}" = protocol=6 | dir=in | app=e:\assassin's creed iv black flag\ac4bfsp.exe | "{804FCF24-CAF3-4EEE-9855-DC1777C862BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{81050B87-9B31-4BBE-862A-A0A0EEE91FA1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{82D90AD8-4023-44BE-A944-68D354B1CF37}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{856CCCDB-3FFA-4BC1-BF20-2E4C24F60028}" = protocol=6 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe | "{886950DC-2A5F-465E-9FCA-C70D06C22D15}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{918512A2-A5F4-46CC-8F48-9FE8DAEAC9F5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{972012F9-A2E9-4486-A0C6-CD8296E06ACF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{A3B4FACB-2D8B-4947-BB51-F25C51C631DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{A6B25DF3-55A1-4EDA-9A0F-18AA6D2B17AC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{AA197DE7-2835-45D7-9199-51F1638D6F6F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{ADB91B4E-26E2-4614-A154-E5391E0DE910}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{AF240F08-E43F-4284-9E1A-CDE86C3473A0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B08BF8EF-0172-405D-B245-493336237DF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B65E9A0B-01F4-4838-822C-32C66F19176E}" = protocol=17 | dir=in | app=e:\battlefield 3\battlefield 3\bf3.exe | "{BDC8AED4-5753-4AF2-A3F1-A6C8EB066D35}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{C5A4A066-BCFA-4A67-AAFA-68CE3BE34B3B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{C9B3ADEC-EFED-462B-B888-1152FE7B5DF1}" = protocol=17 | dir=in | app=e:\assassin's creed iv black flag\ac4bfmp.exe | "{CB0C6A3F-A2C3-4219-82AA-448C62008318}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{DA3FE40C-A3A2-4573-8984-B14BB46C3162}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{DB6C9C1C-1AA6-43EB-9EAE-BDA940C38114}" = protocol=17 | dir=in | app=c:\program files (x86)\aibelive\aiwi\aiwi.exe | "{DBAFEFB0-F5C7-465D-BD9C-D72E7BEE9E38}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E2D3E600-3393-469C-BD1C-8523FB809ADF}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe | "{E40E3999-C599-42E6-817F-8FD13F0378A0}" = dir=out | app=%programfiles% (x86)\radmin viewer 3\radmin.exe | "{EA8AB3D3-CE48-4B25-AE67-461BC640B2CA}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | "{EB0F49C9-F2CE-4318-836B-C6031828F82B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F9F5A550-BB7D-4A49-8501-FA20EA7991F9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{FF1FDAEF-4032-4CAF-A83E-90BB02BC901D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{20E5E139-277F-4FE3-BD6A-9B8FAEF19923}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "TCP Query User{7AE8B3D8-FA66-43F9-A4C6-2DEF69EE1250}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "TCP Query User{C77753D0-38F6-4969-8210-F4461D9652B5}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{FFD469CF-B67B-4D9E-BEB4-3E4C06DB7E4F}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe | "UDP Query User{0D693FB2-E70D-4B2C-B438-406442314D17}C:\users\dawid\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dawid\appdata\local\akamai\netsession_win.exe | "UDP Query User{437E473F-B055-4E34-94AD-AFE7B32BF217}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{6611A0CD-E5E2-420C-9591-EC9600EA206F}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "UDP Query User{6EAB7657-AF00-4803-8661-D5AC9125F2C4}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 "{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap "{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English "{33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}" = ESET Smart Security "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{3DCF00F5-04A5-4543-A088-70548081120E}_is1" = Compiled Driver Disc (Full) 1.0 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK) "{48BB9EBA-C929-4D7E-AF43-21B4427373EB}" = AIWI JoyStick "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360 "{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish) "{5783F2D7-D001-0415-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack – Polski (Polish) "{5783F2D7-D001-0415-2102-0060B0CE6BBA}" = AutoCAD 2014 — Polski (Polish) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{669A82E0-43E2-4645-8A2E-1A3DE78F8312}" = Adobe Photoshop Lightroom 4 64-bit "{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64 "{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 331.82 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 331.82 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 10.11.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19 "{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour "{C7966AB3-A8D9-48D5-B7DF-922674C40098}" = Device Simulation Framework 1.0.1 "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) "AutoCAD 2014 — Polski (Polish)" = Autodesk AutoCAD 2014 — Polski (Polish) "Autodesk ReCap" = Autodesk ReCap "AutoHotkey" = AutoHotkey 1.1.13.01 "BurnInTest_is1" = BurnInTest v7.1 Pro "CCleaner" = CCleaner "CCleaner_is1" = CCleaner wersja 4.14.4707 "CPUID HWMonitor_is1" = CPUID HWMonitor 1.24 "CyberGhost VPN_is1" = CyberGhost VPN Patch 4.7.19 "JottiQSetup_is1" = JottiQ v1.0.2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "TNod" = TNod User & Password Finder "Uninstall Tool_is1" = Uninstall Tool "WinRAR archiver" = WinRAR 4.11 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4 "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.5.0 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{199127DC-7BDB-41AB-825B-4229A86F8F0D}" = Radmin Viewer 3.5 "{1A834332-A9EE-440C-9505-2D07F445F05A}" = MOBILedit! Support Libraries "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521 "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{266725C1-716F-43AC-BBFB-4201131ED656}" = EasySetPackage "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker "{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver "{2E6044C5-3495-485F-91BC-46D1B6430E51}" = Windows 7 Logon Background Changer "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic "{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{3F6C0B68-F8CC-4F6A-8346-44E247A92CB6}_is1" = Multi AV wersja 1.0.1 "{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT) "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C35E42C-98B4-4A82-87C7-8E73FBDDFBCC}" = AIMP2 MegaPack v6 by UppeD "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014 "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8303}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8304}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8304}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8305}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8306}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8307}" = Grand Theft Auto IV "{611E417A-82C3-415C-B9C4-7C8DBF02E6D5}" = TS Notifier "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Oprogramowanie "{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service "{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014 "{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014 "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution "{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16 "{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7C4F2AE9-4D57-4A5D-B20A-B52DC24EC953}_is1" = Counter-Strike 1.6 v40 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit) "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8AA0316E-A4E1-4E10-9DAA-46E0C70A2F2A}" = Machinery DEMO "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{8F196892-666A-4A40-8587-6AE38F78A5C2}" = FARO LS 1.1.501.0 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}" = Microsoft Keyboard Layout Creator 1.4 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A781940-AC41-4D5E-8E1E-76A04B916FB9}" = Helium "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 "{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite "{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro "{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A864167F-970B-4673-8FD2-AA1FD7AF3C1C}" = DxO Optics Pro 7 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common "{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{AF549236-6258-4AC6-A043-5B5B89C6EB61}" = SpyHunter "{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro "{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}" = Speed-Link SL-6535 USB Pad "{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI "{B4008666-3C27-4B67-9D89-80B4E31FA685}" = Paraben's Device Seizure "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share "{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint "{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 "{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM "{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{E7FA1F7A-A5E7-4D44-9B34-654F23A94E78}_is1" = MOBILedit! Enterprise ver. 7.5.0.4173 "{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}" = Disk Unlocker "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F40963EC-223E-4E65-8CF0-A60E9A227245}_is1" = Prawo Jazdy ABCDT - egzamin wewnętrzny "{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps "{FA1BD6B7-9740-4C9A-81EA-42D5196FA592}" = Angry Birds Space "{FC274982-5AAD-4C20-848D-A9D60D18D757}_is1" = ScanMyReg 2.02 "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Afterburner" = MSI Afterburner 2.3.1 "AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.30 "AIMP3" = AIMP3 "AQQ" = WapSter AQQ "Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15 "Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3 v.3.20 "Ashampoo Snap 4_is1" = Ashampoo Snap 4 v.4.3.0 "ASUS WebStorage" = ASUS WebStorage "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode) "Audacity_is1" = Audacity 2.0.4 "Autodesk Content Service" = Autodesk Content Service "Battlelog Web Plugins" = Battlelog Web Plugins "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DFX for AIMP2 1.2.5" = DFX for AIMP2 1.2.5 "easyHDR_BASIC_2" = easyHDR BASIC 2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "ExifCleaner" = ExifCleaner 1.7 "FormatFactory" = FormatFactory 3.0.1 "FotoSender_is1" = FotoSender 3.0 "Fraps" = Fraps (remove only) "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Google Chrome" = Google Chrome "HD Tune Pro_is1" = HD Tune Pro 3.00 "Image Grabber II" = Image Grabber II "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go "InstallShield_{B3E74336-F275-40D9-BFAB-2FCB765609F5}" = AIWI "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint "ipla" = ipla 2.7 "JDownloader" = JDownloader "jv16 PowerTools_is1" = jv16 PowerTools 1.3 "KLiteCodecPack_is1" = K-Lite Codec Pack 10.0.5 Full "Komputer Świat Plus_is1" = Komputer Świat Plus "LAME for Audacity_is1" = LAME v3.98.2 for Audacity "LAME_is1" = LAME v3.99.3 (for Windows) "LG PC Suite" = LG PC Suite "Lightning_is1" = Lightning "Liveupdate4_is1" = Liveupdate4 "Logitech Vid" = Logitech Vid HD "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.2.1012 "Mozilla Firefox 24.0 (x86 pl)" = Mozilla Firefox 24.0 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Nokia Suite" = Nokia Suite "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Nvu_is1" = Nvu 1.0 "OCCT" = OCCT 4.2.0 "Origin" = Origin "PC Alert 4" = PC Alert 4 "PowerISO" = PowerISO "Project 64_is1" = Project 64 version 2.1.0.1 "Protected Folder_is1" = Protected Folder "PunkBusterSvc" = PunkBuster Services "Silver Efex Pro 2" = Silver Efex Pro 2 "SM7192" = USB Cobra Joystick V4 "SystemRequirementsLab" = System Requirements Lab "TeamViewer 8" = TeamViewer 8 "The KMPlayer" = The KMPlayer (remove only) "Undelete 360_is1" = Undelete 360 "Uninstall Tool_is1" = Uninstall Tool "Uplay" = Uplay "Uplay Install 273" = Assassin's Creed IV Black Flag "VCardExport_is1" = VCardExportTool "Visual Watermark_is1" = Visual Watermark 2.9.30 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite" = Podstawowe programy Windows Live "WinRAR archiver" = WinRAR archiver [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1744233449-2869872091-3771974885-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "Dexpot" = Dexpot "Flux" = f.lux "GG" = GG "KeyTurion" = KeyTurion version 2.8 "Polska lokalizacja Lightroom 4" = Polska lokalizacja Lightroom 4 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-08-25 08:00:59 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-08-25 13:10:43 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-08-25 13:55:48 | Computer Name = Dawid-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: NvBackend.exe, wersja: 10.11.15.0, sygnatura czasowa: 0x52a6776c Nazwa modułu powodującego błąd: nvspcap.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x52a67618 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x100be510 Identyfikator procesu powodującego błąd: 0x994 Godzina uruchomienia aplikacji powodującej błąd: 0x01cfc08d813fe5d7 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe Ścieżka modułu powodującego błąd: nvspcap.dll Identyfikator raportu: 0ae6c4e3-2c81-11e4-947d-f46d04619414 Error - 2014-08-25 13:55:52 | Computer Name = Dawid-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: NvBackend.exe, wersja: 10.11.15.0, sygnatura czasowa: 0x52a6776c Nazwa modułu powodującego błąd: nvspcap.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x52a67618 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x100077e2 Identyfikator procesu powodującego błąd: 0x994 Godzina uruchomienia aplikacji powodującej błąd: 0x01cfc08d813fe5d7 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe Ścieżka modułu powodującego błąd: nvspcap.dll Identyfikator raportu: 0d70ad97-2c81-11e4-947d-f46d04619414 Error - 2014-08-26 04:18:13 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-08-26 12:18:48 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-08-27 04:18:01 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-08-27 07:17:32 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-08-28 04:00:16 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2014-08-28 07:18:28 | Computer Name = Dawid-Komputer | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 2012-01-10 12:31:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:31:51 - Błąd podczas nawiązywania połączenia z Internetem. 17:31:51 - Nie można skontaktować się z serwerem.. Error - 2012-01-10 12:31:59 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:31:56 - Błąd podczas nawiązywania połączenia z Internetem. 17:31:56 - Nie można skontaktować się z serwerem.. Error - 2012-01-11 13:15:09 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 18:15:09 - Błąd podczas nawiązywania połączenia z Internetem. 18:15:09 - Nie można skontaktować się z serwerem.. Error - 2012-01-11 13:15:17 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 18:15:14 - Błąd podczas nawiązywania połączenia z Internetem. 18:15:14 - Nie można skontaktować się z serwerem.. Error - 2012-01-12 12:01:15 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:01:15 - Błąd podczas nawiązywania połączenia z Internetem. 17:01:15 - Nie można skontaktować się z serwerem.. Error - 2012-01-12 12:01:24 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 17:01:20 - Błąd podczas nawiązywania połączenia z Internetem. 17:01:20 - Nie można skontaktować się z serwerem.. Error - 2012-01-13 11:45:32 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 16:45:32 - Błąd podczas nawiązywania połączenia z Internetem. 16:45:32 - Nie można skontaktować się z serwerem.. Error - 2012-01-13 11:45:42 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 16:45:37 - Błąd podczas nawiązywania połączenia z Internetem. 16:45:37 - Nie można skontaktować się z serwerem.. Error - 2012-01-14 10:05:39 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 15:05:39 - Błąd podczas nawiązywania połączenia z Internetem. 15:05:39 - Nie można skontaktować się z serwerem.. Error - 2012-01-14 10:05:51 | Computer Name = Dawid-Komputer | Source = MCUpdate | ID = 0 Description = 15:05:47 - Błąd podczas nawiązywania połączenia z Internetem. 15:05:47 - Nie można skontaktować się z serwerem.. [ OSession Events ] Error - 2014-01-06 11:09:30 | Computer Name = Dawid-Komputer | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 2014-08-27 07:56:26 | Computer Name = Dawid-Komputer | Source = nvlddmkm | ID = 11141134 Description = Error - 2014-08-28 03:58:47 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error - 2014-08-28 03:59:26 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: BTHidMgr Error - 2014-08-28 04:08:23 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2014-08-28 05:09:45 | Computer Name = Dawid-Komputer | Source = nvlddmkm | ID = 11141134 Description = Error - 2014-08-28 07:16:02 | Computer Name = Dawid-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 11:51:51 na ?2014-?08-?28 było nieoczekiwane. Error - 2014-08-28 07:15:51 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi sbapifs z powodu następującego błędu: %%2 Error - 2014-08-28 07:17:51 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: BTHidMgr Error - 2014-08-28 07:22:48 | Computer Name = Dawid-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1058 Error - 2014-08-28 07:31:51 | Computer Name = Dawid-Komputer | Source = nvlddmkm | ID = 11141134 Description = < End of report > [/log]
Dawid_Dj komentarz 31 sierpnia 2014 Autor komentarz 31 sierpnia 2014 Komp zaczal mulic w pierwszych kilku minutach od wlaczenia. Jestem teraz w trybie awawyjnym i jak narazie nic sie nie dzieje. Wiecie co jest grane? Kompa potrzebuje codziennie a on mi takie cos odwala... Chciałbym jeszcze dodać ze chyba przez to usuniecie "NvStreamSvc" obraz w niektorych miejscach jest czasem nieostry.
Zayfi komentarz 31 sierpnia 2014 komentarz 31 sierpnia 2014 A wykonaj czysty rozruch systemu http://support.microsoft.com/kb/331796/pl
Dawid_Dj komentarz 2 września 2014 Autor komentarz 2 września 2014 Nadal to samo. Ręce mi opadają... Zauważyłem że po czystym rozruchu nadal mam dość sporo usług.
Dawid_Dj komentarz 6 września 2014 Autor komentarz 6 września 2014 Po zainstalowaniu najnowszego sterownika graficznego wszystko jest ok (jak narazie). Dziwne bo kiedys tez to aktualizowalem i nadal mialem problem. Zobaczymy na jak dlugo bedzie sprawny.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.