marwit utworzono 9 września 2013 utworzono 9 września 2013 (edytowane) Witam, od kilku dni miałem wrażenie, że laptop jest zamulony. Po sprawdzeniu managera zadań widzę, dwa procesy csrss.exe z czego jeden zabiera 25% mocy procesora. Jak się tego bezpiecznie pozbyć? Z góry dzięki za pomoc:) edit: Nie wiem dlaczego ten cały log się wyświetla mimo iż jest w tagach... Poniżej logi z OTL [log]OTL logfile created on: 2013-09-09 22:33:45 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcin\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16660) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 15,89 Gb Total Physical Memory | 12,60 Gb Available Physical Memory | 79,32% Memory free 51,89 Gb Paging File | 23,60 Gb Available in Paging File | 45,49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 207,98 Gb Total Space | 76,87 Gb Free Space | 36,96% Space Free | Partition Type: NTFS Drive E: | 907,23 Gb Total Space | 593,17 Gb Free Space | 65,38% Space Free | Partition Type: NTFS Computer Name: KOMPIK | User Name: Marcin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013-09-09 22:24:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcin\Downloads\OTL.exe PRC - [2013-09-02 22:35:59 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013-07-27 10:35:36 | 001,889,568 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013-06-05 19:28:40 | 027,370,808 | ---- | M] (Dropbox, Inc.) -- C:\Users\Marcin\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013-05-22 14:48:40 | 000,740,712 | ---- | M] (Spigot, Inc.) -- C:\Users\Marcin\AppData\Roaming\Search Protection\SearchProtection.exe PRC - [2013-05-21 06:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe PRC - [2013-05-10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-11-09 08:56:56 | 002,883,192 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe PRC - [2012-10-19 09:34:18 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe PRC - [2012-10-19 09:34:16 | 000,085,112 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe PRC - [2012-10-19 09:34:06 | 002,624,120 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe PRC - [2012-09-05 21:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2012-08-27 01:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2012-08-15 13:41:26 | 000,097,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2012-07-24 05:06:16 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe PRC - [2012-07-18 03:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-07-18 03:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-07-18 03:10:24 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012-07-18 03:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012-06-14 05:05:16 | 000,648,544 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe PRC - [2012-06-08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe ========== Modules (No Company Name) ========== MOD - [2013-09-02 22:35:56 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll MOD - [2013-09-02 22:35:55 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll MOD - [2013-09-02 22:35:54 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll MOD - [2013-09-02 22:35:04 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll MOD - [2013-09-02 22:35:03 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll MOD - [2013-09-02 22:35:01 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll MOD - [2013-06-21 14:06:36 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll MOD - [2013-03-13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2012-11-14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2012-10-19 09:34:20 | 000,110,200 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll MOD - [2012-10-19 09:34:14 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll MOD - [2012-10-19 09:34:08 | 000,060,536 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll MOD - [2012-10-19 09:34:02 | 000,103,544 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll MOD - [2012-10-19 09:34:02 | 000,026,744 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll MOD - [2012-07-24 05:06:16 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe MOD - [2012-06-14 05:06:20 | 000,500,064 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll MOD - [2012-06-14 04:57:22 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll MOD - [2012-06-14 04:56:52 | 000,481,792 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll MOD - [2012-06-14 04:55:22 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll MOD - [2012-06-08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll MOD - [2012-06-08 04:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll MOD - [2012-05-30 08:51:08 | 000,699,280 | R--- | M] () -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll MOD - [2011-08-17 09:48:24 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll MOD - [2011-08-17 09:48:22 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll MOD - [2011-08-17 09:41:36 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll MOD - [2011-08-15 13:17:30 | 009,224,704 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll MOD - [2011-08-15 13:15:44 | 000,382,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll MOD - [2011-08-15 13:12:04 | 002,603,520 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll MOD - [2011-08-15 13:12:04 | 001,006,592 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll MOD - [2011-08-15 12:23:00 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll MOD - [2011-07-19 09:05:40 | 014,978,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll MOD - [2011-07-19 09:04:56 | 000,317,952 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll ========== Services (SafeList) ========== SRV:64bit: - [2013-07-27 10:49:33 | 014,984,480 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:64bit: - [2013-07-02 02:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:64bit: - [2013-06-09 16:05:18 | 001,900,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc) SRV:64bit: - [2013-06-01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2013-05-04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013-05-04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2013-04-09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2013-03-02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2013-03-02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2013-01-10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2013-01-10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2012-11-01 09:22:14 | 000,055,120 | ---- | M] (Condusiv Technologies) [Auto | Stopped] -- C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe -- (IntelliMemory) SRV:64bit: - [2012-09-24 09:03:12 | 001,153,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV:64bit: - [2012-09-24 09:02:54 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2012-09-24 09:02:42 | 000,617,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2012-09-24 09:02:16 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2012-09-20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2012-09-20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2012-09-20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012-09-12 21:33:50 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:64bit: - [2012-08-15 10:08:14 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV:64bit: - [2012-07-26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012-07-26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2012-07-26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012-07-26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012-07-26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012-07-26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012-07-26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012-07-26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012-07-26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012-07-26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012-07-26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012-07-26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2012-04-20 07:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2013-07-27 10:35:36 | 001,889,568 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013-05-21 06:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS) SRV - [2013-05-10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-10-19 09:34:18 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher) SRV - [2012-10-07 15:57:10 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012-09-20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012-09-05 21:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2012-08-27 01:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2012-08-15 04:44:50 | 003,943,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2012-07-26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012-07-18 03:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-07-18 03:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-07-18 03:10:24 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012-07-18 03:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013-08-12 00:12:18 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2013-07-02 02:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2013-07-02 00:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2013-06-21 14:06:36 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2013-06-01 13:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2013-06-01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2013-06-01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2013-06-01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013-05-23 07:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\symefa64.sys -- (SymEFA) DRV:64bit: - [2013-05-21 07:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\symds64.sys -- (SymDS) DRV:64bit: - [2013-05-16 07:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\srtsp64.sys -- (SRTSP) DRV:64bit: - [2013-05-14 21:28:40 | 000,039,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2013-05-04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2013-05-04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2013-04-25 02:43:56 | 000,433,752 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\symnets.sys -- (SymNetS) DRV:64bit: - [2013-04-16 04:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\ccsetx64.sys -- (ccSet_NIS) DRV:64bit: - [2013-03-05 03:40:08 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\ironx64.sys -- (SymIRON) DRV:64bit: - [2013-03-05 03:21:35 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\srtspx64.sys -- (SRTSPX) DRV:64bit: - [2013-03-02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2013-03-02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2013-03-02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2013-01-10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2012-11-27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012-11-20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012-11-06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012-11-01 09:22:22 | 000,104,272 | ---- | M] (Condusiv Technologies) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\intmsd.sys -- (intmsd) DRV:64bit: - [2012-11-01 09:22:22 | 000,028,496 | ---- | M] (Condusiv Technologies) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\intmfs.sys -- (intmfs) DRV:64bit: - [2012-10-16 12:02:04 | 000,457,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2012-10-12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012-10-11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012-10-11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2012-10-10 04:18:16 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64) DRV:64bit: - [2012-09-27 15:57:30 | 005,338,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012-09-20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2012-09-20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012-09-20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012-09-12 21:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2012-09-12 21:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2012-08-29 01:36:54 | 000,857,472 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2012-08-27 01:48:12 | 000,121,728 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2012-08-06 04:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex) DRV:64bit: - [2012-07-31 04:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012-07-27 14:00:03 | 000,023,408 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RadioHIDMini.sys -- (RadioHIDMini) DRV:64bit: - [2012-07-26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012-07-26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012-07-26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012-07-26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012-07-26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012-07-26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012-07-26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012-07-26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012-07-26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012-07-26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012-07-26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012-07-26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012-07-26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012-07-26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012-07-26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012-07-26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012-07-26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012-07-26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012-07-26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2012-07-26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012-07-26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012-07-26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012-07-26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012-07-26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012-07-26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012-07-26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012-07-26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012-07-26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012-07-26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012-07-26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012-07-26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012-07-26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012-07-26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012-07-26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012-07-26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012-07-26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012-07-26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012-07-26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012-07-26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012-07-26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum) DRV:64bit: - [2012-07-26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012-07-26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012-07-26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012-07-03 01:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012-06-25 03:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive) DRV:64bit: - [2012-06-20 23:27:30 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1404000.028\symelam.sys -- (SymELAM) DRV:64bit: - [2012-06-19 00:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2012-06-12 14:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV:64bit: - [2012-05-26 02:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NARAx64\0401000.00E\ccSetx64.sys -- (ccSet_NARA) DRV:64bit: - [2011-11-03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64) DRV - [2013-09-04 00:26:27 | 001,525,336 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130903.002\BHDrvx64.sys -- (BHDrvx64) DRV - [2013-08-30 21:59:01 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130909.001\ex64.sys -- (NAVEX15) DRV - [2013-08-30 21:59:01 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130909.001\eng64.sys -- (NAVENG) DRV - [2013-08-27 18:47:46 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2013-08-27 18:47:46 | 000,140,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Unknown] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys -- (EraserUtilDrv11311) DRV - [2013-08-21 00:35:14 | 000,520,280 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130905.001\IDSviA64.sys -- (IDSVia64) DRV - [2013-08-08 22:09:55 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {360D2864-5DBA-4042-85BF-70750DAD2BCC} IE:64bit: - HKLM\..\SearchScopes\{360D2864-5DBA-4042-85BF-70750DAD2BCC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {360D2864-5DBA-4042-85BF-70750DAD2BCC} IE - HKLM\..\SearchScopes\{360D2864-5DBA-4042-85BF-70750DAD2BCC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www1.delta-search.com/?babsrc=HP_ss&mntrId=9686CAF73364EAE3&affID=119357&tsp=4975 IE - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com IE - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP_ss&mntrId=9686CAF73364EAE3&affID=119357&tsp=4975 IE - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002\..\SearchScopes,DefaultScope = {3C95087A-0464-409A-A1A6-390C5D926AC1} IE - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=9686CAF73364EAE3&affID=119357&tsp=4975 IE - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002\..\SearchScopes\{3C95087A-0464-409A-A1A6-390C5D926AC1}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms} IE - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn\ [2013-08-08 21:48:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [2013-08-26 18:50:49 | 000,000,000 | ---D | M] [2013-08-15 12:52:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www1.delta-search.com/?babsrc=HP_ss&mntrId=9686CAF73364EAE3&affID=119357&tsp=4975 CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll CHR - Extension: Dokumenty Google = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Dysk Google = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Szukaj w Google = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Norton Identity Protection = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\ CHR - Extension: Chrome In-App Payments service = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\ CHR - Extension: Gmail = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013-08-11 20:50:13 | 000,007,046 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O1 - Hosts: 127.0.0.1 3dns.adobe.com 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 3dns-5.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 activate.wip1.adobe.com 127.0.0.1 activate.wip2.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 activate.wip4.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-1.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 adobe-dns-4.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 crl.verisign.net 127.0.0.1 ereg.adobe.com 127.0.0.1 ereg.wip.adobe.com 127.0.0.1 ereg.wip1.adobe.com 127.0.0.1 ereg.wip2.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 ereg.wip4.adobe.com 127.0.0.1 hl2rcv.adobe.com 127.0.0.1 localhost 127.0.0.1 ood.opsource.net 127.0.0.1 practivate.adobe.com 127.0.0.1 practivate.adobe.ipp 127.0.0.1 practivate.adobe.newoa 127.0.0.1 practivate.adobe.ntp 127.0.0.1 secure.tune-up.com 127.0.0.1 wip.adobe.com 127.0.0.1 wip1.adobe.com 127.0.0.1 wip1.aobe.com 127.0.0.1 wip2.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 wip4.adobe.com 127.0.0.1 wwis-dubc1-vip100.adobe.com 127.0.0.1 wwis-dubc1-vip101.adobe.com 127.0.0.1 wwis-dubc1-vip102.adobe.com 127.0.0.1 wwis-dubc1-vip103.adobe.com 127.0.0.1 wwis-dubc1-vip104.adobe.com 127.0.0.1 wwis-dubc1-vip105.adobe.com 127.0.0.1 wwis-dubc1-vip106.adobe.com 127.0.0.1 wwis-dubc1-vip107.adobe.com 127.0.0.1 wwis-dubc1-vip108.adobe.com 127.0.0.1 wwis-dubc1-vip109.adobe.com 127.0.0.1 wwis-dubc1-vip110.adobe.com 127.0.0.1 wwis-dubc1-vip111.adobe.com 127.0.0.1 wwis-dubc1-vip112.adobe.com 127.0.0.1 wwis-dubc1-vip113.adobe.com 127.0.0.1 wwis-dubc1-vip114.adobe.com 127.0.0.1 wwis-dubc1-vip115.adobe.com 127.0.0.1 wwis-dubc1-vip116.adobe.com 127.0.0.1 wwis-dubc1-vip117.adobe.com 127.0.0.1 wwis-dubc1-vip118.adobe.com 127.0.0.1 wwis-dubc1-vip119.adobe.com 127.0.0.1 wwis-dubc1-vip120.adobe.com 127.0.0.1 wwis-dubc1-vip121.adobe.com 127.0.0.1 wwis-dubc1-vip122.adobe.com 127.0.0.1 wwis-dubc1-vip123.adobe.com 127.0.0.1 wwis-dubc1-vip124.adobe.com 127.0.0.1 wwis-dubc1-vip125.adobe.com 127.0.0.1 wwis-dubc1-vip30.adobe.com 127.0.0.1 wwis-dubc1-vip31.adobe.com 127.0.0.1 wwis-dubc1-vip32.adobe.com 127.0.0.1 wwis-dubc1-vip33.adobe.com 127.0.0.1 wwis-dubc1-vip34.adobe.com 127.0.0.1 wwis-dubc1-vip35.adobe.com 127.0.0.1 wwis-dubc1-vip36.adobe.com 127.0.0.1 wwis-dubc1-vip37.adobe.com 127.0.0.1 wwis-dubc1-vip38.adobe.com 127.0.0.1 wwis-dubc1-vip39.adobe.com 127.0.0.1 wwis-dubc1-vip40.adobe.com 127.0.0.1 wwis-dubc1-vip41.adobe.com 127.0.0.1 wwis-dubc1-vip42.adobe.com 127.0.0.1 wwis-dubc1-vip43.adobe.com 127.0.0.1 wwis-dubc1-vip44.adobe.com 127.0.0.1 wwis-dubc1-vip45.adobe.com 127.0.0.1 wwis-dubc1-vip46.adobe.com 127.0.0.1 wwis-dubc1-vip47.adobe.com 127.0.0.1 wwis-dubc1-vip48.adobe.com 127.0.0.1 wwis-dubc1-vip49.adobe.com 127.0.0.1 wwis-dubc1-vip50.adobe.com 127.0.0.1 wwis-dubc1-vip51.adobe.com 127.0.0.1 wwis-dubc1-vip52.adobe.com 127.0.0.1 wwis-dubc1-vip53.adobe.com 127.0.0.1 wwis-dubc1-vip54.adobe.com 127.0.0.1 wwis-dubc1-vip55.adobe.com 127.0.0.1 wwis-dubc1-vip56.adobe.com 127.0.0.1 wwis-dubc1-vip57.adobe.com 127.0.0.1 wwis-dubc1-vip58.adobe.com 127.0.0.1 wwis-dubc1-vip59.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 wwis-dubc1-vip61.adobe.com 127.0.0.1 wwis-dubc1-vip62.adobe.com 127.0.0.1 wwis-dubc1-vip63.adobe.com 127.0.0.1 wwis-dubc1-vip64.adobe.com 127.0.0.1 wwis-dubc1-vip65.adobe.com 127.0.0.1 wwis-dubc1-vip66.adobe.com 127.0.0.1 wwis-dubc1-vip67.adobe.com 127.0.0.1 wwis-dubc1-vip68.adobe.com 127.0.0.1 wwis-dubc1-vip69.adobe.com 127.0.0.1 wwis-dubc1-vip70.adobe.com 127.0.0.1 wwis-dubc1-vip71.adobe.com 127.0.0.1 wwis-dubc1-vip72.adobe.com 127.0.0.1 wwis-dubc1-vip73.adobe.com 127.0.0.1 wwis-dubc1-vip74.adobe.com 127.0.0.1 wwis-dubc1-vip75.adobe.com 127.0.0.1 wwis-dubc1-vip76.adobe.com 127.0.0.1 wwis-dubc1-vip77.adobe.com 127.0.0.1 wwis-dubc1-vip78.adobe.com 127.0.0.1 wwis-dubc1-vip79.adobe.com 127.0.0.1 wwis-dubc1-vip80.adobe.com 127.0.0.1 wwis-dubc1-vip81.adobe.com 127.0.0.1 wwis-dubc1-vip82.adobe.com 127.0.0.1 wwis-dubc1-vip83.adobe.com 127.0.0.1 wwis-dubc1-vip84.adobe.com 127.0.0.1 wwis-dubc1-vip85.adobe.com 127.0.0.1 wwis-dubc1-vip86.adobe.com 127.0.0.1 wwis-dubc1-vip87.adobe.com 127.0.0.1 wwis-dubc1-vip88.adobe.com 127.0.0.1 wwis-dubc1-vip89.adobe.com 127.0.0.1 wwis-dubc1-vip90.adobe.com 127.0.0.1 wwis-dubc1-vip91.adobe.com 127.0.0.1 wwis-dubc1-vip92.adobe.com 127.0.0.1 wwis-dubc1-vip93.adobe.com 127.0.0.1 wwis-dubc1-vip94.adobe.com 127.0.0.1 wwis-dubc1-vip95.adobe.com 127.0.0.1 wwis-dubc1-vip96.adobe.com 127.0.0.1 wwis-dubc1-vip97.adobe.com 127.0.0.1 wwis-dubc1-vip98.adobe.com 127.0.0.1 wwis-dubc1-vip99.adobe.com 127.0.0.1 www.adobeereg.com 127.0.0.1 www.wip.adobe.com 127.0.0.1 www.wip1.adobe.com 127.0.0.1 www.wip2.adobe.com 127.0.0.1 www.wip3.adobe.com 127.0.0.1 www.wip4.adobe.com 127.0.0.1 3dns.adobe.com 127.0.0.1 3dns-1.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-4.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 activate.wip.adobe.com 127.0.0.1 activate.wip1.adobe.com 127.0.0.1 activate.wip2.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 activate.wip4.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-1.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 adobe-dns-4.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 crl.verisign.net 127.0.0.1 ereg.adobe.com 127.0.0.1 ereg.wip.adobe.com 127.0.0.1 ereg.wip1.adobe.com 127.0.0.1 ereg.wip2.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 ereg.wip4.adobe.com 127.0.0.1 hl2rcv.adobe.com 127.0.0.1 ood.opsource.net 127.0.0.1 practivate.adobe 127.0.0.1 practivate.adobe.com 127.0.0.1 practivate.adobe.ipp 127.0.0.1 practivate.adobe.newoa 127.0.0.1 practivate.adobe.ntp 127.0.0.1 wip.adobe.com 127.0.0.1 wip1.adobe.com 127.0.0.1 wip2.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 wip4.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 www.adobeereg.com 127.0.0.1 www.wip.adobe.com 127.0.0.1 www.wip1.adobe.com 127.0.0.1 www.wip2.adobe.com 127.0.0.1 www.wip3.adobe.com 127.0.0.1 www.wip4.adobe.com O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.) O4 - HKU\S-1-5-21-4286887730-1492350271-2724356993-1002..\Run: [SearchProtection] C:\Users\Marcin\AppData\Roaming\Search Protection\SearchProtection.EXE (Spigot, Inc.) O4 - Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Marcin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Wyślij do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Wyślij do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab (JuniperSetupClientControl64 Class) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://connect.nestle.biz/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EC971CF-B1EB-4F9D-AA75-4339BCFF5F9F}: DhcpNameServer = 62.179.1.63 62.179.1.62 O18:64bit: - Protocol\Handler\osf - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20:64bit: - AppInit_DLLs: (C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll) - C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013-09-05 00:07:38 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Apple Computer [2013-09-05 00:07:38 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Apple Computer [2013-09-05 00:07:34 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Plex Media Server [2013-09-05 00:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server [2013-09-05 00:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plex [2013-09-05 00:06:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2013-08-20 21:28:19 | 000,000,000 | ---D | C] -- C:\NvidiaLogging [2013-08-20 21:27:54 | 000,039,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys [2013-08-20 21:27:54 | 000,029,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll [2013-08-20 21:27:54 | 000,028,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll [2013-08-20 21:26:37 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\NVIDIA [2013-08-19 22:09:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV [2013-08-19 22:09:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV [2013-08-16 15:15:27 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\LolClient [2013-08-16 12:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013-08-16 12:39:11 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013-08-16 12:39:11 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013-08-16 12:39:11 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013-08-16 12:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013-08-16 12:39:10 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013-08-16 12:39:10 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013-08-16 12:39:10 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013-08-16 12:39:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013-08-16 12:36:44 | 001,093,032 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2013-08-16 12:36:44 | 000,972,712 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2013-08-16 12:36:44 | 000,312,232 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2013-08-16 12:36:42 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2013-08-16 12:36:42 | 000,188,840 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2013-08-16 12:36:42 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2013-08-16 12:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013-08-16 12:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2013-08-16 12:08:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2013-08-16 12:07:56 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2013-08-16 12:07:54 | 006,496,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2013-08-16 12:07:54 | 003,514,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2013-08-16 12:07:54 | 002,555,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2013-08-16 12:07:54 | 001,025,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll [2013-08-16 12:07:54 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2013-08-16 12:07:54 | 000,067,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll [2013-08-16 12:07:54 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2013-08-16 12:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2013-08-16 11:23:32 | 027,781,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013-08-16 11:23:32 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013-08-16 11:23:32 | 021,102,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013-08-16 11:23:32 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013-08-16 11:23:32 | 015,920,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2013-08-16 11:23:32 | 015,144,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013-08-16 11:23:32 | 013,411,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013-08-16 11:23:32 | 012,427,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2013-08-16 11:23:32 | 009,239,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013-08-16 11:23:32 | 007,687,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013-08-16 11:23:32 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013-08-16 11:23:32 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013-08-16 11:23:32 | 002,953,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013-08-16 11:23:32 | 002,936,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2013-08-16 11:23:32 | 002,777,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013-08-16 11:23:32 | 002,597,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013-08-16 11:23:32 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013-08-16 11:23:32 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013-08-16 11:23:32 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6432049.dll [2013-08-16 11:23:32 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6432049.dll [2013-08-16 11:23:32 | 001,059,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2013-08-16 11:23:32 | 000,925,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2013-08-16 11:23:32 | 000,572,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll [2013-08-16 11:23:32 | 000,570,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll [2013-08-16 11:23:32 | 000,467,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll [2013-08-16 11:23:32 | 000,465,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll [2013-08-16 11:23:32 | 000,432,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll [2013-08-16 11:23:32 | 000,372,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll [2013-08-16 11:23:32 | 000,266,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013-08-16 11:23:32 | 000,218,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll [2013-08-16 11:23:32 | 000,214,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2013-08-16 11:23:32 | 000,181,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll [2013-08-16 11:23:32 | 000,030,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys [2013-08-16 11:20:58 | 000,000,000 | ---D | C] -- C:\NVIDIA [2013-08-15 22:47:00 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\gtk-2.0 [2013-08-15 22:43:26 | 000,000,000 | ---D | C] -- C:\Users\Marcin\.thumbnails [2013-08-15 22:40:54 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\gegl-0.2 [2013-08-15 22:40:54 | 000,000,000 | ---D | C] -- C:\Users\Marcin\.gimp-2.8 [2013-08-15 22:39:43 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2013-08-15 22:39:39 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Programs [2013-08-15 22:15:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink [2013-08-15 22:15:09 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\CyberLink [2013-08-15 17:58:27 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Identities [2013-08-15 15:06:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2013-08-15 15:06:02 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2013-08-15 15:06:02 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2013-08-15 15:06:02 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2013-08-15 15:06:02 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2013-08-15 15:05:58 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin [2013-08-15 15:05:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [2013-08-15 15:05:57 | 000,000,000 | ---D | C] -- C:\gry [2013-08-15 14:55:04 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\PMB Files [2013-08-15 14:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2013-08-15 14:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2013-08-15 14:54:33 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Riot Games [2013-08-15 14:50:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT [2013-08-15 12:58:41 | 000,000,000 | ---D | C] -- C:\ZDJĘCIA [2013-08-15 12:55:33 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\RawTherapee4.0 [2013-08-15 12:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raw Therapee [2013-08-15 12:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\RawTherapeeV40 [2013-08-15 12:53:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions [2013-08-15 12:53:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins [2013-08-15 12:53:02 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender [2013-08-15 12:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender [2013-08-15 12:52:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-08-15 12:52:56 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Delta [2013-08-15 12:52:32 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Babylon [2013-08-15 12:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2013-08-15 12:38:13 | 000,247,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys [2013-08-15 12:38:13 | 000,036,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys [2013-08-14 18:06:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013-08-14 18:05:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013-08-14 18:05:35 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Google [2013-08-14 18:00:11 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll [2013-08-14 18:00:03 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2013-08-14 18:00:03 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll [2013-08-14 18:00:02 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-08-14 18:00:02 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll [2013-08-14 18:00:02 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-08-14 18:00:00 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-08-14 18:00:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-08-14 18:00:00 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-08-14 17:59:59 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-08-14 17:59:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-08-14 17:59:57 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-08-14 17:59:52 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-08-14 17:59:27 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-08-14 17:59:27 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-08-14 17:59:02 | 001,889,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013-08-14 17:59:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2013-08-14 17:59:01 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apprepapi.dll [2013-08-14 17:59:01 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apprepsync.dll [2013-08-14 17:59:01 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apprepapi.dll [2013-08-14 17:59:01 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apprepsync.dll [2013-08-13 20:42:12 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\vlc [2013-08-13 20:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013-08-13 20:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2013-08-13 20:25:20 | 000,000,000 | ---D | C] -- C:\Downloads [2013-08-13 19:35:43 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013-08-13 19:35:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013-08-13 19:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [2013-08-13 19:30:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15 [2013-08-12 19:06:30 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll [2013-08-12 19:06:30 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll [2013-08-12 19:06:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDKURD.DLL [2013-08-12 19:06:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDKURD.DLL [2013-08-12 19:06:29 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll [2013-08-12 19:06:29 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll [2013-08-12 19:06:29 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll [2013-08-12 19:06:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2013-08-12 19:06:29 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll [2013-08-12 19:06:29 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2013-08-12 19:06:26 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquota.dll [2013-08-12 19:06:26 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquota.dll [2013-08-12 19:06:19 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll [2013-08-12 19:06:15 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013-08-12 19:06:15 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storagewmi.dll [2013-08-12 19:06:15 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Taskmgr.exe [2013-08-12 19:06:15 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Taskmgr.exe [2013-08-12 19:06:14 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WebcamUi.dll [2013-08-12 19:06:14 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WebcamUi.dll [2013-08-12 19:06:14 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserLanguagesCpl.dll [2013-08-12 19:06:14 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserLanguagesCpl.dll [2013-08-12 19:06:14 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpnapps.dll [2013-08-12 19:06:14 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpnapps.dll [2013-08-12 19:06:14 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013-08-12 19:06:13 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\storagewmi.dll [2013-08-12 19:06:13 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013-08-12 19:06:13 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013-08-12 19:06:13 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll [2013-08-12 19:06:13 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll [2013-08-12 19:06:13 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL [2013-08-12 19:06:13 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL [2013-08-12 19:06:13 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013-08-12 19:06:13 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vds_ps.dll [2013-08-12 19:06:13 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vds_ps.dll [2013-08-12 19:06:13 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rfxvmt.dll [2013-08-12 19:06:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsldr.exe [2013-08-12 19:06:10 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll [2013-08-12 19:06:08 | 006,987,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013-08-12 19:06:08 | 002,391,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2013-08-12 19:06:08 | 002,219,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll [2013-08-12 19:06:08 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2013-08-12 19:06:08 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll [2013-08-12 19:06:07 | 001,527,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll [2013-08-12 19:06:07 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll [2013-08-12 19:06:06 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll [2013-08-12 19:06:06 | 001,403,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2013-08-12 19:06:06 | 001,271,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2013-08-12 19:06:05 | 001,217,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2013-08-12 19:06:05 | 001,093,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2013-08-12 19:06:05 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll [2013-08-12 19:06:05 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll [2013-08-12 19:06:05 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013-08-12 19:06:05 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013-08-12 19:06:05 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UCX01000.SYS [2013-08-12 19:06:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll [2013-08-12 19:06:04 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll [2013-08-12 19:06:04 | 000,337,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS [2013-08-12 19:06:04 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceSetupManager.dll [2013-08-12 19:06:04 | 000,194,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys [2013-08-12 19:06:04 | 000,125,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys [2013-08-12 19:06:04 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MbaeParserTask.exe [2013-08-12 19:06:03 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll [2013-08-12 19:06:03 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys [2013-08-12 19:05:52 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\glcndFilter.dll [2013-08-12 19:05:51 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\glcndFilter.dll [2013-08-12 19:05:50 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013-08-12 19:05:49 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2013-08-12 19:05:49 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2013-08-12 19:05:48 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe [2013-08-12 19:05:45 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll [2013-08-12 19:05:45 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll [2013-08-12 19:05:45 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe [2013-08-12 19:05:45 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl [2013-08-12 19:05:45 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl [2013-08-12 19:05:45 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFCaptureEngine.dll [2013-08-12 19:05:45 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFCaptureEngine.dll [2013-08-12 19:05:45 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dafWCN.dll [2013-08-12 19:05:44 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlansec.dll [2013-08-12 19:05:44 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll [2013-08-12 19:05:44 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanapi.dll [2013-08-12 19:05:44 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanapi.dll [2013-08-12 19:05:44 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnApi.dll [2013-08-12 19:05:44 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll [2013-08-12 19:05:44 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnApi.dll [2013-08-12 19:05:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnEapAuthProxy.dll [2013-08-12 19:05:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wfdprov.dll [2013-08-12 19:05:43 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnEapPeerProxy.dll [2013-08-12 19:05:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wfdprov.dll [2013-08-12 19:05:43 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fxppm.sys [2013-08-12 19:05:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll [2013-08-12 19:05:43 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanhlp.dll [2013-08-12 19:05:43 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanhlp.dll [2013-08-12 18:59:31 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Juniper Networks [2013-08-12 18:58:48 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Juniper Networks [2013-08-12 18:58:45 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Juniper Networks [2013-08-11 22:23:57 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\PACE Anti-Piracy [2013-08-11 22:23:57 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\PACE Anti-Piracy [2013-08-11 22:23:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy [2013-08-11 22:23:53 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\NVIDIA [2013-08-11 22:23:53 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Adobe [2013-08-11 22:19:23 | 000,056,208 | ---- | C] (Rovi Corporation) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2013-08-11 22:19:23 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys [2013-08-11 22:19:23 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys [2013-08-11 22:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2013-08-11 22:19:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2013-08-11 22:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2013-08-11 22:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2013-08-11 22:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2013-08-11 22:18:12 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2013-08-11 22:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2013-08-11 22:02:25 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Adobe [2013-08-11 22:01:05 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-08-11 22:01:05 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-08-11 21:58:59 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice [2013-08-11 20:55:13 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Desktop\Adobe Premiere Pro CS6 [2013-08-11 20:54:56 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\CrashDumps [2012-11-30 03:29:11 | 002,258,432 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe ========== Files - Modified Within 30 Days ========== [2013-09-09 22:10:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-09-09 22:08:44 | 001,793,398 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-09-09 22:08:44 | 000,794,946 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-09-09 22:08:44 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-09-09 22:08:44 | 000,159,530 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-09-09 22:08:44 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-09-09 22:07:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-09-07 17:32:58 | 000,002,531 | ---- | M] () -- C:\Users\Public\Desktop\Intel WiDi Media Share.lnk [2013-09-05 18:10:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-09-05 00:12:39 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013-08-26 18:50:43 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013-08-26 18:50:41 | 764,604,413 | -HS- | M] () -- C:\hiberfil.sys [2013-08-25 12:09:35 | 000,282,192 | ---- | M] () -- C:\Users\Marcin\Desktop\55PFL7108K_12-A2P-global-001_highres.jpg [2013-08-25 12:06:31 | 000,231,920 | ---- | M] () -- C:\Users\Marcin\Desktop\55PFL7008K_12-A2P-global-001_highres.jpg [2013-08-20 21:27:58 | 003,919,009 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Cat.DB [2013-08-19 22:09:25 | 005,042,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-08-16 12:39:07 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013-08-16 12:39:07 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013-08-16 12:39:07 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013-08-16 12:39:07 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013-08-16 12:39:07 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013-08-16 12:39:07 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013-08-16 12:36:40 | 001,093,032 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2013-08-16 12:36:40 | 000,972,712 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2013-08-16 12:36:40 | 000,312,232 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2013-08-16 12:36:40 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2013-08-16 12:36:40 | 000,188,840 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2013-08-16 12:36:40 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2013-08-16 12:08:37 | 000,001,391 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk [2013-08-15 23:02:55 | 000,011,349 | ---- | M] () -- C:\Users\Marcin\AppData\Local\recently-used.xbel [2013-08-15 15:05:57 | 000,001,563 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2013-08-15 12:54:53 | 000,002,623 | ---- | M] () -- C:\Users\Public\Desktop\Raw Therapee V4.0 64Bit.lnk [2013-08-15 12:52:40 | 000,001,048 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-08-12 00:12:18 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2013-08-12 00:12:18 | 000,007,631 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2013-08-12 00:12:18 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2013-08-11 20:50:13 | 000,007,046 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013-08-11 20:45:19 | 000,001,492 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\AbsoluteReminder.xml ========== Files Created - No Company Name ========== [2013-09-07 17:32:58 | 000,002,531 | ---- | C] () -- C:\Users\Public\Desktop\Intel WiDi Media Share.lnk [2013-08-25 12:09:35 | 000,282,192 | ---- | C] () -- C:\Users\Marcin\Desktop\55PFL7108K_12-A2P-global-001_highres.jpg [2013-08-25 12:06:31 | 000,231,920 | ---- | C] () -- C:\Users\Marcin\Desktop\55PFL7008K_12-A2P-global-001_highres.jpg [2013-08-19 22:09:22 | 005,042,800 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-08-16 12:08:37 | 000,001,391 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk [2013-08-16 12:07:54 | 003,253,909 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2013-08-16 11:23:32 | 000,021,578 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2013-08-15 23:02:55 | 000,011,349 | ---- | C] () -- C:\Users\Marcin\AppData\Local\recently-used.xbel [2013-08-15 22:40:30 | 000,000,896 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2013-08-15 15:05:57 | 000,001,563 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2013-08-15 12:54:53 | 000,002,623 | ---- | C] () -- C:\Users\Public\Desktop\Raw Therapee V4.0 64Bit.lnk [2013-08-15 12:52:40 | 000,001,048 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-08-14 18:06:03 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013-08-14 18:05:41 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-08-14 18:05:41 | 000,001,058 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-08-13 21:49:44 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2013-08-12 19:06:03 | 000,386,642 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2013-08-11 22:18:31 | 000,001,011 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2013-08-08 21:47:45 | 000,001,492 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\AbsoluteReminder.xml [2012-11-30 03:29:11 | 000,003,196 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml [2012-11-30 03:00:03 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2012-10-08 10:18:00 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin [2012-10-08 10:17:58 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012-10-08 10:17:57 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin [2012-07-26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012-07-26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012-07-26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012-07-26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012-07-25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012-07-25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012-06-02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012-04-20 06:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2012-11-30 03:24:17 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013-03-06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-03-06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013-08-15 12:52:32 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Babylon [2013-08-15 12:52:56 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Delta [2013-09-04 00:10:01 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Dropbox [2013-08-12 18:59:23 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Juniper Networks [2013-08-16 15:15:27 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\LolClient [2013-08-14 18:09:30 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Opera Software [2013-08-11 22:23:57 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\PACE Anti-Piracy [2013-08-15 14:54:55 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Riot Games [2013-08-08 22:15:58 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Search Protection [2013-08-08 21:46:49 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\Synaptics [2013-09-09 22:13:24 | 000,000,000 | ---D | M] -- C:\Users\Marcin\AppData\Roaming\uTorrent ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 1132 bytes -> C:\Users\Marcin\AppData\Local\Temp:ju3iB9rc6UhcrB9MN @Alternate Data Stream - 1130 bytes -> C:\Users\Marcin\AppData\Local\Temp:L8nUlsfhxGqa39pkkW8FxNqx4r < End of report >[/log] i extras [log]OTL Extras logfile created on: 2013-09-09 22:33:46 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcin\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16660) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 15,89 Gb Total Physical Memory | 12,60 Gb Available Physical Memory | 79,32% Memory free 51,89 Gb Paging File | 23,60 Gb Available in Paging File | 45,49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 207,98 Gb Total Space | 76,87 Gb Free Space | 36,96% Space Free | Partition Type: NTFS Drive E: | 907,23 Gb Total Space | 593,17 Gb Free Space | 65,38% Space Free | Partition Type: NTFS Computer Name: KOMPIK | User Name: Marcin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4286887730-1492350271-2724356993-1002\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{083B938D-0CB9-4FD9-AACF-5AD69A607CAB}" = lport=445 | protocol=6 | dir=in | app=system | "{0A95BE7F-86B4-4F35-B75F-AE81E21DD7CC}" = lport=2869 | protocol=6 | dir=in | app=system | "{15D3F2A9-FC7C-440C-86F6-D61A0F114784}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{1E5A67CA-4522-4B89-B3F9-C2A9527880E6}" = rport=138 | protocol=17 | dir=out | app=system | "{2D4A879D-F0A6-46BB-9092-A8D57E9DFA55}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2F81DED1-B2E1-4515-B6D8-D31A36877880}" = rport=10243 | protocol=6 | dir=out | app=system | "{37940A69-B869-4842-AC7B-6F3D3C4B7D13}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{5270FB4C-7A81-4BEE-805C-07C37B61ABE1}" = rport=137 | protocol=17 | dir=out | app=system | "{5894FB90-ABEE-4F33-99AC-A38C6A3185FE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{650134DB-174A-42E0-AD7A-1E994C86AE7A}" = lport=10243 | protocol=6 | dir=in | app=system | "{6A3BEA04-23D3-4FA1-A295-66F7E35F2F17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{74B96F78-85BB-4202-99E0-C03BA9ACDBD0}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{7696C664-A625-4D30-950D-9ECC305F378A}" = lport=137 | protocol=17 | dir=in | app=system | "{76E7ED20-21DE-46FC-BC6C-0B30D8F60C7A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{8572ED8D-E4DD-4868-864E-5733E945CB6C}" = lport=139 | protocol=6 | dir=in | app=system | "{968B0B40-9650-4877-8EE7-F66FA0649261}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AD625E07-CEAA-418E-A386-19B2ACA4E2FF}" = rport=139 | protocol=6 | dir=out | app=system | "{B476939B-85F1-4C35-99EA-0FD62EACBE00}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B4A8C2EF-6108-47AB-8F2C-1E4107D41F0C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B84CEF57-CC2D-4524-A6C8-F22A7889AD41}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B8E0BEF5-3525-4329-80E1-7C22AA8ED268}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{BC4D7940-2BBB-4081-AF18-18F3EF95ABB4}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{CD342767-17F5-45EA-9834-35630EF75E2D}" = rport=445 | protocol=6 | dir=out | app=system | "{D6DD7086-830D-41AE-9A59-5BA5187802F9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe | "{DE2B0A2E-5D21-41AF-8A8A-7816D430CC2F}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{EE2E3A35-5995-40B0-8CFD-2C0502C8508A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F5841A97-01D0-4187-9B74-9D836C763DE2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FF86565B-F24B-48F7-AC3A-45A81ACADE25}" = lport=138 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1FD49102-781E-4A6E-A38D-C8CB2C4BDBA3}" = protocol=17 | dir=in | app=c:\program files\condusiv technologies\intellimemory\intellimem.exe | "{216FC046-89C0-40EA-8CA1-B8FB4B18E3EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{229681D2-528F-423C-890D-DF985E58CED9}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe | "{22EF3B14-330D-47B3-ACDE-7B448A283369}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | "{28CA637B-C4BF-456D-9758-9D6A2223974B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{2B2B977D-8210-4E67-9DDC-F8020CA1CBE2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2D7B146D-6558-4252-B9EE-770320455A32}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe | "{2E9265FE-CEDE-42C7-BEA4-92FF991240C5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{33280888-B280-45D4-824B-440A427AA45F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{39631E31-2571-4849-B874-40ACBF3E6250}" = dir=in | app=c:\program files (x86)\plex\plex media server\plexdlnaserver.exe | "{41BEBD8C-9923-41C6-85D3-F3F363977203}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{44C405C7-1FF2-4C3B-8DF3-739454DD3440}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{46ACA27C-4E77-4B4F-AB64-AC197D5D545D}" = protocol=6 | dir=in | app=c:\program files\condusiv technologies\intellimemory\intellimem.exe | "{47D63049-9A5B-439C-BDB1-6AE2BBD2A5F1}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe | "{4A27BCBF-10BD-49CF-87A0-04630E6ED85A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4FB302F9-3BB0-4303-B8C3-AC0A7E8E8A58}" = dir=in | app=c:\program files (x86)\plex\plex media server\plexscripthost.exe | "{53E2F95D-15A4-4041-9AC4-A59B8C815F66}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5475D915-C529-42D2-A3C3-952D35EE6F32}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5535C7D9-BB2F-4849-BF0B-E3AF27C1171C}" = dir=out | name=s camera | "{5B649949-1866-4004-9753-250048DE60E5}" = dir=in | name=evernote touch | "{5B9468E7-30B8-43CD-ACBD-502437E7C485}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{5BB334A9-0E39-4E3D-A424-A040BFE90229}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{5C5EF190-10EC-4B15-9A98-8B3BF5F5408B}" = protocol=6 | dir=in | app=c:\users\marcin\appdata\roaming\utorrent\utorrent.exe | "{5E513FD6-4D94-4BA8-9893-F2D230B56B9D}" = protocol=6 | dir=in | app=c:\users\marcin\appdata\roaming\dropbox\bin\dropbox.exe | "{607D8542-0FAA-4C14-BF59-2C277FDB95E3}" = dir=out | name=windows_ie_ac_001 | "{61E5322F-CAA7-455C-AD51-0FA815E23A68}" = dir=in | app=c:\program files (x86)\plex\plex media server\plex media server.exe | "{6722C3A0-9370-4007-A56F-B7DCEE3717C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{6808F6BD-FCE4-404E-B9FC-1299585D6FB2}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{699B14C9-9C59-422D-92AF-F15E7BA6405F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6ACA9C86-1EC2-4C1E-89C3-AB379158E00C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{727A019D-79B0-4748-A408-37B6183C3FF0}" = dir=out | name=merriam-webster dictionary | "{737D909C-0963-4056-85DF-BE224768491A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{75486BD8-C08C-44A0-8911-074A10AAA24B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{79CDD83A-B8BC-4BE3-9C75-8482A0B01F51}" = dir=out | name=tvn player | "{7CD0F68E-42AA-4624-89E1-F02F33DD4CF7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | "{7DB00736-E282-4C36-ACE5-E5B2046D8623}" = dir=out | name=photoeditor | "{7EC10472-0CF8-46D9-9800-8C3C5B392DD6}" = dir=out | name=music hub | "{809F515C-5696-41DF-B944-DC1CA6C12C48}" = protocol=17 | dir=in | app=c:\users\marcin\appdata\roaming\dropbox\bin\dropbox.exe | "{8B3DAD90-D3BB-4B72-BE31-F76FEBE1336D}" = protocol=17 | dir=in | app=c:\users\marcin\appdata\roaming\utorrent\utorrent.exe | "{927E2CEC-DB42-403F-8204-AD238B94C8A6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{92F3DE82-A8A1-4E06-93BC-8A741CD779A2}" = dir=out | name=match'a'shape | "{99817F68-064F-47C8-B7ED-2E395AEE5CFD}" = dir=out | name=s player | "{9CF4AA52-445A-4B62-A167-66A70D4AF86F}" = dir=out | name=google search | "{A14FA2CC-CE02-4462-A5AB-4D86868A7BBF}" = dir=out | name=onet news | "{A36316C2-CA74-4BA0-B5DE-9A19BF1B8FA8}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{AAD4188A-301C-4EC3-9CC3-8AB2D291AF6D}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{AB0323FF-9FAC-4680-B5B7-5CC6AD5B06CA}" = protocol=6 | dir=out | app=system | "{B5D61C03-4D74-4D94-BE72-489FE6971BF9}" = dir=out | name=skype | "{B6475980-93D0-4EAF-BFD1-B9BC2E244E80}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe | "{B6CA8E33-C7BE-464F-B6FA-406ED6136331}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BBB0EA1B-6695-48CE-B06E-C5E65C6E103E}" = dir=in | name=tvn player | "{C5FF5BC9-E362-4BFE-9F63-DDC586EBE9F2}" = dir=out | name=evernote touch | "{C7D105FA-8896-41F5-B8FB-A097464C4EB6}" = dir=out | name=fresh paint | "{C7F7C7EE-DA0A-4F81-B274-D4F5FC0BCAD3}" = dir=out | name=kindle | "{C9F1D540-A5EF-4959-80E9-92C12A7A3AC8}" = dir=out | name=chaton | "{CCCC481E-8A72-4C82-B904-61EC7D28176E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{DBC074D1-BB75-45AC-8461-B7CE40101BBC}" = dir=out | name=s gallery | "{DC7EC2BB-F447-4CA5-9D42-83846EDC6C09}" = dir=out | name=shazam | "{DCC1CACB-6AF7-404B-BE78-2304BDA9AC23}" = dir=out | name=jamie's recipes | "{E1D5899C-F4D7-4E44-BEDC-579E44D2429A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E54AB6BA-811D-4DA2-BB09-5744CA3B2BDB}" = dir=in | name=skype | "{EF7F8D74-9144-4BCE-811E-B9BDFB2505A6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F2A274E2-0CC1-4D91-AA41-1186224992EF}" = dir=out | name=norton studio | "{F8584C76-7DC4-4B3A-A180-A18DEC1FC271}" = dir=out | name=tuba.fm | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0728A184-F899-4356-B93D-8228674F0DEB}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology "{1593C708-5535-47A4-8C0F-F8D4BE2B4560}" = Intel® PROSet/Wireless WiFi Software "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit) "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{860203FC-987D-4429-8A08-8332B21AD90E}" = S Agent "{8CD4FCF8-F955-42D2-824F-B33101886A79}" = Help Desk "{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 320.49 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 320.49 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 7.2.17 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0604 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 7.2.17 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.1 "{C1AC1FED-9E75-42A5-B3EA-CCEC92E75D61}" = Raw Therapee V4.0.11.8 x64 "{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed "{E93403C5-8A91-4940-89DB-EED69DA6E82E}" = IntelliMemory "{ED8871B5-56A0-45AC-B8C6-B0DD85352664}" = Support Center "{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client "{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64 "GIMP-2_is1" = GIMP 2.8.6 "Juniper_Setup_Client Activex Control" = Juniper Networks, Inc. Setup Client 64-bit Activex Control "ProInst" = Intel PROSet Wireless "ProPlusRetail - pl-pl" = Microsoft Office Professional Plus 2013 - pl-pl "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00AA59D7-B92D-4A06-8D06-0596081C0E68}" = Photo Gallery "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Recovery "{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserDefender "{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph "{19CCEA68-4AB0-4B67-AB63-12F3048D0943}" = Intel WiDi Media Share "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform "{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl "{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8 "{2AE414B5-7FE6-49A3-93C8-D864162CDEBC}" = Windows Live UX Platform Language Pack "{2D416A80-0BB1-4D8B-B770-7BE8F53D5937}" = Windows Live UX Platform Language Pack "{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{40F4FF7A-B214-4453-B973-080B09CED019}" = Absolute Reminder "{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}" = Movie Maker "{46316411-80D8-4F68-8118-696E05FCE199}" = Windows Live Essentials "{4689F012-C8E3-4F6E-BDEF-13671D53A6DC}" = Windows Live UX Platform Language Pack "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE "{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions "{52E5DE60-C96B-42CC-9A37-FE04725940AE}" = Settings "{577948CC-8675-4766-95EE-49731FDF6DDC}" = SW Update "{5CC4C963-F772-4766-BFF2-DE551E205EE9}" = Photo Common "{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends "{60A1253C-2D51-4166-95C2-52E9CF4F8D64}" = Photo Gallery "{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{698ED639-3A26-49EF-B1EF-CD89CB97C778}" = Windows Live Essentials "{6C955C6B-83AB-402B-8E38-86CFBFB738B1}" = Support Center FAQ "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7176B973-6011-43C1-AEBC-2D73FE7C6982}" = Adobe Premiere Pro CS6 "{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer "{78F35489-621D-4FFD-BCE7-2C7C3897E47C}" = Windows Live "{7914488D-F56B-464F-B735-F8E972E5E208}" = Photo Common "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{8EEED220-D348-4F49-8C82-B11F6C5450C7}" = Movie Maker "{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component "{90150000-008C-0415-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component "{90B936B2-33E6-4FE8-9A64-08EEB42AF2B1}" = Podstawowe programy Windows Live "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{93467343-BD37-4643-8A4B-E5463CD9B7E2}" = User Guide "{9686682c-a893-42cb-9602-3923c14f1a86}" = Intel® WiDi Media Share "{96AA21F4-C8CE-4380-995A-992536463263}" = Galeria fotografii "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9846E46F-07E0-4BDF-985A-E3FBA8C15877}" = Movie Maker "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A1A378BB-1D74-4526-AA5F-149981ED03D1}" = Plex Media Server "{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent "{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}" = Easy File Share "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI "{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager "{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform "{CCDB7ADB-1643-4C30-B39D-1562CFE51420}" = Movie Maker "{D48BCCD6-D2E2-42F4-B8E8-D7BC10C568EC}" = Windows Live UX Platform Language Pack "{D531FC91-6F4E-49A7-B912-15289D05B6F8}" = Photo Common "{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker "{D77A6FED-256C-4E2F-9873-59C92C854A4E}" = Photo Common "{d90d42d5-d6d5-480c-bdb7-611f34caf0a9}" = Plex Media Server "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}" = E-POP "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FE8DFDD0-A543-4A83-B7A9-C411138194D5}" = Galerie de photos "Adobe AIR" = Adobe AIR "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager "Google Chrome" = Google Chrome "InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8 "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10 "Intel AppUp(SM) center 33070" = Intel AppUp(SM) center "League of Legends 3.0.1" = League of Legends "NARA" = Norton Online Backup ARA "NIS" = Norton Internet Security "Plants vs. Zombies" = Plants vs. Zombies "VLC media player" = VLC media player 2.0.8 "WinLiveSuite" = Podstawowe programy Windows Live ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-4286887730-1492350271-2724356993-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client "Neoteris_Host_Checker" = Juniper Networks Host Checker "Search Protection" = Search Protection "uTorrent" = µTorrent ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2013-08-16 06:20:04 | Computer Name = kompik | Source = Application Hang | ID = 1002 Description = Program wmplayer.exe w wersji 12.0.9200.16420 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 80 Godzina rozpoczęcia: 01ce9a6a18ac2ced Godzina zakończenia: 12 Ścieżka aplikacji: C:\Program Files (x86)\Windows Media Player\wmplayer.exe Identyfikator raportu: 673a6442-065d-11e3-be77-c8f73364eae6 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error - 2013-08-16 06:36:39 | Computer Name = kompik | Source = System Restore | ID = 8193 Description = Error - 2013-08-16 06:36:39 | Computer Name = kompik | Source = System Restore | ID = 8193 Description = Error - 2013-08-16 06:39:06 | Computer Name = kompik | Source = System Restore | ID = 8193 Description = Error - 2013-08-16 06:39:06 | Computer Name = kompik | Source = System Restore | ID = 8193 Description = Error - 2013-08-16 23:38:06 | Computer Name = kompik | Source = Application Hang | ID = 1002 Description = Program IEXPLORE.EXE w wersji 10.0.9200.16660 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 3090 Godzina rozpoczęcia: 01ce9afa8e9eae5b Godzina zakończenia: 63 Ścieżka aplikacji: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Identyfikator raportu: 6ad04a67-06ee-11e3-be77-c8f73364eae6 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error - 2013-08-16 23:39:24 | Computer Name = kompik | Source = Application Hang | ID = 1002 Description = Program IEXPLORE.EXE w wersji 10.0.9200.16660 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: c34 Godzina rozpoczęcia: 01ce9afb2f87ed61 Godzina zakończenia: 47 Ścieżka aplikacji: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Identyfikator raportu: 99c5c925-06ee-11e3-be77-c8f73364eae6 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error - 2013-08-16 23:41:14 | Computer Name = kompik | Source = Application Hang | ID = 1002 Description = Program IEXPLORE.EXE w wersji 10.0.9200.16660 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 270c Godzina rozpoczęcia: 01ce9afb5f9759f6 Godzina zakończenia: 62 Ścieżka aplikacji: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Identyfikator raportu: db4cc2ea-06ee-11e3-be77-c8f73364eae6 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error - 2013-08-17 05:55:00 | Computer Name = kompik | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2013-08-17 15:10:53 | Computer Name = kompik | Source = Customer Experience Improvement Program | ID = 1008 Description = [ System Events ] Error - 2013-08-15 17:53:38 | Computer Name = kompik | Source = cdrom | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0. Error - 2013-08-15 17:53:40 | Computer Name = kompik | Source = cdrom | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0. Error - 2013-08-15 17:53:42 | Computer Name = kompik | Source = cdrom | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0. Error - 2013-08-15 17:53:43 | Computer Name = kompik | Source = cdrom | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0. Error - 2013-08-15 17:53:45 | Computer Name = kompik | Source = cdrom | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0. Error - 2013-08-15 17:53:47 | Computer Name = kompik | Source = cdrom | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\CdRom0. Error - 2013-08-15 18:14:05 | Computer Name = kompik | Source = DCOM | ID = 10010 Description = Error - 2013-08-16 05:28:46 | Computer Name = kompik | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi BrowserDefendert z powodu następującego błędu: %%2 Error - 2013-08-16 05:30:51 | Computer Name = kompik | Source = DCOM | ID = 10010 Description = Error - 2013-08-16 05:30:51 | Computer Name = kompik | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000 Description = Inicjacja klienta CBS nie powiodła się. Ostatni błąd: 0x80080005 < End of report >[/log]
marwit komentarz 11 września 2013 Autor komentarz 11 września 2013 Hmmm nikt nie spojrzał? co prawda dzisiaj już lepiej chodzi ale coś chyba było na rzeczy
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.