x-kom hosting

Wyskakujące reklamy

Pogi
utworzono
utworzono (edytowane)

Witam.

Od kilku dni mam pewien problem. Co jakiś czas otwierają mi się nowe karty przeglądarki Google Chrome z reklamami co jest bardzo denerwujące. Od tego samego czasu internet zaczyna co jakiś czas przerywać. Czy wiecie jak usunąć wyskakujące reklamy oraz czy przerywanie internetu może być spowodowane wirusami na komputerze?

 

Zrobiłem skanowanie OTL

[spoiler]OTL logfile created on: 2014-02-22 14:39:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcin\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,21 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 48,21% Memory free
4,43 Gb Paging File | 2,87 Gb Available in Paging File | 64,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,13 Gb Total Space | 250,46 Gb Free Space | 87,53% Space Free | Partition Type: NTFS
Drive D: | 345,48 Gb Total Space | 304,88 Gb Free Space | 88,25% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 287,99 Gb Free Space | 98,30% Space Free | Partition Type: NTFS

Computer Name: MARCIN-KOMPUTER | User Name: Marcin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-02-22 14:33:11 | 000,493,568 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\WPM\wprotectmanager.exe
PRC - [2014-02-22 14:30:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marcin\Downloads\OTL.exe
PRC - [2014-02-21 05:24:28 | 001,727,264 | ---- | M] () -- C:\Program Files\AdvanceMark\AdvanceMark.FirstRun.exe
PRC - [2014-02-21 05:23:30 | 000,111,392 | ---- | M] () -- C:\Program Files\AdvanceMark\updateAdvanceMark.exe
PRC - [2014-02-20 11:41:08 | 000,508,016 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginService\PluginService.exe
PRC - [2014-02-20 02:03:06 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014-02-14 11:43:47 | 003,835,392 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Lollipop\Lollipop.exe
PRC - [2014-01-17 23:54:12 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013-12-21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-10-23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013-10-23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013-10-23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013-08-02 01:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013-06-04 23:02:49 | 000,492,032 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2013-06-04 23:02:11 | 000,219,136 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2013-06-04 18:39:14 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-04-16 02:37:22 | 001,810,432 | ---- | M] (Ovislink Corp.) -- C:\Program Files\Ovislink\Common\AirLiveUI.exe
PRC - [2009-12-15 22:49:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ovislink\Common\RaRegistry.exe


========== Modules (No Company Name) ==========

MOD - [2014-02-21 05:24:28 | 001,727,264 | ---- | M] () -- C:\Program Files\AdvanceMark\AdvanceMark.FirstRun.exe
MOD - [2014-02-20 02:03:05 | 000,394,568 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppgooglenaclpluginchrome.dll
MOD - [2014-02-20 02:03:04 | 013,632,840 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
MOD - [2014-02-20 02:03:03 | 004,060,488 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll
MOD - [2014-02-20 02:02:59 | 000,716,616 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
MOD - [2014-02-20 02:02:58 | 000,100,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\libegl.dll
MOD - [2014-02-20 02:02:56 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
MOD - [2014-02-20 02:02:54 | 000,051,016 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
MOD - [2014-02-14 11:43:47 | 003,835,392 | ---- | M] () -- C:\Users\Marcin\AppData\Local\Lollipop\Lollipop.exe
MOD - [2014-02-14 00:08:18 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\360603d8efa82557e7fce70287cb242e\WindowsFormsIntegration.ni.dll
MOD - [2014-02-14 00:00:56 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\2e3fdae8546832614633495638bef8d0\System.ServiceProcess.ni.dll
MOD - [2014-02-14 00:00:53 | 012,185,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\8dbb3695de029545879b6eae46335707\System.Web.ni.dll
MOD - [2014-02-14 00:00:47 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\9ec8060dd7bfb448f298dcd12d547062\System.Runtime.Remoting.ni.dll
MOD - [2014-02-14 00:00:21 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.Xaml.ni.dll
MOD - [2014-02-13 23:58:44 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\bcb9740a818749a54e8e76b201634a1f\System.Management.ni.dll
MOD - [2014-02-13 21:05:59 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\880358291baf3043e07b2a7c2f401c85\PresentationFramework.ni.dll
MOD - [2014-02-13 21:05:49 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\db591e35967527b7b864124303dea13a\PresentationCore.ni.dll
MOD - [2014-02-13 21:05:48 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4bfb0decf7cfe076020f64ee6dd007cc\PresentationFramework.Aero.ni.dll
MOD - [2014-02-13 21:05:47 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\2781e84862746a34f026d0ee179eed2b\System.Windows.Forms.ni.dll
MOD - [2014-02-13 21:05:45 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\354a5906fd46f4374f86916debf3ebcb\System.Core.ni.dll
MOD - [2014-02-13 21:05:43 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014-02-13 21:05:41 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dc74ab189aa9b156581a7228866d3330\WindowsBase.ni.dll
MOD - [2014-02-13 21:05:40 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014-02-13 21:05:40 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\991c4e11f571a4074b9c4a5841222338\System.Configuration.ni.dll
MOD - [2014-02-13 21:05:39 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014-02-13 21:05:35 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2014-02-13 21:02:22 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\751b229fbd2d3f6f513ab1c94dad9220\System.Windows.Forms.ni.dll
MOD - [2014-02-13 21:02:17 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\236414f8e3137dd32f350e41fbdfa2c8\System.Drawing.ni.dll
MOD - [2014-02-13 21:02:14 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\aef3e3e63c8a2facdb5b12a0de76c3b9\System.Xml.ni.dll
MOD - [2014-02-13 21:01:26 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8a9cfd6b821ec7ec605897b699b69f53\System.Configuration.ni.dll
MOD - [2014-02-13 21:01:25 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\4241d1ece5590df3a828c9739dc82bf2\System.ni.dll
MOD - [2014-02-13 21:01:14 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013-06-04 18:39:32 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2012-12-18 10:03:12 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-12-10 11:16:08 | 000,918,816 | ---- | M] () -- C:\Program Files\Ovislink\Common\RaWLAPI.dll


========== Services (SafeList) ==========

SRV - [2014-02-22 14:33:11 | 000,493,568 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm)
SRV - [2014-02-21 05:23:30 | 000,111,392 | ---- | M] () [Auto | Running] -- C:\Program Files\AdvanceMark\updateAdvanceMark.exe -- (Update AdvanceMark)
SRV - [2014-02-20 23:19:42 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-02-20 11:41:08 | 000,508,016 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginService\PluginService.exe -- (IePluginService)
SRV - [2014-02-06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014-01-17 20:17:56 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013-12-21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-10-23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013-10-23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013-06-04 23:02:11 | 000,219,136 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013-06-04 18:39:14 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2013-05-27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011-08-30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010-04-06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009-12-15 22:49:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ovislink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2014-01-16 10:50:00 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2014-01-16 10:49:59 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2014-01-16 10:49:51 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013-09-27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013-06-05 00:08:39 | 010,289,664 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013-06-04 22:34:09 | 000,485,888 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2013-05-06 10:45:30 | 000,019,536 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\UsbCharger.sys -- (UsbCharger)
DRV - [2013-04-24 17:31:04 | 000,079,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2013-02-26 15:35:20 | 000,179,296 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdxhc.sys -- (amdxhc)
DRV - [2013-02-26 15:35:20 | 000,086,624 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdhub30.sys -- (amdhub30)
DRV - [2013-02-19 12:18:56 | 000,018,512 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2012-10-18 15:04:12 | 001,570,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2012-10-11 21:49:06 | 000,070,824 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata)
DRV - [2012-10-11 21:49:06 | 000,034,984 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata)
DRV - [2012-08-28 13:27:24 | 000,045,736 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2012-04-09 10:13:58 | 000,048,256 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.2)
DRV - [2011-02-08 16:03:26 | 000,057,456 | ---- | M] (Giga-Byte Technology CO., LTD.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VirtDiskBus.sys -- (VirtDiskBus)
DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1393076011&from=sfpsnew2&uid=ST1000DM003-1CH162_Z1D7TJ9SXXXXZ1D7TJ9S
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1393076011&from=sfpsnew2&uid=ST1000DM003-1CH162_Z1D7TJ9SXXXXZ1D7TJ9S&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1393076011&from=sfpsnew2&uid=ST1000DM003-1CH162_Z1D7TJ9SXXXXZ1D7TJ9S&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1393076011&from=sfpsnew2&uid=ST1000DM003-1CH162_Z1D7TJ9SXXXXZ1D7TJ9S
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp.com/web/?type=ds&ts=1393076011&from=sfpsnew2&uid=ST1000DM003-1CH162_Z1D7TJ9SXXXXZ1D7TJ9S&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1393076011&from=sfpsnew2&uid=ST1000DM003-1CH162_Z1D7TJ9SXXXXZ1D7TJ9S
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com/?type=hp&ts=1393076011&from=sfpsnew2&uid=ST1000DM003-1CH162_Z1D7TJ9SXXXXZ1D7TJ9S
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp.com/web/?type=ds&ts=1393076011&from=sfpsnew2&uid=ST1000DM003-1CH162_Z1D7TJ9SXXXXZ1D7TJ9S&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2014-02-17 21:35:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcin\AppData\Roaming\mozilla\Extensions
[2014-02-17 21:35:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marcin\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2014-02-22 14:39:23 | 000,002,004 | ---- | M] () (No name found) -- C:\Users\Marcin\AppData\Roaming\mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi

========== Chrome ==========

CHR - default_search_provider: awesomehp (Enabled)
CHR - default_search_provider: search_url = http://www.awesomehp.com/web/?type=ds&ts=1393075936&from=sfpsnew2&uid=ST1000DM003-1CH162_Z1D7TJ9SXXXXZ1D7TJ9S&q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.awesomehp.com/?type=hp&ts=1393076011&from=sfpsnew2&uid=ST1000DM003-1CH162_Z1D7TJ9SXXXXZ1D7TJ9S
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Szukaj w Google = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Google Wallet = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Widget context = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp\3.0_0\
CHR - Extension: Gmail = C:\Users\Marcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (AdvanceMark) - {4e65dc6b-0322-48fa-a6b3-fda44fbd34c2} - C:\Program Files\AdvanceMark\AdvanceMarkBHO.dll (AdvanceMark)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log File not found
O4 - HKCU..\Run: [lollipop] c:\users\marcin\appdata\local\lollipop\lollipop.exe ()
O4 - HKCU..\Run: [NextLive] C:\Users\Marcin\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)
O4 - HKCU..\Run: [Overwolf] C:\Program Files\Overwolf\Overwolf.exe -silent File not found
O4 - Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.152.46.50 194.152.46.51
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1CF1E78-7889-47BB-B527-BB0BE6380FDB}: DhcpNameServer = 194.152.46.50 194.152.46.51
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F115778B-DFE8-4581-975D-299A09EDF6AF}: DhcpNameServer = 194.152.46.50 194.152.46.51
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{23399fc4-7e24-11e3-9f5e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{23399fc4-7e24-11e3-9f5e-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Run.exe
O33 - MountPoints2\{9573ac45-7e9a-11e3-8783-74d43508b09b}\Shell - "" = AutoRun
O33 - MountPoints2\{9573ac45-7e9a-11e3-8783-74d43508b09b}\Shell\AutoRun\command - "" = G:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-02-22 14:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService
[2014-02-22 14:33:14 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\SupTab
[2014-02-22 14:33:14 | 000,000,000 | ---D | C] -- C:\Program Files\SupTab
[2014-02-22 14:33:11 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014-02-22 14:32:21 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\awesomehp
[2014-02-22 14:31:11 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\SwvUpdater
[2014-02-22 14:31:11 | 000,000,000 | ---D | C] -- C:\Users\Marcin\.android
[2014-02-22 14:31:09 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\cache
[2014-02-22 14:31:08 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\newnext.me
[2014-02-22 14:31:08 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\genienext
[2014-02-22 14:31:07 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Mobogenie
[2014-02-22 14:31:07 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Mobogenie
[2014-02-22 14:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\AdvanceMark
[2014-02-22 14:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie
[2014-02-19 19:54:13 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Multibooki
[2014-02-19 19:52:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multibooki NE
[2014-02-19 19:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\Multibooki NE
[2014-02-19 19:51:37 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\YDP
[2014-02-19 13:39:20 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\TP-LINK
[2014-02-19 13:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2014-02-19 13:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2014-02-19 13:37:10 | 001,570,304 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athur.sys
[2014-02-19 13:37:10 | 001,570,304 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athur.sys
[2014-02-19 13:35:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK
[2014-02-18 10:20:16 | 000,000,000 | R--D | C] -- C:\Users\Marcin\Documents\Scanned Documents
[2014-02-18 10:20:16 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Fax
[2014-02-17 21:35:36 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Mozilla
[2014-02-14 22:34:13 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Desktop\strings
[2014-02-14 22:06:36 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\SpinTires
[2014-02-14 11:49:23 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Optimizer Pro
[2014-02-14 11:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014-02-14 11:44:18 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Math Problem Solver
[2014-02-14 11:44:17 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Math Problem Solver
[2014-02-14 11:43:47 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
[2014-02-14 11:43:47 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Lollipop
[2014-02-13 21:06:05 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-02-13 21:06:05 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-02-13 21:06:05 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-02-13 21:06:05 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-02-13 21:06:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014-02-13 21:06:04 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014-02-13 21:06:04 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-02-13 21:06:04 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-02-13 21:06:04 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014-02-13 21:06:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-02-13 21:06:04 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014-02-13 21:06:04 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-02-13 21:06:03 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-02-13 21:06:03 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-02-13 21:06:02 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-02-13 21:06:00 | 004,244,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-02-13 14:09:39 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\efile
[2014-02-13 14:09:39 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\com.efile.epity2013
[2014-02-13 09:37:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014-02-13 09:35:53 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014-02-13 09:35:53 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014-02-13 09:35:39 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014-02-13 09:35:39 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014-02-13 09:35:39 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014-02-13 09:35:39 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014-02-13 09:35:39 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014-02-13 09:35:39 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014-02-13 09:35:39 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014-02-13 09:35:38 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014-02-13 09:35:38 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014-02-12 18:04:07 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Desktop\xvm
[2014-02-12 18:04:07 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Desktop\0.8.11
[2014-02-01 10:22:47 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\BANDISOFT
[2014-02-01 10:22:44 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Bandicam
[2014-02-01 10:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
[2014-02-01 10:22:35 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2014-01-30 11:49:24 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\Notesy programu OneNote
[2014-01-30 11:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2014-01-30 11:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014-01-28 19:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014-01-28 19:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014-01-28 19:27:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014-01-28 18:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014-01-28 18:53:46 | 000,031,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2014-01-28 18:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2014-01-28 18:52:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2014-01-28 18:52:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014-01-28 18:52:17 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014-01-28 18:51:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2014-01-28 18:51:03 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Microsoft Help
[2014-01-28 18:51:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014-01-28 18:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014-01-28 18:50:41 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014-01-28 18:45:49 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\WinRAR
[2014-01-28 18:43:41 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014-01-28 18:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014-01-28 18:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014-01-27 16:28:26 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Macromedia
[2014-01-27 16:26:50 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014-01-27 16:26:50 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014-01-27 16:26:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014-01-27 16:23:56 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Adobe
[2014-01-27 16:21:55 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Grupa IMAGE
[2014-01-27 16:04:20 | 000,000,000 | ---D | C] -- C:\Program Files\Grupa IMAGE
[2014-01-27 16:04:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grupa IMAGE
[2014-01-27 15:54:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Grupa Image
[2014-01-24 10:05:47 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\WarThunder
[2014-01-24 10:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder
[2014-01-24 10:05:41 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
[2014-01-24 10:05:39 | 000,000,000 | ---D | C] -- C:\Users\Marcin\Documents\My Games
[2014-01-24 10:05:25 | 000,000,000 | ---D | C] -- C:\Users\Marcin\AppData\Local\Programs
[1 C:\Users\Marcin\Documents\*.tmp files -> C:\Users\Marcin\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014-02-22 14:33:32 | 000,002,347 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-02-22 14:31:12 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014-02-22 14:19:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-02-22 13:54:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-02-22 10:01:27 | 000,010,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-02-22 10:01:27 | 000,010,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-02-22 09:59:10 | 000,750,128 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-02-22 09:59:10 | 000,656,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-02-22 09:59:10 | 000,158,620 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-02-22 09:59:10 | 000,124,930 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-02-22 09:54:27 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-02-22 09:54:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-02-22 09:54:05 | 1782,931,456 | -HS- | M] () -- C:\hiberfil.sys
[2014-02-20 23:39:12 | 000,983,691 | ---- | M] () -- C:\Users\Marcin\Desktop\20140220_2331_germany-E-75_33_fjord.wotreplay
[2014-02-20 23:19:32 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014-02-20 23:19:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014-02-19 21:31:53 | 000,482,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-02-19 19:52:13 | 000,001,938 | ---- | M] () -- C:\Users\Public\Desktop\Multibooki NE.lnk
[2014-02-19 13:39:07 | 000,002,249 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2014-02-19 13:39:07 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
[2014-02-18 10:09:56 | 000,110,898 | ---- | M] () -- C:\Users\Marcin\Desktop\plan zajec1.pdf
[2014-02-18 10:09:04 | 000,116,821 | ---- | M] () -- C:\Users\Marcin\Desktop\plan zajec.pdf
[2014-02-06 11:20:26 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-02-06 11:19:55 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014-02-06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-02-06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014-02-06 10:52:56 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-02-06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-02-06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-02-06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-02-06 10:47:18 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014-02-06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014-02-06 10:34:32 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-02-06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-02-06 10:25:36 | 004,244,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-02-06 10:13:13 | 000,524,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-02-06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-02-06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-02-01 10:22:41 | 000,000,709 | ---- | M] () -- C:\Users\Marcin\Desktop\Bandicam.lnk
[2014-01-30 11:49:24 | 000,001,316 | ---- | M] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
[2014-01-28 19:27:37 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014-01-27 16:09:26 | 000,000,094 | ---- | M] () -- C:\Users\Marcin\Documents\PrawkoB2013P.ini
[2014-01-27 16:04:18 | 000,000,857 | ---- | M] () -- C:\Users\Marcin\Desktop\Testy Bplus.lnk
[2014-01-24 10:05:41 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\WarThunder.lnk
[1 C:\Users\Marcin\Documents\*.tmp files -> C:\Users\Marcin\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014-02-22 14:31:12 | 000,000,360 | ---- | C] () -- C:\Windows\tasks\AmiUpdXp.job
[2014-02-20 23:44:12 | 000,983,691 | ---- | C] () -- C:\Users\Marcin\Desktop\20140220_2331_germany-E-75_33_fjord.wotreplay
[2014-02-19 19:52:13 | 000,001,938 | ---- | C] () -- C:\Users\Public\Desktop\Multibooki NE.lnk
[2014-02-19 13:39:07 | 000,002,249 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2014-02-19 13:39:07 | 000,002,217 | ---- | C] () -- C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
[2014-02-19 13:37:10 | 000,027,631 | ---- | C] () -- C:\Windows\System32\netathur.inf
[2014-02-19 13:37:10 | 000,007,514 | ---- | C] () -- C:\Windows\System32\athurext.cat
[2014-02-18 10:09:56 | 000,110,898 | ---- | C] () -- C:\Users\Marcin\Desktop\plan zajec1.pdf
[2014-02-18 10:09:03 | 000,116,821 | ---- | C] () -- C:\Users\Marcin\Desktop\plan zajec.pdf
[2014-02-01 10:22:41 | 000,000,709 | ---- | C] () -- C:\Users\Marcin\Desktop\Bandicam.lnk
[2014-01-30 11:49:24 | 000,001,316 | ---- | C] () -- C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk
[2014-01-28 19:27:37 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014-01-28 19:27:37 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014-01-27 16:26:52 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-01-27 16:09:26 | 000,000,094 | ---- | C] () -- C:\Users\Marcin\Documents\PrawkoB2013P.ini
[2014-01-27 16:04:18 | 000,000,857 | ---- | C] () -- C:\Users\Marcin\Desktop\Testy Bplus.lnk
[2014-01-24 10:05:41 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\WarThunder.lnk
[2014-01-16 22:53:22 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2014-01-16 22:52:25 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014-01-16 10:03:41 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2014-01-16 10:03:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014-01-16 09:53:25 | 000,620,273 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2014-01-16 09:53:01 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2014-01-16 09:50:31 | 000,995,342 | ---- | C] () -- C:\Windows\System32\amdocl_as32.exe
[2014-01-16 09:50:31 | 000,798,734 | ---- | C] () -- C:\Windows\System32\amdocl_ld32.exe
[2014-01-16 09:50:31 | 000,232,372 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat
[2014-01-16 09:50:31 | 000,230,192 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat
[2014-01-16 09:50:31 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2014-01-16 09:50:31 | 000,200,704 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2014-01-16 09:50:31 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2014-01-16 09:50:31 | 000,078,928 | ---- | C] () -- C:\Windows\System32\ativce02.dat
[2014-01-16 09:50:31 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2014-01-16 09:42:49 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2013-08-05 07:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2013-08-05 07:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2013-05-06 10:45:30 | 000,019,536 | ---- | C] () -- C:\Windows\System32\drivers\UsbCharger.sys
[2013-03-18 15:09:26 | 000,007,680 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2013-02-19 12:18:56 | 000,018,512 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2012-10-12 20:57:39 | 000,662,785 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

========== ZeroAccess Check ==========

[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
[/spoiler]

 

[spoiler]OTL Extras logfile created on: 2014-02-22 14:39:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcin\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,21 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 48,21% Memory free
4,43 Gb Paging File | 2,87 Gb Available in Paging File | 64,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,13 Gb Total Space | 250,46 Gb Free Space | 87,53% Space Free | Partition Type: NTFS
Drive D: | 345,48 Gb Total Space | 304,88 Gb Free Space | 88,25% Space Free | Partition Type: NTFS
Drive E: | 292,97 Gb Total Space | 287,99 Gb Free Space | 98,30% Space Free | Partition Type: NTFS

Computer Name: MARCIN-KOMPUTER | User Name: Marcin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B7DBCE7-68C5-46C9-B00C-F83BD911543E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0C827103-88C2-4C4B-B982-68D1D50F7604}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0F9B4CC9-FACE-4508-9D98-ABEF4CAF5D04}" = rport=445 | protocol=6 | dir=out | app=system |
"{10104139-55DC-405A-9EF0-C1A51381E7BE}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{32F0270C-C9B0-4398-9483-999D18A6F5F1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{374E205A-2D1D-4CD2-928E-F3A2A1244C04}" = lport=138 | protocol=17 | dir=in | app=system |
"{3A509548-FE95-4F20-AB9A-DADA810F50B2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3E213D43-8C9A-4F12-88D1-AECB9E2188EB}" = rport=138 | protocol=17 | dir=out | app=system |
"{43F7BE08-F368-451B-86B9-ADD7DE9EAA5B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{47D698BF-D464-4957-814A-2A6E0CC070EC}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{4E254F5E-1FA3-44E9-8190-F511D10EE78A}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{50B5309D-6A77-4064-A129-8B79E4481298}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{5E5995C0-09B1-4C3C-A563-47BF042FD7B5}" = lport=139 | protocol=6 | dir=in | app=system |
"{6275E6E0-8047-4E26-9DB3-51DFC0DA2CC7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{660D8566-0643-4AE5-859E-A8D0CC4CE032}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6F35725F-6DE9-4537-81D2-2E18B4CC67F9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FE1F61A-8021-4C24-B52C-47B69CAABD01}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{701140B7-EF28-4359-8763-D00A2B77A0E3}" = lport=137 | protocol=17 | dir=in | app=system |
"{70B69E92-9025-4F89-894E-A02FC95E1D47}" = rport=137 | protocol=17 | dir=out | app=system |
"{7C1839E2-94B9-43F2-8A41-60DFFC6A534E}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{7E700B39-9CEE-4350-A5FC-7332E63C7F17}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{89552DB1-EEEF-4E36-928D-3BF86BA0E45C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{899A3B51-31BC-47B7-911F-714F9A99EE78}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{96E836CB-70E6-4531-AE1F-DD10D14F2FDC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A14A186F-9F5C-4134-871D-9B768BC1B047}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{A6572BB4-9E49-4DEA-BFEF-1DE287D889BE}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{A9A8BAAA-B842-4AA8-AD5C-FE63AE82A4BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B06FD1F3-92A7-4C5A-834F-4B842B78EDB7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1913AA0-8B04-4BF0-AB18-CCACA8A06D4F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B6F12555-FBA8-4DE6-8FEA-1B35C0ECB8F9}" = rport=139 | protocol=6 | dir=out | app=system |
"{C74196AB-C3A3-46FF-B0B5-AED411FDAE90}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{D3EA3BCB-D479-4D0C-9390-704B0C506201}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{D4261AE9-898C-474E-8D07-FFED44473668}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D625F333-0692-480E-8C2E-BF6EBDDAE86C}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{EBB67D80-FD81-42F5-9DAF-0E8ADB0AB78A}" = lport=445 | protocol=6 | dir=in | app=system |
"{F2B9DD1F-F6E4-4CE3-B37E-FFE51F2D034C}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{F4637470-4B82-4B0F-9B11-1032193610F2}" = lport=27022 | protocol=6 | dir=in | name=war thunder |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05322FA6-98A1-4455-AB3C-D212CF13454B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0E5235D7-C36D-4761-AB2D-B03D6FB0645D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1765FC08-213D-4B61-B2D2-02C9E63ECF9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{29886F66-DD04-486A-9A46-92788898EAB5}" = dir=in | app=c:\program files\raidxpert2\apache\bin\httpd.exe |
"{2F6EE7A4-F6D5-4DE6-BB9E-E226CE8EEB03}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{377A980D-759A-4F15-92A4-E6B8F5647F41}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{44FB9F08-D181-4023-BD6C-5566619A1947}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{53BD88F5-E607-4E5D-906E-2FE492F7AD80}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{63C5111A-1B9D-44D1-A683-9FDDF9CCE281}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{673BC999-BE55-43EB-91FB-CE64FA002F37}" = protocol=6 | dir=in | app=d:\program files\warthunder\launcher.exe |
"{71CA0DD0-612E-4B7B-B98C-5DD4EF974514}" = protocol=6 | dir=out | app=system |
"{735EEF97-C864-4830-A28A-38F665E3E828}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{79AAC2E0-4CAD-45ED-A7E2-C0D8D844063F}" = protocol=17 | dir=in | app=d:\program files\warthunder\launcher.exe |
"{7F42C076-2816-4060-8662-D19D7552F83B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{85B60519-83E7-4321-9087-654BEE53AA14}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{92EC8D53-089E-4B48-B796-9AFA3AFFD1B4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B76344C9-777F-4600-BFE6-02A8C38715A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C2A2BD87-5D43-4CBB-AEBA-09CAF5680730}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C3F47EFD-8AB3-44D2-BAE1-71E4583E0A8B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E1118555-6B4B-492D-8B9F-E1FCE7149BCA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E8C1A8D3-9308-4F15-BAAC-081D20C3A6ED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F0459049-8926-4437-96C9-28CC8BE12BA8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FBF68B13-2310-473E-B66B-233B4C12DEC8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{44DCDD0E-5C0C-4CA0-8D53-B46FE2947872}C:\users\marcin\downloads\stbuild120713dev\spintires.exe" = protocol=6 | dir=in | app=c:\users\marcin\downloads\stbuild120713dev\spintires.exe |
"TCP Query User{5299755B-052A-40DB-B283-5A643261FC0D}D:\program files\warthunder\aces.exe" = protocol=6 | dir=in | app=d:\program files\warthunder\aces.exe |
"TCP Query User{7ACBC6D2-DC02-4F9E-B67F-C60A8D403273}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{88483C67-FE1E-412D-AF42-DEEC21E85D92}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{F2DDDB06-CFCF-404A-B5DB-B73549747D0C}C:\users\marcin\desktop\stbuild120713dev\spintires.exe" = protocol=6 | dir=in | app=c:\users\marcin\desktop\stbuild120713dev\spintires.exe |
"UDP Query User{30FEE848-608C-4E5A-800A-7C365154BDC4}C:\users\marcin\downloads\stbuild120713dev\spintires.exe" = protocol=17 | dir=in | app=c:\users\marcin\downloads\stbuild120713dev\spintires.exe |
"UDP Query User{456900A5-3680-4685-B6EC-B617E970417B}D:\program files\warthunder\aces.exe" = protocol=17 | dir=in | app=d:\program files\warthunder\aces.exe |
"UDP Query User{4B116E70-C7C8-45E0-B916-9D4FD008EE78}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{9310ECAE-4DBF-4DDC-8055-6219E3D291DB}C:\users\marcin\desktop\stbuild120713dev\spintires.exe" = protocol=17 | dir=in | app=c:\users\marcin\desktop\stbuild120713dev\spintires.exe |
"UDP Query User{D6923D0E-55C9-469E-8025-3A4BB1B75D1F}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0E23D4F4-8331-4B33-AE44-E6EDD0D25107}" = AMD Steady Video Plug-In
"{14CBD36D-575A-7DE1-2111-4AB50D3AD177}" = CCC Help Chinese Traditional
"{17630FD1-B14A-4CA5-A627-B6B5F7DD41CF}" = 3TB+Unlock B12.1102.1
"{1969A1C3-089F-2E5E-52E0-36444DC13FA7}" = CCC Help Finnish
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{293BA401-1269-2D02-6197-1E6C9E828FFE}" = CCC Help Swedish
"{2A425B0A-FF18-6E87-022D-4D4B51B8E7D6}" = Catalyst Control Center InstallProxy
"{2DB31D30-A89B-061F-6E53-FAE9FA7A8ACE}" = CCC Help Czech
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{313BBD28-8DA1-71B6-ACD0-65C3FBE997F5}" = ccc-utility
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{37409122-9D6B-F045-CDF3-63784BCDE583}" = CCC Help German
"{379721B3-19A0-7ACF-9B63-7149DAE83CDE}" = CCC Help Spanish
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TP-LINK 150Mbps Wireless N USB Adapter Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{440F535F-931C-C351-DD05-3A920CC56953}" = CCC Help Dutch
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B13.0814.1
"{487BC030-EAB0-96F1-C87B-40FA2FAA7BD9}" = CCC Help Chinese Standard
"{48FC6D91-6863-3CBD-F20A-29079C983117}" = CCC Help Italian
"{4A5E000D-411B-354F-0DD2-253AE916194A}" = Catalyst Control Center Localization All
"{4E7B35BE-BC3F-3D65-178B-ACE3C55FE2E3}" = CCC Help French
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{51E3DD84-27D9-C6A5-7864-B6896168A760}" = CCC Help Greek
"{53D33AC4-4427-5D7B-F320-43D042CCE0A4}" = CCC Help English
"{54FEB786-F175-C50B-D920-2D7C08FC8ACC}" = CCC Help Russian
"{568E5F0A-1EE5-1B5E-0E0F-6193A2C13D60}" = AMD Accelerated Video Transcoding
"{6274F221-4B87-A158-E079-58A1307157B7}" = CCC Help Hungarian
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65F489A9-79BF-995F-A3AA-A6C6EAD2DC67}" = CCC Help Turkish
"{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}" = ON_OFF Charge 2 B13.0524.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7942E29D-ED31-C0B0-D470-447A25CE3B80}" = CCC Help Danish
"{81999787-A518-4218-86D5-C5D25E6808F5}_is1" = Testy Bplus 5.1.3.57
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{972C7396-2FE7-29CB-BEE5-9AD7DA128D24}" = CCC Help Japanese
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3B3060D-1052-477C-06F9-CCBA9370A00A}" = CCC Help Polish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Polish
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B563907E-389A-1F19-E9A3-0B723F9D18CF}" = AMD Catalyst Install Manager
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.1220.1
"{DB2192A7-6A58-494E-9F32-2F121BA17573}" = Multibooki NE
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.302
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F28B9ED4-69AC-FF0E-D220-9808911EDE7D}" = CCC Help Portuguese
"{F662DAFE-316A-2E74-1E54-3DCB59A11B89}" = CCC Help Thai
"{F6945170-2957-0EBF-5B64-9D5C8A1EC49E}" = AMD Catalyst Control Center
"{F8452E50-CF59-4ECD-7783-F67A9F9CEDCA}" = CCC Help Norwegian
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = AirLive Turbo-G Wireless
"{FB006E40-7CB1-6254-E0AD-24C1A94135E0}" = CCC Help Korean
"{FDA4D0D4-F3B2-B403-FE27-F1CF89D0A3A5}" = AMD Fuel
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"AdvanceMark" = AdvanceMark
"awesomehp uninstaller" = awesomehp uninstaller
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"IePlugins" = IePluginService12.27.0.3326
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B13.0814.1
"InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}" = ON_OFF Charge 2 B13.0524.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.1220.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"SupTab" = SupTab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 5.01 (32-bit)
"WPM" = WPM17.8.0.3325

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"lollipop" = Lollipop
"Math Problem Solver" = Math Problem Solver

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2014-02-15 07:31:27 | Computer Name = Marcin-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe".
Nie
można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2014-02-16 08:07:40 | Computer Name = Marcin-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: e-pity 2013.exe, wersja: 0.0.0.0,
sygnatura czasowa: 0x510d8b61 Nazwa modułu powodującego błąd: Adobe AIR.dll, wersja:
3.6.0.5970, sygnatura czasowa: 0x510d8be7 Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x001cf716 Identyfikator procesu powodującego błąd: 0x11f0 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cf2b0815152121 Ścieżka aplikacji powodującej błąd: C:\Program
Files\e-file\e-pity2013\e-pity 2013.exe Ścieżka modułu powodującego błąd: C:\Program
Files\e-file\e-pity2013\Adobe AIR\Versions\1.0\Adobe AIR.dll Identyfikator raportu:
ee4826fb-9702-11e3-8857-74d43508b09b

Error - 2014-02-16 11:08:58 | Computer Name = Marcin-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe".
Nie
można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2014-02-17 10:32:13 | Computer Name = Marcin-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: SpinTires.exe, wersja: 1.0.0.1,
sygnatura czasowa: 0x51e01aca Nazwa modułu powodującego błąd: SpinTires.exe, wersja:
1.0.0.1, sygnatura czasowa: 0x51e01aca Kod wyjątku: 0xc0000005 Przesunięcie błędu:
0x0060146d Identyfikator procesu powodującego błąd: 0x1244 Godzina uruchomienia aplikacji
powodującej błąd: 0x01cf2bebf515da30 Ścieżka aplikacji powodującej błąd: C:\Users\Marcin\Downloads\STBuild120713Dev\SpinTires.exe
Ścieżka
modułu powodującego błąd: C:\Users\Marcin\Downloads\STBuild120713Dev\SpinTires.exe
Identyfikator
raportu: 4a2281e2-97e0-11e3-a718-74d43508b09b

Error - 2014-02-18 06:11:47 | Computer Name = Marcin-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe".
Nie
można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2014-02-19 07:39:36 | Computer Name = Marcin-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe".
Nie
można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2014-02-19 08:36:47 | Computer Name = Marcin-Komputer | Source = VSS | ID = 8194
Description =

Error - 2014-02-20 07:36:26 | Computer Name = Marcin-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe".
Nie
można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2014-02-21 06:16:09 | Computer Name = Marcin-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\GIGABYTE\ET6\DLLS\install_flash_player_11_active_x_64bit.exe".
Nie
można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2014-02-22 09:30:28 | Computer Name = Marcin-Komputer | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 2014-02-20 15:28:08 | Computer Name = Marcin-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: UsbCharger

Error - 2014-02-20 15:28:11 | Computer Name = Marcin-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka
modułu: C:\Windows\system32\athExt.dll Kod błędu: 126

Error - 2014-02-20 17:01:06 | Computer Name = Marcin-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka
modułu: C:\Windows\system32\athExt.dll Kod błędu: 126

Error - 2014-02-20 17:01:09 | Computer Name = Marcin-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: UsbCharger

Error - 2014-02-21 05:09:22 | Computer Name = Marcin-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka
modułu: C:\Windows\system32\athExt.dll Kod błędu: 126

Error - 2014-02-21 05:09:27 | Computer Name = Marcin-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: UsbCharger

Error - 2014-02-21 06:30:03 | Computer Name = Marcin-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka
modułu: C:\Windows\system32\athExt.dll Kod błędu: 126

Error - 2014-02-21 20:17:08 | Computer Name = Marcin-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: UsbCharger

Error - 2014-02-22 04:54:24 | Computer Name = Marcin-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: UsbCharger

Error - 2014-02-22 09:31:06 | Computer Name = Marcin-Komputer | Source = Service Control Manager | ID = 7030
Description = Usługa MgAssist Service jest oznaczona jako usługa interakcyjna. System
jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego
ta usługa może nie działać właściwie.


< End of report >[/spoiler]

cinomatic
komentarz
komentarz

Malwarebytes Anti-Malware

 

Ściągnij i przeskanuj.

Usuń wszystkie co znajdzie.

fatymid
komentarz
komentarz (edytowane)

Zawsze możesz przeskanować komputer, jeśli sądzisz, że to wirus. Prponuję skan MBAM

EDIT: kolega powyżej mnie ubiegł :)

Natsuki Kuga
komentarz
komentarz

1. Odinstaluj poprzez Dodaj/usuń programy: AdvanceMark, awesomehp uninstaller, IePluginService12.27.0.3326, SupTab, WPM17.8.0.3325, Lollipop

2. Sprawdź w przeglądarkach, czy posiadasz wymienione dodatki, jeśli są, odinstaluj: awesomehp, AdvanceMark, SupTab

3. Wykonaj ten skrypt w OTL (instrukcja: http://www.forumpc.pl/topic/277786-nieingerencyjne-narz%C4%99dzia-do-tworzenia-log%C3%B3w-systemowych/#entry1683607 ):


:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp...J9SXXXXZ1D7TJ9S
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp...J9SXXXXZ1D7TJ9S
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp...J9SXXXXZ1D7TJ9S
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp...J9SXXXXZ1D7TJ9S
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.awesomehp...q={searchTerms}
CHR - default_search_provider: awesomehp (Enabled)
CHR - default_search_provider: search_url = http://www.awesomehp...q={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.awesomehp...J9SXXXXZ1D7TJ9S
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (AdvanceMark) - {4e65dc6b-0322-48fa-a6b3-fda44fbd34c2} - C:\Program Files\AdvanceMark\AdvanceMarkBHO.dll (AdvanceMark)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKCU..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log File not found
O4 - HKCU..\Run: [lollipop] c:\users\marcin\appdata\local\lollipop\lollipop.exe ()
O4 - HKCU..\Run: [NextLive] C:\Users\Marcin\AppData\Roaming\newnext.me\nengine.dll (NewNextDotMe)

:Files
C:\Program Files\AdvanceMark
C:\ProgramData\IePluginService
C:\Users\Marcin\AppData\Local\Lollipop
C:\ProgramData\WPM
C:\Program Files\SupTab
C:\Program Files\Mobogenie
C:\Users\Marcin\AppData\Roaming\newnext.me
C:\Program Files\LiveSupport
C:\Users\Marcin\AppData\Roaming\awesomehp
C:\Users\Marcin\.android
C:\Users\Marcin\AppData\Local\cache
C:\Users\Marcin\AppData\Local\genienext
C:\Users\Marcin\Documents\Mobogenie
C:\Users\Marcin\AppData\Local\Mobogenie
C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
C:\Windows\tasks\AmiUpdXp.job

:Services
Wpm
Update AdvanceMark


Pokaż raport.

4. Użyj AdwCleaner z opcji Usuń. Pokaż raport.

5. Pokaż nowe logi z OTL + log z Gmer.

 

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.