nvxsync.exe*32 <użycie CPU>

Spartakus97 · 28 Kwietnia 2014

Witam mam problem, od wczoraj zauważyłem, że wyżej wymieniona usługa ( opisana jako NVIDIA User Experience Service Component ) zużywa 25% mocy obliczeniowej procesora, przez co widocznie się muli.

Dzieje się tak od wczoraj. Ma ktoś pomysł co może być przyczyną? Wgrałem nowsze sterowniki do karty graficznej to pomogło, dopóki nie zrestartowałem PC.

Janusz. · 28 Kwietnia 2014

1. W własne opcje skanowania wklej

:OTL
O3 - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\..\Toolbar\WebBrowser: (no name) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000..\Run: [NvidiaHostStart] C:\Users\Asus\AppData\Local\NVIDIA Corporation\nvsync.exe ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{10dd8cae-4f9f-11e3-b484-60a44c3795d6}\Shell - "" = AutoRun
O33 - MountPoints2\{10dd8cae-4f9f-11e3-b484-60a44c3795d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1a0f7730-54df-11e3-b58f-60a44c3795d6}\Shell - "" = AutoRun
O33 - MountPoints2\{1a0f7730-54df-11e3-b58f-60a44c3795d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{1a0f7749-54df-11e3-b58f-60a44c3795d6}\Shell - "" = AutoRun
O33 - MountPoints2\{1a0f7749-54df-11e3-b58f-60a44c3795d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2657aaae-5c2a-11e3-b9e1-60a44c3795d6}\Shell - "" = AutoRun
O33 - MountPoints2\{2657aaae-5c2a-11e3-b9e1-60a44c3795d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{4819492a-10e3-11e3-bb64-60a44c3795d6}\Shell - "" = AutoRun
O33 - MountPoints2\{4819492a-10e3-11e3-bb64-60a44c3795d6}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{48194941-10e3-11e3-bb64-60a44c3795d6}\Shell - "" = AutoRun
O33 - MountPoints2\{48194941-10e3-11e3-bb64-60a44c3795d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{50cb5700-1197-11e3-980f-60a44c3795d6}\Shell - "" = AutoRun
O33 - MountPoints2\{50cb5700-1197-11e3-980f-60a44c3795d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c6262dcc-6ed9-11e3-94a9-60a44c3795d6}\Shell - "" = AutoRun
O33 - MountPoints2\{c6262dcc-6ed9-11e3-94a9-60a44c3795d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f31a7a51-2114-11e3-9c61-60a44c3795d6}\Shell - "" = AutoRun
O33 - MountPoints2\{f31a7a51-2114-11e3-9c61-60a44c3795d6}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{f4206636-1d28-11e3-9b97-60a44c3795d6}\Shell - "" = AutoRun
O33 - MountPoints2\{f4206636-1d28-11e3-9b97-60a44c3795d6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fd344b9e-d790-11dd-93db-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fd344b9e-d790-11dd-93db-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
 
:Commands
[EMPTYTEMP]
[RESETHOSTS]

Wykonaj skrypt, zatwierdź restart.

2. pokaż fixloga i zrób nowe logi.

3. przeskanuj ten plik C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe na virustotal.com

Spartakus97 · 28 Kwietnia 2014

Po kolei.

All processes killed

========== OTL ==========

Registry value HKEY_USERS\S-1-5-21-2120599999-3823338773-1484169776-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A13C2648-91D4-4BF3-BC6D-0079707C4389} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A13C2648-91D4-4BF3-BC6D-0079707C4389}\ deleted successfully.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-21-2120599999-3823338773-1484169776-1000\Software\Microsoft\Windows\CurrentVersion\Run\\NvidiaHostStart deleted successfully.

C:\Users\Asus\AppData\Local\NVIDIA Corporation\nvsync.exe moved successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.

File Protocol\Handler\skype4com - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.

File Protocol\Handler\wlpg - No CLSID value found not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.

File Protocol\Handler\ms-help - No CLSID value found not found.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10dd8cae-4f9f-11e3-b484-60a44c3795d6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10dd8cae-4f9f-11e3-b484-60a44c3795d6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{10dd8cae-4f9f-11e3-b484-60a44c3795d6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10dd8cae-4f9f-11e3-b484-60a44c3795d6}\ not found.

File F:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a0f7730-54df-11e3-b58f-60a44c3795d6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a0f7730-54df-11e3-b58f-60a44c3795d6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a0f7730-54df-11e3-b58f-60a44c3795d6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a0f7730-54df-11e3-b58f-60a44c3795d6}\ not found.

File F:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a0f7749-54df-11e3-b58f-60a44c3795d6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a0f7749-54df-11e3-b58f-60a44c3795d6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a0f7749-54df-11e3-b58f-60a44c3795d6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1a0f7749-54df-11e3-b58f-60a44c3795d6}\ not found.

File F:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2657aaae-5c2a-11e3-b9e1-60a44c3795d6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2657aaae-5c2a-11e3-b9e1-60a44c3795d6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2657aaae-5c2a-11e3-b9e1-60a44c3795d6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2657aaae-5c2a-11e3-b9e1-60a44c3795d6}\ not found.

File F:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4819492a-10e3-11e3-bb64-60a44c3795d6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4819492a-10e3-11e3-bb64-60a44c3795d6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4819492a-10e3-11e3-bb64-60a44c3795d6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4819492a-10e3-11e3-bb64-60a44c3795d6}\ not found.

File G:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48194941-10e3-11e3-bb64-60a44c3795d6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48194941-10e3-11e3-bb64-60a44c3795d6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48194941-10e3-11e3-bb64-60a44c3795d6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48194941-10e3-11e3-bb64-60a44c3795d6}\ not found.

File F:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50cb5700-1197-11e3-980f-60a44c3795d6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50cb5700-1197-11e3-980f-60a44c3795d6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50cb5700-1197-11e3-980f-60a44c3795d6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50cb5700-1197-11e3-980f-60a44c3795d6}\ not found.

File F:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6262dcc-6ed9-11e3-94a9-60a44c3795d6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6262dcc-6ed9-11e3-94a9-60a44c3795d6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6262dcc-6ed9-11e3-94a9-60a44c3795d6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6262dcc-6ed9-11e3-94a9-60a44c3795d6}\ not found.

File F:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f31a7a51-2114-11e3-9c61-60a44c3795d6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f31a7a51-2114-11e3-9c61-60a44c3795d6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f31a7a51-2114-11e3-9c61-60a44c3795d6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f31a7a51-2114-11e3-9c61-60a44c3795d6}\ not found.

File H:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4206636-1d28-11e3-9b97-60a44c3795d6}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4206636-1d28-11e3-9b97-60a44c3795d6}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4206636-1d28-11e3-9b97-60a44c3795d6}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4206636-1d28-11e3-9b97-60a44c3795d6}\ not found.

File F:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd344b9e-d790-11dd-93db-806e6f6e6963}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd344b9e-d790-11dd-93db-806e6f6e6963}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd344b9e-d790-11dd-93db-806e6f6e6963}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd344b9e-d790-11dd-93db-806e6f6e6963}\ not found.

File E:\Autorun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.

File F:\AutoRun.exe not found.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Asus

->Temp folder emptied: 120 bytes

->Temporary Internet Files folder emptied: 244657123 bytes

->Java cache emptied: 0 bytes

->Google Chrome cache emptied: 377553189 bytes

->Flash cache emptied: 0 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78380397 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 668,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 04282014_164051

Files\Folders moved on Reboot...

C:\Users\Asus\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

^ to wyskoczyło po restarcie

Bd edytować ten post, w miarę jak zrobię coś z tych trzech punktów

https://www.virustotal.com/pl/file/6df94b7fa33f1b87142adc39b3db0613fc520d9e7a5fd6a5301dd7f51f8d0386/analysis/

Tutaj masz skan tego pliku, nwm jak to rozczytać, niby bezpieczny ale opinie inne.

OTL logfile created on: 2014-04-28 16:45:20 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16521)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,95 Gb Total Physical Memory | 6,39 Gb Available Physical Memory | 80,39% Memory free

15,91 Gb Paging File | 14,12 Gb Available in Paging File | 88,75% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 53,35 Gb Free Space | 27,33% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 402,81 Gb Free Space | 54,72% Space Free | Partition Type: NTFS

Computer Name: ASUS-KOMPUTER | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-04-28 16:12:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

PRC - [2014-04-02 15:29:05 | 002,201,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

PRC - [2014-04-02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

PRC - [2014-04-02 03:58:05 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2014-03-04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2013-12-10 15:27:58 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2013-12-10 15:27:54 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

PRC - [2013-09-17 07:49:50 | 000,292,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

PRC - [2012-01-17 11:24:10 | 000,055,296 | ---- | M] () -- C:\Windows\SysWOW64\ASGT.exe

========== Modules (No Company Name) ==========

MOD - [2014-04-02 03:58:03 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppgooglenaclpluginchrome.dll

MOD - [2014-04-02 03:57:59 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll

MOD - [2014-04-02 03:57:54 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll

MOD - [2014-04-02 03:57:53 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll

MOD - [2014-04-02 03:57:52 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll

MOD - [2014-04-02 03:57:49 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014-04-02 15:28:36 | 020,541,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)

SRV:64bit: - [2014-03-11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2014-03-11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2014-03-01 06:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2013-08-27 15:32:30 | 000,828,376 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®

SRV:64bit: - [2013-08-27 15:32:14 | 000,747,520 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®

SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2014-04-02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)

SRV - [2014-03-11 23:32:20 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014-03-04 13:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2014-01-29 00:27:58 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2013-12-10 15:27:58 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2013-12-10 15:27:54 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)

SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2012-01-17 11:24:10 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASGT.exe -- (ASGT)

SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014-03-21 21:43:52 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)

DRV:64bit: - [2014-03-11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2013-12-18 12:34:38 | 000,888,536 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2013-12-10 15:27:54 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)

DRV:64bit: - [2013-11-28 15:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2013-10-02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2013-09-17 07:48:32 | 000,795,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)

DRV:64bit: - [2013-09-17 07:48:32 | 000,358,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)

DRV:64bit: - [2013-09-17 07:48:32 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)

DRV:64bit: - [2013-09-04 19:57:10 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010-07-01 15:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)

DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

IE - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

IE - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Programy\Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

[2013-08-30 19:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - plugin: Error reading preferences file

CHR - Extension: AdBlock = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\

CHR - Extension: Google Wallet = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2014-04-28 16:41:31 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\Office\Office15\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [shadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000..\Run: [] C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Office\Office15\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Office\Office15\EXCEL.EXE (Microsoft Corporation)

O1364bit: - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 10.55.2)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.55.2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{339DB607-6D52-4429-9679-EA646E515218}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\Office\Office15\MSOSB.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-04-28 16:40:51 | 000,000,000 | ---D | C] -- C:\_OTL

[2014-04-28 16:12:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2014-04-27 22:42:24 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\NVIDIA

[2014-04-27 09:44:05 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe

[2014-04-27 09:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2014-04-27 09:43:27 | 006,714,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2014-04-27 09:43:27 | 003,497,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2014-04-27 09:43:27 | 002,558,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2014-04-27 09:43:27 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2014-04-27 09:43:27 | 000,064,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2014-04-27 09:43:00 | 000,062,408 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2014-04-27 09:43:00 | 000,054,216 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2014-04-27 09:40:38 | 031,474,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2014-04-27 09:40:38 | 025,255,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2014-04-27 09:40:38 | 023,716,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2014-04-27 09:40:38 | 018,302,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2014-04-27 09:40:38 | 017,755,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2014-04-27 09:40:38 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2014-04-27 09:40:38 | 015,783,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2014-04-27 09:40:38 | 014,709,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2014-04-27 09:40:38 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2014-04-27 09:40:38 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2014-04-27 09:40:38 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2014-04-27 09:40:38 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2014-04-27 09:40:38 | 003,143,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2014-04-27 09:40:38 | 003,093,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2014-04-27 09:40:38 | 002,958,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2014-04-27 09:40:38 | 002,783,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2014-04-27 09:40:38 | 002,715,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2014-04-27 09:40:38 | 002,411,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2014-04-27 09:40:38 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433523.dll

[2014-04-27 09:40:38 | 001,516,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433523.dll

[2014-04-27 09:40:38 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll

[2014-04-27 09:40:38 | 000,947,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2014-04-27 09:40:38 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll

[2014-04-27 09:40:38 | 000,877,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll

[2014-04-27 09:40:38 | 000,863,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll

[2014-04-27 09:40:38 | 000,846,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll

[2014-04-27 09:40:38 | 000,832,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2014-04-27 09:40:38 | 000,484,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll

[2014-04-27 09:40:38 | 000,409,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll

[2014-04-27 09:40:38 | 000,377,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll

[2014-04-27 09:40:38 | 000,353,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll

[2014-04-27 09:40:38 | 000,333,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll

[2014-04-27 09:40:38 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll

[2014-04-27 09:40:38 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys

[2014-04-27 09:40:38 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2014-04-27 09:40:38 | 000,148,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2014-04-27 09:40:38 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

[2014-04-27 09:36:40 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys

[2014-04-27 09:36:40 | 000,033,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll

[2014-04-26 14:08:12 | 000,000,000 | ---D | C] -- C:\Users\Asus\Documents\Ghost Games

[2014-04-26 14:02:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Rivals

[2014-04-21 08:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client

[2014-04-21 08:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2014-04-20 14:59:42 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2014-04-20 14:59:37 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2014-04-20 14:59:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2014-04-20 14:59:37 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2014-04-19 10:29:32 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys

[2014-04-19 10:29:32 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys

[2014-04-19 10:29:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll

[2014-04-19 10:29:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll

[2014-04-19 10:29:14 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

[2014-04-19 10:29:14 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2014-04-19 10:29:13 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

[2014-04-19 10:29:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2014-04-19 10:29:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

[2014-04-19 10:29:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2014-04-19 10:29:13 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

[2014-04-19 10:29:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2014-04-19 10:29:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2014-04-19 10:29:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2014-04-18 14:04:08 | 000,000,000 | ---D | C] -- C:\Windows\pl

[2014-04-18 14:03:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

[2014-04-18 14:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live

[2014-04-18 14:01:01 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\Windows Live

[2014-04-18 14:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live

[2014-04-16 17:31:02 | 000,000,000 | ---D | C] -- C:\Users\Asus\Documents\OMC ModPack

[2014-04-16 09:51:05 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\DropboxMaster

[2014-04-16 09:50:49 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

[2014-04-16 09:49:42 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Dropbox

[2014-04-16 09:17:52 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\World of Tanks

[2014-04-15 09:54:21 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Publish Providers

[2014-04-15 09:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony

[2014-04-06 11:10:25 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\Octodad Dadliest Catch

[2014-04-06 11:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\CODEX

[2014-04-03 18:19:58 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\Macromedia

[2014-04-03 18:19:55 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\OpenFM

[2014-04-03 18:19:40 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\OpenFM

[2014-03-31 21:34:22 | 000,322,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

[2014-03-30 14:39:36 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2014-03-30 14:39:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll

[2014-03-30 14:39:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll

[2014-03-30 14:39:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2014-03-30 14:39:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2014-03-30 14:39:33 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2014-03-30 14:39:33 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2014-03-30 14:39:33 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll

[2014-03-30 14:39:33 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2014-03-30 14:39:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll

[2014-03-30 14:39:32 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2014-03-30 14:39:31 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2014-03-30 14:39:31 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2014-03-30 14:39:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2014-03-30 14:39:30 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2014-03-30 14:39:30 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2014-03-30 14:39:30 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe

[2014-03-30 14:39:29 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2014-03-30 14:39:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2014-03-30 14:39:28 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2014-03-30 14:39:28 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2014-03-30 14:39:28 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll

[2014-03-30 14:39:27 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe

[2014-03-30 14:39:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2014-03-30 14:25:20 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll

[2014-03-30 14:25:20 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll

[2014-03-30 14:25:19 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll

[2014-03-30 14:25:19 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll

[2014-03-30 14:24:50 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll

[2014-03-29 19:42:54 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\Skyrim

[2014-03-29 19:41:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks

[2014-03-29 18:13:54 | 000,000,000 | ---D | C] -- C:\Users\Asus\Documents\Any Video Converter

[2014-03-29 18:13:54 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\AnvSoft

[2014-03-29 18:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft

[2014-03-29 18:01:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool

[2014-03-29 18:01:05 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\Sony

[2014-03-29 17:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps

========== Files - Modified Within 30 Days ==========

[2014-04-28 16:48:13 | 001,670,518 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2014-04-28 16:48:13 | 000,740,422 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2014-04-28 16:48:13 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2014-04-28 16:48:13 | 000,155,996 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2014-04-28 16:48:13 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2014-04-28 16:48:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014-04-28 16:42:20 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014-04-28 16:42:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014-04-28 16:42:02 | 2110,132,223 | -HS- | M] () -- C:\hiberfil.sys

[2014-04-28 16:41:31 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts

[2014-04-28 16:32:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014-04-28 16:12:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2014-04-28 15:51:44 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014-04-28 15:51:44 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014-04-28 10:56:12 | 000,400,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2014-04-27 09:27:39 | 000,007,604 | ---- | M] () -- C:\Users\Asus\AppData\Local\Resmon.ResmonCfg

[2014-04-21 08:27:55 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif

[2014-04-20 16:15:05 | 468,317,278 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2014-04-14 20:13:43 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2014-04-14 20:05:11 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2014-04-14 20:05:06 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2014-04-14 20:04:29 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2014-04-10 14:51:05 | 000,002,149 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014-04-04 17:27:52 | 001,642,188 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2014-04-03 18:19:43 | 000,001,182 | ---- | M] () -- C:\Users\Asus\Desktop\OpenFM.lnk

[2014-04-02 15:27:17 | 001,081,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll

[2014-04-02 15:27:05 | 001,225,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll

[2014-03-31 21:34:22 | 000,322,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

[2014-03-29 19:41:14 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\The Elder Scrolls V Skyrim - Legendary Edition.lnk

========== Files Created - No Company Name ==========

[2014-04-27 09:43:27 | 003,649,185 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin

[2014-04-27 09:40:38 | 000,024,544 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb

[2014-04-21 08:25:36 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

[2014-04-18 14:04:02 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk

[2014-04-18 14:03:56 | 000,001,334 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk

[2014-04-03 18:19:43 | 000,001,182 | ---- | C] () -- C:\Users\Asus\Desktop\OpenFM.lnk

[2014-04-03 18:19:41 | 000,001,190 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk

[2014-03-30 12:27:25 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif

[2014-03-29 19:41:14 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\The Elder Scrolls V Skyrim - Legendary Edition.lnk

[2014-03-13 16:42:23 | 000,007,604 | ---- | C] () -- C:\Users\Asus\AppData\Local\Resmon.ResmonCfg

[2014-02-20 11:37:33 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl

[2014-02-11 00:03:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat

[2014-01-05 23:48:00 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2014-01-05 23:47:40 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2013-12-18 23:33:48 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2013-12-18 19:16:48 | 001,642,188 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013-12-18 00:17:23 | 000,000,123 | ---- | C] () -- C:\Windows\disney.ini

[2013-11-27 10:21:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\IOMAP64.SYS

[2013-09-20 15:11:17 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI

[2013-08-29 15:06:00 | 000,054,627 | ---- | C] () -- C:\Windows\Ascd_log.ini

[2013-08-29 15:04:17 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2013-08-29 15:04:11 | 000,040,338 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

========== ZeroAccess Check ==========

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014-03-29 18:13:54 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\AnvSoft

[2014-02-20 14:32:39 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Auslogics

[2014-03-13 23:13:06 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite

[2014-04-16 09:51:12 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Dropbox

[2014-04-16 09:51:12 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DropboxMaster

[2014-04-27 23:03:16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GG

[2014-01-05 23:46:41 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Leadertech

[2013-08-30 21:32:15 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\LolClient

[2013-12-25 17:53:39 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Medal of Honor Warfighter

[2014-04-03 18:19:55 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\OpenFM

[2014-02-01 16:52:19 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Origin

[2014-04-15 09:54:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Publish Providers

[2014-02-16 15:02:38 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Riot Games

[2014-01-26 20:44:28 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Screaming Bee

[2013-10-15 15:27:11 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\The Creative Assembly

[2013-10-14 18:23:13 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Tropico 3

[2014-01-17 23:10:52 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TS3Client

[2013-09-07 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TuneUp Software

[2014-02-12 21:50:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Tunngle

[2014-02-08 00:09:54 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Unity

[2014-04-27 09:13:46 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\uTorrent

[2014-01-04 13:53:48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Wargaming.net

[2013-09-27 16:26:03 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software

[2013-09-27 16:26:03 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:07BF512B

< End of report >

OTL Extras logfile created on: 2014-04-28 16:45:20 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16521)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,95 Gb Total Physical Memory | 6,39 Gb Available Physical Memory | 80,39% Memory free

15,91 Gb Paging File | 14,12 Gb Available in Paging File | 88,75% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 53,35 Gb Free Space | 27,33% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 402,81 Gb Free Space | 54,72% Space Free | Partition Type: NTFS

Computer Name: ASUS-KOMPUTER | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2120599999-3823338773-1484169776-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{10C36B9A-CD7B-40E8-81EE-53AD722925B4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

"{1184C9FA-B59B-4DBB-B0A8-AFACFF4D46BD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{149874E2-7F5F-4B07-9268-CB92EC65B87C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{1CA0B937-0710-4345-927E-2AE8FED5D74F}" = lport=139 | protocol=6 | dir=in | app=system |

"{1F5705E9-E656-458E-B51D-B2D4ED6BAC5C}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |

"{1FC11284-C5E8-45F8-94B9-4A8333FA3B8A}" = rport=10243 | protocol=6 | dir=out | app=system |

"{247F9315-B4D1-4127-97DE-88AB3A889BC3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |

"{2A341346-BC47-498E-9B17-A0149D006E28}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{4B78B597-0597-47FD-BFA4-C7928E1F3461}" = rport=138 | protocol=17 | dir=out | app=system |

"{5764AEEA-ADE4-482F-A5AB-49BC4B2B0935}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{5BA1B324-97B1-4BB2-A2B6-A03EFE97A822}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{604E95E9-83B2-4F99-841B-5BD9D48C94A2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

"{63110AC3-1BB0-4974-AFD4-B5C197060EB1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{7659D4C1-A479-4E0B-9177-6D46645BDC72}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{7929DF20-9B8D-47E1-A344-5A5DA0854B64}" = lport=10243 | protocol=6 | dir=in | app=system |

"{796821A3-09DA-4D38-9160-4B07EBBD4A1B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{7BCAD6D8-0774-4681-ADBD-E0E18571039B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{7DF92774-8CEC-4385-8EAD-5A73B6EF5D13}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{7E058FE8-17A1-4DA0-AE13-34399990B42A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |

"{7F8D5CA9-BD55-4978-8127-958E7C70937F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{801F85E9-1848-43F6-A091-C5FEFA08AC7B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{9545EACE-A9A2-442C-879B-2787C13BE753}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{9B6F1250-A651-4E57-A76C-798ECF18CAD9}" = lport=138 | protocol=17 | dir=in | app=system |

"{9F559146-B63B-4D9B-8E54-D1E3B410C0B8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{A9EDC2FF-8CAF-4FE1-BB80-92E84A58AF2D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{AD766AEC-A41F-43FE-B9C2-409945F9E3FC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{AF93CC59-C304-41D8-8632-DBA2B5D9EE5B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

"{B2B5A56C-FED4-4361-A278-F1C31B457BC3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{B34051F2-8813-487E-8A3C-4DAF7F45B792}" = rport=139 | protocol=6 | dir=out | app=system |

"{C9611930-9370-41FD-8D34-D0EA7B4B4774}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{D0B42383-F672-4E80-BC06-625BCA2AC671}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{D4C39080-85AE-4104-8FA9-F4EBE4684D4A}" = lport=2869 | protocol=6 | dir=in | app=system |

"{D745949C-5125-40E1-9D2B-A2524F074DFF}" = lport=445 | protocol=6 | dir=in | app=system |

"{D7E978B5-44BC-4B5B-BE1D-6E5BFAE77887}" = rport=445 | protocol=6 | dir=out | app=system |

"{D7EA83F1-0C18-4421-A33D-2D347B248CCB}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |

"{DB24B786-B9D7-415C-AB7A-D281C77DB857}" = rport=137 | protocol=17 | dir=out | app=system |

"{E44BABC1-E4A6-45E5-9AF7-F62600C8A537}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{F5A50AE7-D460-495B-8034-578991E316EA}" = lport=137 | protocol=17 | dir=in | app=system |

"{F6F52E89-0B18-435D-A445-EA32618DC866}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{028349ED-39CE-4753-BC25-FE0AC537D814}" = protocol=1 | dir=in | [email protected],-28543 |

"{040C0ECB-3E1A-48DC-A92C-21A4232CCFFA}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe |

"{07424AD6-6C6F-49DF-A920-25FB70EE01D9}" = protocol=6 | dir=in | app=d:\gry\fifa 14\game\fifa14.exe |

"{08D8FC03-3AD9-42F5-8DDA-83D796856056}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{1398886C-1300-487B-ACE8-1645E34F69C7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{22EE6101-231A-42E1-83C8-97CBC1EA1B5F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{26D6CA58-3514-4DA2-9CEC-98374995D57E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{2BF19FE2-DCF7-4E75-B854-B76150EA9BB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{33BD2CA5-C354-4828-833E-34278E24529E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{3472F6F1-82A0-413F-8CB9-6D4FD09A9CFA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{48D7E0BA-41FD-4998-90A6-6341CDEC56E1}" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\launchgtaiv.exe |

"{663314BD-247F-40D9-A4DA-2764AC470574}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{6896AC49-ECD7-44B2-BE5A-61EFE548603F}" = protocol=17 | dir=in | app=d:\gry\fifa 14\game\fifa14.exe |

"{6AA79844-BB37-4F36-8DA1-19597CBD2A76}" = protocol=58 | dir=out | [email protected],-28546 |

"{6D3DE0ED-5AA5-4C46-9D68-654B0ABE372C}" = protocol=17 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe |

"{6DB46BFE-B22F-4305-A93B-9F67933AD4CD}" = protocol=17 | dir=in | app=d:\gry\battlefield 4\bf4.exe |

"{6E5B957E-FBD2-44E9-972C-947287C128A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{74142C51-BA93-4DC3-B1C6-E782DD81A9F9}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\dropbox\bin\dropbox.exe |

"{79B0E109-D7C0-4516-980D-1554131616D4}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe |

"{7D287234-CA16-4FE6-854B-BA832196F475}" = protocol=17 | dir=in | app=d:\gry\tropico 3\tropico3.exe |

"{8785390B-9CC8-45C7-ADA0-CB0A3EC16F8A}" = protocol=6 | dir=in | app=d:\gry\battlefield 4\bf4_x86.exe |

"{8BB406A4-5A53-40CD-9AF2-9DFE7B49407C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{8FFE6862-CA9F-4F2D-A166-B39BCE698279}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |

"{91E157DA-0329-46B4-BDA2-9FA2BBD9EA77}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{9485A68A-82CD-4AC8-9A2C-082EA3E52EDD}" = protocol=17 | dir=in | app=d:\gry\assassin's creed iv - black flag\ac4bfsp.exe |

"{95827B3C-063A-44DE-9039-94109C8E6854}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{A401F613-5104-4A86-B27E-44675493BB7C}" = protocol=6 | dir=out | app=system |

"{A6F8F46E-D013-4825-B745-31C87D5495C9}" = protocol=6 | dir=in | app=d:\gry\tropico 3\tropico3.exe |

"{AAEC1095-A1FA-40BB-9388-3D2CD65AAEFF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{B3F4BACE-08EE-49C8-AEE0-5E92CCCF9CB8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{BB1F0AF3-B545-49F2-9C12-D89F3707F7B2}" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\launchgtaiv.exe |

"{BC9C301E-904D-4DE3-87E4-B0AAF0F2BA05}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{BD24DF09-C95E-4A53-8BB5-D9F5A6D1E489}" = protocol=58 | dir=in | [email protected],-28545 |

"{C7261FFE-238A-4A64-91A2-08C4DBD1A032}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{D2437334-0E21-499C-88D5-F3C029D4B80B}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\dropbox\bin\dropbox.exe |

"{D58C3C9A-D644-4D58-ABA9-78A21B483317}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{DF491ECD-2DF2-427F-88A3-D98D80782BEF}" = protocol=6 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe |

"{DF6FE91B-ACC4-4A84-B7F1-055981E7A13A}" = protocol=6 | dir=in | app=d:\gry\assassin's creed iv - black flag\ac4bfsp.exe |

"{EDD3A520-6108-4857-AEED-5E3680AD1AAC}" = protocol=6 | dir=in | app=d:\gry\battlefield 4\bf4.exe |

"{FA979D39-59EB-49F6-B8AB-8A7DD61581EE}" = protocol=17 | dir=in | app=d:\gry\battlefield 4\bf4_x86.exe |

"{FB01F1B9-0338-4E3F-9793-7DFDBFC2B9B5}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |

"{FF27B834-E9F2-468A-B28F-5E5F303A22A1}" = protocol=1 | dir=out | [email protected],-28544 |

"TCP Query User{2A368F6B-57AF-4C96-A637-EB2CCF5A8CEC}D:\gry\rome total war 2\rome2.exe" = protocol=6 | dir=in | app=d:\gry\rome total war 2\rome2.exe |

"TCP Query User{2E4458D9-4BC9-4218-9F70-76A514346826}D:\gry\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\gry\world of tanks\worldoftanks.exe |

"TCP Query User{4822C57C-A892-4459-83C6-A02EC5C5EF42}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

"TCP Query User{61571FC8-AA34-4A36-8530-DAEAE7E3B574}D:\gry\world of tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\gry\world of tanks\wotlauncher.exe |

"TCP Query User{814C0DF5-B661-45E2-8BC4-DDA94D57A19A}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe |

"TCP Query User{97B71F12-1D09-4638-BEBA-15C214DA0880}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe |

"TCP Query User{D6244BE2-5DD4-4E26-B226-5C27C3B6856A}D:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe |

"TCP Query User{F686F07A-0D14-44BE-B0A7-E25FC79267F3}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

"UDP Query User{19454B34-DD3F-481E-97E3-6E3E709AD6C8}D:\gry\world of tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\gry\world of tanks\wotlauncher.exe |

"UDP Query User{51A9711A-3F93-46B4-A04D-3390528DE045}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

"UDP Query User{66205624-3EDC-4EF6-A855-4A1A6EF1FBD7}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe |

"UDP Query User{8091FC04-4BA0-4915-AE5A-DE361A5FB8A9}D:\gry\rome total war 2\rome2.exe" = protocol=17 | dir=in | app=d:\gry\rome total war 2\rome2.exe |

"UDP Query User{98B38199-413B-4138-8316-F761D148139F}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe |

"UDP Query User{C173C837-5CEE-4C78-9478-4BF8A98EA671}D:\gry\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\gry\world of tanks\worldoftanks.exe |

"UDP Query User{CFC81EC6-C767-49B9-B77E-E2BA3570D994}D:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe |

"UDP Query User{DBBFEEAC-C00D-4162-B9A9-C864CF87C7A9}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK)

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610

"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables

"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013

"{90150000-0015-0415-1000-0000000FF1CE}" = Microsoft Access MUI (Polish) 2013

"{90150000-0016-0415-1000-0000000FF1CE}" = Microsoft Excel MUI (Polish) 2013

"{90150000-0018-0415-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Polish) 2013

"{90150000-0019-0415-1000-0000000FF1CE}" = Microsoft Publisher MUI (Polish) 2013

"{90150000-001A-0415-1000-0000000FF1CE}" = Microsoft Outlook MUI (Polish) 2013

"{90150000-001B-0415-1000-0000000FF1CE}" = Microsoft Word MUI (Polish) 2013

"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch

"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English

"{90150000-001F-0415-1000-0000000FF1CE}" = Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski

"{90150000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2013

"{90150000-0044-0415-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Polish) 2013

"{90150000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2013

"{90150000-0090-0415-1000-0000000FF1CE}" = Microsoft DCF MUI (Polish) 2013

"{90150000-00A1-0415-1000-0000000FF1CE}" = Microsoft OneNote MUI (Polish) 2013

"{90150000-00BA-0415-1000-0000000FF1CE}" = Microsoft Groove MUI (Polish) 2013

"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013

"{90150000-00C1-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2013

"{90150000-00E1-0415-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Polish) 2013

"{90150000-00E2-0415-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Polish) 2013

"{90150000-012B-0415-1000-0000000FF1CE}" = Microsoft Lync MUI (Polish) 2013

"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski)

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 335.23

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 335.23

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 335.23

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 335.21

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.1220

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 12.4.55

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.30.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.55

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.22

"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client

"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client

"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant

"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4

"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64

"Microsoft Security Client" = Microsoft Security Essentials

"Office15.PROPLUS" = Microsoft Office Professional Plus 2013

"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform

"{032DC00A-51D1-4D28-BFB7-1D0E85291E11}" = Futuremark SystemInfo

"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery

"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club

"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005

"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common

"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks

"{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}" = System Requirements Lab for Intel

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20

"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55

"{34D1912D-12A3-430E-AB7B-11E32BC02A4C}_update2.0.0.0" = Обновление 2.0.0.0 для игры «Ведьмак 2: Убийцы королей»

"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610

"{3EEF6B1E-38AA-4F22-BA70-30A73BB06AAE}" = Photo Common

"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak

"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV

"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable

"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends

"{6049054B-DB11-48E1-A583-9A565D5C8856}_is1" = "FIFA 14"

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer

"{6CA1CD8C-2D65-491E-9467-00A3ACA4A0A9}" = Tropico 3

"{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}" = MSVCRT Redists

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed

"{77655DF6-A143-4A25-A5F8-127C8CE63EDA}" = Galeria fotografii

"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.13

"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005

"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX

"{83DD27C9-CDC2-489A-87FA-8622C1F8F8EC}" = Debugging Tools for Windows (x86)

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110

"{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}" = Podstawowe programy Windows Live

"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610

"{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1" = "Assassin's Creed IV - Black Flag"

"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™

"{AC57543E-EC54-4AB7-A18C-4B04BB1CF09A}" = Windows Live UX Platform Language Pack

"{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish

"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform

"{C0B16F2E-3980-44F8-8CF4-F84696541FF7}" = ASUS Product Register Program

"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE

"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

"{CF9086F7-0490-42CE-8029-09CCB8FB942A}_is1" = OMC ModPack wersja 0.9.0.0

"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions

"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4

"{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}" = Movie Maker

"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"«The Witcher 2 - Assassins of Kings. Enhanced Edition»_is1" = «The Witcher 2 - Assassins of Kings. Enhanced Edition»

"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin

"Any Video Converter_is1" = Any Video Converter 5.5.8

"Battlelog Web Plugins" = Battlelog Web Plugins

"ESN Sonar-0.70.4" = ESN Sonar

"Fraps" = Fraps (remove only)

"Google Chrome" = Google Chrome

"InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak

"KLiteCodecPack_is1" = K-Lite Codec Pack 10.1.5 Full

"League of Legends 3.0.1" = League of Legends

"Medal of Honor Warfighter_R.G. Mechanics_is1" = Medal of Honor Warfighter

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"OpenAL" = OpenAL

"Origin" = Origin

"PITy2013IPS_is1" = PITy2013 IPS 1.5.2.0 kompilacja:1.5.3.10

"RealAlt_is1" = Real Alternative 2.0.2

"The Elder Scrolls V Skyrim - Legendary Edition_is1" = The Elder Scrolls V Skyrim - Legendary Edition

"WinLiveSuite" = Podstawowe programy Windows Live

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2120599999-3823338773-1484169776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"GG" = GG

"OpenFM" = OpenFM

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 2014-04-27 02:41:14 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description =

Error - 2014-04-27 02:42:31 | Computer Name = Asus-Komputer | Source = WinMgmt | ID = 10

Description =

Error - 2014-04-27 02:50:52 | Computer Name = Asus-Komputer | Source = Office 2013 Licensing Service | ID = 0

Description =

Error - 2014-04-27 03:28:50 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description =

Error - 2014-04-27 03:28:50 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description =

Error - 2014-04-27 03:30:09 | Computer Name = Asus-Komputer | Source = WinMgmt | ID = 10

Description =

Error - 2014-04-28 04:57:52 | Computer Name = Asus-Komputer | Source = WinMgmt | ID = 10

Description =

Error - 2014-04-28 05:06:27 | Computer Name = Asus-Komputer | Source = Office 2013 Licensing Service | ID = 0

Description =

Error - 2014-04-28 09:45:57 | Computer Name = Asus-Komputer | Source = WinMgmt | ID = 10

Description =

Error - 2014-04-28 10:43:54 | Computer Name = Asus-Komputer | Source = WinMgmt | ID = 10

Description =

[ System Events ]

Error - 2014-04-27 02:41:03 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description =

Error - 2014-04-27 03:28:41 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description =

Error - 2014-04-27 03:28:41 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description =

Error - 2014-04-28 04:56:40 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description =

Error - 2014-04-28 04:56:40 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description =

Error - 2014-04-28 09:44:33 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description =

Error - 2014-04-28 09:44:33 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description =

Error - 2014-04-28 10:40:51 | Computer Name = Asus-Komputer | Source = Service Control Manager | ID = 7034

Description = Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła

pracę. Wystąpiło to razy: 1.

Error - 2014-04-28 10:42:31 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description =

Error - 2014-04-28 10:42:32 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description =

< End of report >

Janusz. · 28 Kwietnia 2014

wstaw logi otl www.mpcforum.pl/topic/679592-tutlogi-co-i-jak/

Janusz. · 28 Kwietnia 2014

MBAM uważa że ten plik to "Backdoor.Messa.E" ale mniejsza. jeszcze potrzebuje nowego loga. c:

Spartakus97 · 28 Kwietnia 2014

OTL logfile created on: 2014-04-28 16:13:30 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16521)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,95 Gb Total Physical Memory | 6,07 Gb Available Physical Memory | 76,28% Memory free

15,91 Gb Paging File | 13,51 Gb Available in Paging File | 84,96% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 52,88 Gb Free Space | 27,09% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 402,81 Gb Free Space | 54,72% Space Free | Partition Type: NTFS

Computer Name: ASUS-KOMPUTER | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-04-28 16:12:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

PRC - [2014-04-26 14:08:06 | 002,970,638 | ---- | M] (NVIDIA Corporation) -- C:\Users\Asus\AppData\Local\NVIDIA Corporation\nvxsync.exe