Uciążliwy Adware.

[Spartakus97]

Witam, mam problem ( jak widać w załączniku ) z tymże cholerstwem, które mimo usunięcia z dodaj/usuń programy oraz zmianie ustawień przeglądarki po każdym restarcie mojego komputera nadal wyskakuje. Problem jest na tyle uciążliwy, iż wcześniej udawało mi się usuwać tego typu wirusy. Tym razem mój antywirus nie wykrywa nic, a problem nadal jest. Czyściłem pc za pomocą CCleaner, AuslogicBoostSpeed, ale nie pomogło. 

 

Drugim pytaniem jest, dlaczego każdy antywirus, którego zainstaluje oprócz Microsoft Security Essantials, powoduje mi BSoD 0x00000109 lub 0x0000003A? Również nowsze sterowniki od karty graficznej je powodują.

 

Priorytetem jest Adware, dam +-siki za pomoc w tej sytuacji.

[Spartakus97]

1. Odinstaluj: SupTab, webssearches

 

2. W własne opcje skanowania wklej

 

:OTL

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...C1S498341783417
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.websse...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.websse...C1S498341783417
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...C1S498341783417
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.websse...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...q={searchTerms}
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://istart.websse...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.websse...C1S498341783417
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...C1S498341783417
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O1364bit: - gopher Prefix: missing
O20 - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~1.DLL) - C:\Program Files (x86)\SupTab\SearchProtect32.dll (Skytech Co., Ltd.)
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:07BF512B

:Files
C:\Users\Asus\AppData\Roaming\SupTab
C:\Users\Asus\AppData\Roaming\webssearches

:Commands
[emptytemp]

Wykonaj skrypt, zatwierdź restart.

 

3. Wyczyść przeglądarki

 

Google Chrome

 

Ustawienia -> po lewej rozszerzenia i usuwamy wszystkie toolbary/dodatki.

 

Ustawienia -> po lewej ustawienia -> pokaż ustawienia zaawansowane, zjeżdżamy na sam dół i wybieramy Zresetuj ustawienia przeglądarki.

 

Ustawienia -> po lewej ustawienia -> wyszukiwanie -> klikamy w zarządzaj wyszukiwarkami i usuwamy wszystko oprócz google.com

 

 Resetowanie cache wtyczek -> w pasek adresu wpisz chrome://plugins, wybierz dowolną wtyczkę, wyłącz i włącz.

 

 

 

Firefox

 

Menu pomoc -> informacje dla pomocy technicznej -> zresetuj program Firefox.

 

 

 

4. Dostarcz fixlog z OTL (utworzy się on po restarcie systemu) oraz nowego loga OTL.

 

 

 

 

Pogrubionych z powiększonym tekstem nie mogę zrobić, ponieważ:

1) Nie mam tego w dodaj/usuń programy

2) Firefox, pierwsza przeglądarka na pc, nie mam jej już od mhm.. 3 mscy.

 

Zaczynać od 2 punktu?

[Janusz.]

Mała poprawka

 

W własne opcje skanowania wklej

 

:OTL
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~2.DLL) - C:\Program Files (x86)\SupTab\SearchProtect64.dll (Skytech Co., Ltd.)

Wykonaj skrypt, zatwierdź restart ( o ile będzie trzeba )

 

Pobierz Adwcleaner oraz Shortcut Cleaner, odpal SC-Cleaner, poczekaj chwilę. Program wygeneruje log który znajdziesz w miejscu uruchomienia. Uruchom Adwcleaner, użyj opcji "szukaj" następnie "usuń" przedstaw log z usuwania oraz log z SC-Cleanera.

 

 

http://www.bleepingcomputer.com/download/adwcleaner/
http://www.bleepingcomputer.com/download/shortcut-cleaner/

[Janusz.]

1. Odinstaluj: SupTab, webssearches

2. W własne opcje skanowania wklej
 

:OTL

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...C1S498341783417
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.websse...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.websse...C1S498341783417
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...C1S498341783417
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.websse...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...q={searchTerms}
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://istart.websse...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.websse...C1S498341783417
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...C1S498341783417
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O1364bit: - gopher Prefix: missing
O20 - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~1.DLL) - C:\Program Files (x86)\SupTab\SearchProtect32.dll (Skytech Co., Ltd.)
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:07BF512B

:Files
C:\Users\Asus\AppData\Roaming\SupTab
C:\Users\Asus\AppData\Roaming\webssearches

:Commands
[emptytemp]

Wykonaj skrypt, zatwierdź restart.

3. Wyczyść przeglądarki

Google Chrome

Ustawienia -> po lewej rozszerzenia i usuwamy wszystkie toolbary/dodatki.

Ustawienia -> po lewej ustawienia -> pokaż ustawienia zaawansowane, zjeżdżamy na sam dół i wybieramy Zresetuj ustawienia przeglądarki.

Ustawienia -> po lewej ustawienia -> wyszukiwanie -> klikamy w zarządzaj wyszukiwarkami i usuwamy wszystko oprócz google.com

 Resetowanie cache wtyczek -> w pasek adresu wpisz chrome://plugins, wybierz dowolną wtyczkę, wyłącz i włącz.

 

Firefox

Menu pomoc -> informacje dla pomocy technicznej -> zresetuj program Firefox.



4. Dostarcz fixlog z OTL (utworzy się on po restarcie systemu) oraz nowego loga OTL.

 

[Janusz.]

Wykonaj logi OTL oraz FRST zgodnie z tym poradnikiem

Poradnik dot. logów

[Spartakus97]

OTL

 

 

========== OTL ==========

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SupTab\SEARCH~2.DLL deleted successfully.

C:\Program Files (x86)\SupTab\SearchProtect64.dll moved successfully.

 

OTL by OldTimer - Version 3.2.69.0 log created on 05192014_202048

 

AdwCleaner

 

# AdwCleaner v3.210 - Log utworzony 19/05/2014 o 20:22:38

# Aktualizacja 19/05/2014 przez Xplode

# System operacyjny : Windows 7 Home Premium Service Pack 1 (64 bits)

# Użytkownik : Asus - ASUS-KOMPUTER

# Ścieżka : C:\Users\Asus\Desktop\AdwCleaner.exe

# Opcja : Szukaj

 

***** [ Usługi ] *****

 

Usługa Znaleziono : IePluginServices

 

***** [ Pliki / Foldery ] *****

 

Folder Znaleziono : C:\Program Files (x86)\SupTab

Folder Znaleziono : C:\ProgramData\IePluginServices

Folder Znaleziono : C:\ProgramData\WPM

Plik Znaleziono : C:\Users\Asus\daemonprocess.txt

 

***** [ Skróty ] *****

 

 

***** [ Rejestr ] *****

 

Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

Klucz Znaleziono : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Klucz Znaleziono : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

Klucz Znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASAPI32

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASMANCS

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseSmart_RASAPI32

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseSmart_RASMANCS

Klucz Znaleziono : HKLM\Software\SupTab

Klucz Znaleziono : HKLM\Software\supWPM

Klucz Znaleziono : HKLM\Software\webssearchesSoftware

Klucz Znaleziono : HKLM\Software\Wpm

Klucz Znaleziono : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

 

***** [ Przeglądarki internetowe ] *****

 

-\\ Internet Explorer v11.0.9600.16521

 

 

-\\ Google Chrome v34.0.1847.137

 

[ Plik : C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [3664 octets] - [20/02/2014 13:25:35]

AdwCleaner[R1].txt - [2015 octets] - [19/05/2014 20:22:38]

AdwCleaner[s0].txt - [3089 octets] - [20/02/2014 13:26:24]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2135 octets] ##########

 

sc-cleaner

Shortcut Cleaner 1.3.3 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2014 BleepingComputer.com

More Information about Shortcut Cleaner can be found at this link:

 http://www.bleepingcomputer.com/download/shortcut-cleaner/

 

Windows Version: Windows 7 Home Premium Service Pack 1

Program started at: 05/19/2014 08:22:06 PM.

 

Scanning for registry hijacks:

 

  * HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "@" hijacked!

 

Backup Registry file created at:

 C:\Users\Asus\Desktop\sc-cleaner\sc-cleaner-05-19-2014-08-22-06.reg

 

Searching for Hijacked Shortcuts:

 

Searching C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\

 

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

 

Searching C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

 

Searching C:\Users\Public\Desktop\

 

Searching C:\Users\Asus\Desktop

 

 

0 bad shortcuts found.

 

Program finished at: 05/19/2014 08:22:06 PM

Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

 

+ utworzyło plik .reg

[Janusz.]

zrobiło ten plik ponieważ był usuwany ( a raczej modyfikowany) wpis w rejestrze.

 

Scanning for registry hijacks:

 

  * HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "@" hijacked!

w sumie nie wiem czym był ten wpis ale potrzymaj przez jakiś czas ten plik *.reg. jakby coś złego się działo z systemem to wtedy możesz go "włączyć" i zimportować do rejestru.

 

Trochę syfu pominąłem ale adw wyczyścił (użyłeś opcji "usuń"?)

Wszystko jest już okej z systemem?

[Spartakus97]

FRST.txt

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014

Ran by Asus (administrator) on ASUS-KOMPUTER on 19-05-2014 19:07:39

Running from C:\Users\Asus\Desktop

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polish

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(LogMeIn Inc.) D:\Programy\Hamachi\hamachi-2.exe

(LogMeIn, Inc.) D:\Programy\Hamachi\LMIGuardianSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(LogMeIn Inc.) D:\Programy\Hamachi\hamachi-2-ui.exe

(LogMeIn, Inc.) D:\Programy\Hamachi\LMIGuardianSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Microsoft Corporation) D:\Programy\Office\Office15\MSOSYNC.EXE

(Wargaming.net) D:\Gry\World of Tanks\WorldOfTanks.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-09-17] (Intel Corporation)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Programy\Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)

HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\...\Run: [] => C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe [1169224 2010-11-21] (Microsoft Corporation)

AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)

AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Pomocnik logowania za pomocą konta Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\Office\Office15\MSOSB.DLL (Microsoft Corporation)

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 - D:\Programy\Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File

 

Chrome: 

=======

CHR HomePage: hxxp://istart.webssearches.com/?type=hppp&ts=1400517091&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

CHR StartupUrls: "hxxp://istart.webssearches.com/?type=hppp&ts=1400517091&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417"

CHR Extension: (AdBlock) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-23]

CHR Extension: (Google Wallet) - C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]

 

==================== Services (Whitelisted) =================

 

S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()

S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-29] (Futuremark)

R2 Hamachi2Svc; D:\Programy\Hamachi\hamachi-2.exe [2228048 2014-05-13] (LogMeIn Inc.)

R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)

 

==================== Drivers (Whitelisted) ====================

 

S3 ew_hwusbdev; No ImagePath

S3 ew_usbenumfilter; No ImagePath

S3 huawei_cdcacm; No ImagePath

S3 huawei_enumerator; No ImagePath

S3 huawei_ext_ctrl; No ImagePath

S3 huawei_wwanecm; No ImagePath

R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)

R4 IOMap; C:\Windows\SysWOW64\drivers\IOMap64.sys [0 2013-11-27] ()

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-28] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

R1 MpKsl48e68be7; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A4DEB153-33DE-435B-A531-5849BC631D54}\MpKsl48e68be7.sys [45352 2014-05-19] (Microsoft Corporation)

R1 MpKsl620f45f4; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A4DEB153-33DE-435B-A531-5849BC631D54}\MpKsl620f45f4.sys [45352 2014-05-19] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2013-09-04] ()

U3 ay2yqi00; C:\Windows\System32\Drivers\ay2yqi00.sys [0 ] (Microsoft Corporation)

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-05-19 19:08 - 2014-05-19 19:08 - 00602112 _____ (OldTimer Tools) C:\Users\Asus\Desktop\Niepotwierdzony 108637.crdownload

2014-05-19 19:07 - 2014-05-19 19:07 - 02067456 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe

2014-05-19 19:07 - 2014-05-19 19:07 - 00016197 _____ () C:\Users\Asus\Desktop\FRST.txt

2014-05-19 19:07 - 2014-05-19 19:07 - 00000000 ____D () C:\FRST

2014-05-19 17:14 - 2014-05-19 17:14 - 00293736 _____ () C:\Windows\Minidump\051914-12136-01.dmp

2014-05-18 16:53 - 2014-05-18 16:53 - 00000000 ___SH () C:\Users\Asus\AppData\Local\LumaEmu

2014-05-18 16:52 - 2014-05-18 16:52 - 00000523 _____ () C:\Users\Asus\Desktop\Call of Duty Ghosts.lnk

2014-05-18 16:52 - 2014-05-18 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O22y Inc

2014-05-18 16:30 - 2014-05-18 16:30 - 00003156 _____ () C:\Windows\System32\Tasks\{BC2DCB3C-D7D7-4572-9AFB-07AF76A5B7BA}

2014-05-18 16:28 - 2014-05-18 16:28 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\SupTab

2014-05-18 16:28 - 2014-05-18 16:28 - 00000000 ____D () C:\ProgramData\WPM

2014-05-18 16:28 - 2014-05-18 16:28 - 00000000 ____D () C:\ProgramData\IePluginServices

2014-05-18 16:28 - 2014-05-18 16:28 - 00000000 ____D () C:\Program Files (x86)\SupTab

2014-05-16 14:56 - 2014-05-16 14:56 - 00000835 _____ () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2014-05-15 18:48 - 2014-05-18 21:28 - 00026093 _____ () C:\Users\Asus\Desktop\Operacja Superpershing.xlsx

2014-05-14 20:25 - 2014-05-14 20:25 - 00293736 _____ () C:\Windows\Minidump\051414-17191-01.dmp

2014-05-14 14:02 - 2014-05-14 14:02 - 00000626 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

2014-05-14 14:02 - 2014-05-14 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2014-05-10 14:04 - 2014-05-10 14:04 - 00001050 _____ () C:\Users\Asus\Desktop\ts3.lnk

2014-05-09 22:43 - 2014-05-19 18:50 - 00000000 ____D () C:\Users\Asus\AppData\Local\LogMeIn Hamachi

2014-05-09 22:33 - 2014-05-19 18:34 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\.minecraft

2014-05-09 22:33 - 2014-05-09 22:33 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft

2014-05-09 22:28 - 2014-05-11 19:37 - 00000000 ____D () C:\Users\Asus\Desktop\Serwer Minecraft

2014-05-09 11:21 - 2014-05-09 11:21 - 00293736 _____ () C:\Windows\Minidump\050914-15849-01.dmp

2014-05-07 10:03 - 2014-05-07 10:03 - 00293736 _____ () C:\Windows\Minidump\050714-17378-01.dmp

2014-05-02 11:19 - 2014-05-02 11:19 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\NVIDIA

2014-05-01 15:46 - 2014-05-19 17:14 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-05-01 15:46 - 2013-12-19 20:53 - 06671648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2014-05-01 15:46 - 2013-12-19 20:53 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2014-05-01 15:46 - 2013-12-19 20:53 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2014-05-01 15:46 - 2013-12-19 20:53 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2014-05-01 15:46 - 2013-12-19 20:53 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2014-05-01 15:46 - 2013-12-19 20:53 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2014-05-01 15:46 - 2013-12-19 07:01 - 03539040 _____ () C:\Windows\system32\nvcoproc.bin

2014-05-01 15:45 - 2013-12-19 22:33 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2014-05-01 15:45 - 2013-12-19 22:33 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2014-05-01 15:44 - 2013-12-19 22:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2014-05-01 15:44 - 2013-12-19 22:33 - 00023754 _____ () C:\Windows\system32\nvinfo.pb

2014-05-01 15:44 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2014-05-01 15:44 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2014-05-01 15:44 - 2013-11-22 10:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

2014-05-01 15:14 - 2014-05-01 15:14 - 00293768 _____ () C:\Windows\Minidump\050114-14008-01.dmp

2014-04-30 14:47 - 2014-04-30 14:47 - 00000930 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk

2014-04-30 14:47 - 2014-04-30 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

2014-04-30 14:47 - 2014-04-30 14:47 - 00000000 ____D () C:\Program Files\CPUID

2014-04-30 14:26 - 2014-04-30 14:26 - 00293760 _____ () C:\Windows\Minidump\043014-14820-01.dmp

2014-04-30 14:24 - 2014-04-30 14:24 - 00293776 _____ () C:\Windows\Minidump\043014-14554-01.dmp

2014-04-30 14:19 - 2014-04-30 14:19 - 00262144 _____ () C:\Windows\Minidump\043014-16473-01.dmp

2014-04-30 14:17 - 2014-04-30 14:17 - 00293296 _____ () C:\Windows\Minidump\043014-15147-01.dmp

2014-04-30 14:14 - 2014-04-30 14:14 - 00293768 _____ () C:\Windows\Minidump\043014-15631-01.dmp

2014-04-29 15:04 - 2014-04-29 15:04 - 00001425 _____ () C:\Users\Asus\Desktop\Photoshop.lnk

2014-04-29 15:03 - 2014-04-29 15:03 - 00000902 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk

2014-04-29 15:03 - 2014-04-29 15:03 - 00000876 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk

2014-04-29 15:03 - 2014-04-29 15:03 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-04-29 15:02 - 2014-04-29 15:02 - 00001483 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk

2014-04-29 15:02 - 2014-04-29 15:02 - 00000951 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk

2014-04-29 15:00 - 2014-04-29 15:03 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-04-28 20:57 - 2014-04-28 20:57 - 00293504 _____ () C:\Windows\Minidump\042814-15802-01.dmp

2014-04-28 19:52 - 2014-04-28 20:57 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-28 19:52 - 2014-04-28 19:52 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-27 09:36 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

2014-04-27 09:36 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll

2014-04-26 14:08 - 2014-04-26 14:08 - 00000000 ____D () C:\Users\Asus\Documents\Ghost Games

2014-04-21 08:25 - 2014-04-21 08:25 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2014-04-21 08:25 - 2014-04-21 08:25 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-04-21 08:25 - 2014-04-21 08:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2014-04-20 16:12 - 2014-04-20 16:12 - 00293792 _____ () C:\Windows\Minidump\042014-18174-01.dmp

2014-04-20 14:59 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-04-20 14:59 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-04-20 14:59 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-04-20 14:59 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-04-20 14:57 - 2014-04-20 14:59 - 00004030 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log

2014-04-19 10:29 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-04-19 10:29 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-04-19 10:29 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2014-04-19 10:29 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2014-04-19 10:29 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2014-04-19 10:29 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2014-04-19 10:29 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-04-19 10:29 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2014-04-19 10:29 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2014-04-19 10:29 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2014-04-19 10:29 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2014-04-19 10:29 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2014-04-19 10:29 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-04-19 10:29 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys

2014-04-19 10:29 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll

2014-04-19 10:29 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll

2014-04-19 10:28 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-04-19 10:22 - 2014-04-19 10:22 - 00293792 _____ () C:\Windows\Minidump\041914-14976-01.dmp

 

==================== One Month Modified Files and Folders =======

 

2014-05-19 19:08 - 2014-05-19 19:08 - 00602112 _____ (OldTimer Tools) C:\Users\Asus\Desktop\Niepotwierdzony 108637.crdownload

2014-05-19 19:07 - 2014-05-19 19:07 - 02067456 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe

2014-05-19 19:07 - 2014-05-19 19:07 - 00016197 _____ () C:\Users\Asus\Desktop\FRST.txt

2014-05-19 19:07 - 2014-05-19 19:07 - 00000000 ____D () C:\FRST

2014-05-19 18:53 - 2013-08-29 15:06 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-19 18:52 - 2014-01-29 22:42 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Skype

2014-05-19 18:52 - 2014-01-11 16:46 - 00005046 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Asus-Komputer-Asus Asus-Komputer

2014-05-19 18:50 - 2014-05-09 22:43 - 00000000 ____D () C:\Users\Asus\AppData\Local\LogMeIn Hamachi

2014-05-19 18:50 - 2013-08-29 15:06 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-05-19 18:50 - 2013-08-29 14:51 - 01706640 _____ () C:\Windows\WindowsUpdate.log

2014-05-19 18:34 - 2014-05-09 22:33 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\.minecraft

2014-05-19 18:32 - 2014-02-06 23:36 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-05-19 18:31 - 2014-01-16 19:45 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\uTorrent

2014-05-19 18:31 - 2013-09-04 19:57 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite

2014-05-19 17:22 - 2009-07-14 06:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-19 17:22 - 2009-07-14 06:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-19 17:20 - 2011-02-04 19:20 - 00740422 _____ () C:\Windows\system32\perfh015.dat

2014-05-19 17:20 - 2011-02-04 19:20 - 00155996 _____ () C:\Windows\system32\perfc015.dat

2014-05-19 17:20 - 2009-07-14 07:13 - 01670518 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-05-19 17:14 - 2014-05-19 17:14 - 00293736 _____ () C:\Windows\Minidump\051914-12136-01.dmp

2014-05-19 17:14 - 2014-05-01 15:46 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-05-19 17:14 - 2014-02-20 13:53 - 606815398 _____ () C:\Windows\MEMORY.DMP

2014-05-19 17:14 - 2014-02-20 13:53 - 00052744 _____ () C:\Windows\setupact.log

2014-05-19 17:14 - 2013-09-04 18:27 - 00000000 ____D () C:\Windows\Minidump

2014-05-19 17:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-05-19 16:33 - 2013-08-30 19:46 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\GG

2014-05-19 14:04 - 2013-12-05 19:58 - 00000000 ____D () C:\Users\Asus\Documents\FIFA 14

2014-05-19 10:37 - 2014-02-01 16:50 - 00000000 ____D () C:\Program Files (x86)\Origin

2014-05-19 10:36 - 2014-02-20 14:30 - 02031092 _____ () C:\Windows\PFRO.log

2014-05-18 22:45 - 2014-01-07 23:48 - 00000000 ____D () C:\Users\Asus\Desktop\nowe filmy

2014-05-18 22:41 - 2014-01-11 21:16 - 00000000 ____D () C:\Users\Asus\Desktop\Dobre filmy

2014-05-18 21:28 - 2014-05-15 18:48 - 00026093 _____ () C:\Users\Asus\Desktop\Operacja Superpershing.xlsx

2014-05-18 16:53 - 2014-05-18 16:53 - 00000000 ___SH () C:\Users\Asus\AppData\Local\LumaEmu

2014-05-18 16:52 - 2014-05-18 16:52 - 00000523 _____ () C:\Users\Asus\Desktop\Call of Duty Ghosts.lnk

2014-05-18 16:52 - 2014-05-18 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O22y Inc

2014-05-18 16:34 - 2013-08-29 15:06 - 00002149 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-05-18 16:34 - 2013-08-29 14:52 - 00001425 _____ () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-05-18 16:30 - 2014-05-18 16:30 - 00003156 _____ () C:\Windows\System32\Tasks\{BC2DCB3C-D7D7-4572-9AFB-07AF76A5B7BA}

2014-05-18 16:28 - 2014-05-18 16:28 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\SupTab

2014-05-18 16:28 - 2014-05-18 16:28 - 00000000 ____D () C:\ProgramData\WPM

2014-05-18 16:28 - 2014-05-18 16:28 - 00000000 ____D () C:\ProgramData\IePluginServices

2014-05-18 16:28 - 2014-05-18 16:28 - 00000000 ____D () C:\Program Files (x86)\SupTab

2014-05-18 15:38 - 2013-09-29 12:31 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Tropico 3

2014-05-18 14:21 - 2014-04-16 09:17 - 00000000 ____D () C:\Users\Asus\Desktop\World of Tanks

2014-05-16 14:56 - 2014-05-16 14:56 - 00000835 _____ () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2014-05-16 14:56 - 2014-01-16 19:46 - 00000855 _____ () C:\Users\Asus\Desktop\µTorrent.lnk

2014-05-14 20:32 - 2014-02-06 23:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-05-14 20:32 - 2014-02-06 23:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-05-14 20:32 - 2014-02-06 23:36 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-05-14 20:25 - 2014-05-14 20:25 - 00293736 _____ () C:\Windows\Minidump\051414-17191-01.dmp

2014-05-14 14:02 - 2014-05-14 14:02 - 00000626 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

2014-05-14 14:02 - 2014-05-14 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2014-05-12 23:21 - 2013-12-31 16:58 - 00000000 ____D () C:\Users\Asus\Desktop\Muzyka

2014-05-11 19:37 - 2014-05-09 22:28 - 00000000 ____D () C:\Users\Asus\Desktop\Serwer Minecraft

2014-05-10 14:04 - 2014-05-10 14:04 - 00001050 _____ () C:\Users\Asus\Desktop\ts3.lnk

2014-05-09 22:40 - 2014-01-05 23:23 - 00000000 ____D () C:\Users\Asus\AppData\Local\NVIDIA Corporation

2014-05-09 22:33 - 2014-05-09 22:33 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft

2014-05-09 11:21 - 2014-05-09 11:21 - 00293736 _____ () C:\Windows\Minidump\050914-15849-01.dmp

2014-05-07 10:03 - 2014-05-07 10:03 - 00293736 _____ () C:\Windows\Minidump\050714-17378-01.dmp

2014-05-07 09:48 - 2013-08-29 15:06 - 00004040 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-05-07 09:48 - 2013-08-29 15:06 - 00003788 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-05-04 16:04 - 2014-04-16 17:31 - 00000000 ____D () C:\Users\Asus\Documents\OMC ModPack

2014-05-02 11:27 - 2013-12-24 21:00 - 00000000 ____D () C:\Users\Asus\Desktop\Instalki gry

2014-05-02 11:19 - 2014-05-02 11:19 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\NVIDIA

2014-05-01 15:47 - 2014-03-13 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2014-05-01 15:47 - 2013-08-29 15:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-05-01 15:46 - 2013-08-29 15:19 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-05-01 15:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help

2014-05-01 15:45 - 2013-08-29 15:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-05-01 15:14 - 2014-05-01 15:14 - 00293768 _____ () C:\Windows\Minidump\050114-14008-01.dmp

2014-05-01 12:57 - 2013-09-11 18:31 - 00000000 ____D () C:\Users\Asus\AppData\Local\Adobe

2014-05-01 10:43 - 2013-08-30 19:46 - 00000000 ____D () C:\Users\Asus\AppData\Local\GG

2014-04-30 14:47 - 2014-04-30 14:47 - 00000930 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk

2014-04-30 14:47 - 2014-04-30 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

2014-04-30 14:47 - 2014-04-30 14:47 - 00000000 ____D () C:\Program Files\CPUID

2014-04-30 14:26 - 2014-04-30 14:26 - 00293760 _____ () C:\Windows\Minidump\043014-14820-01.dmp

2014-04-30 14:24 - 2014-04-30 14:24 - 00293776 _____ () C:\Windows\Minidump\043014-14554-01.dmp

2014-04-30 14:19 - 2014-04-30 14:19 - 00262144 _____ () C:\Windows\Minidump\043014-16473-01.dmp

2014-04-30 14:17 - 2014-04-30 14:17 - 00293296 _____ () C:\Windows\Minidump\043014-15147-01.dmp

2014-04-30 14:14 - 2014-04-30 14:14 - 00293768 _____ () C:\Windows\Minidump\043014-15631-01.dmp

2014-04-30 12:55 - 2013-08-29 15:25 - 00000000 ____D () C:\ProgramData\Adobe

2014-04-30 06:53 - 2009-07-14 06:45 - 05022112 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-29 15:04 - 2014-04-29 15:04 - 00001425 _____ () C:\Users\Asus\Desktop\Photoshop.lnk

2014-04-29 15:04 - 2013-08-30 19:47 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\Adobe

2014-04-29 15:04 - 2013-08-29 15:18 - 00095360 _____ () C:\Users\Asus\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-29 15:03 - 2014-04-29 15:03 - 00000902 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk

2014-04-29 15:03 - 2014-04-29 15:03 - 00000876 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk

2014-04-29 15:03 - 2014-04-29 15:03 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-04-29 15:03 - 2014-04-29 15:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-04-29 15:02 - 2014-04-29 15:02 - 00001483 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk

2014-04-29 15:02 - 2014-04-29 15:02 - 00000951 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk

2014-04-29 15:02 - 2013-08-29 15:25 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-04-28 20:57 - 2014-04-28 20:57 - 00293504 _____ () C:\Windows\Minidump\042814-15802-01.dmp

2014-04-28 20:57 - 2014-04-28 19:52 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-28 19:52 - 2014-04-28 19:52 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-27 09:27 - 2014-03-13 16:42 - 00007604 _____ () C:\Users\Asus\AppData\Local\Resmon.ResmonCfg

2014-04-26 14:08 - 2014-04-26 14:08 - 00000000 ____D () C:\Users\Asus\Documents\Ghost Games

2014-04-21 23:10 - 2014-04-18 14:01 - 00000000 ____D () C:\Users\Asus\AppData\Local\Windows Live

2014-04-21 08:27 - 2014-03-30 12:27 - 00001912 _____ () C:\Windows\epplauncher.mif

2014-04-21 08:27 - 2014-03-02 00:17 - 00000000 ____D () C:\Users\Asus\AppData\Local\CrashDumps

2014-04-21 08:25 - 2014-04-21 08:25 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2014-04-21 08:25 - 2014-04-21 08:25 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-04-21 08:25 - 2014-04-21 08:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2014-04-21 08:14 - 2014-02-22 18:06 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-04-20 16:12 - 2014-04-20 16:12 - 00293792 _____ () C:\Windows\Minidump\042014-18174-01.dmp

2014-04-20 15:00 - 2013-11-29 16:01 - 00000000 ____D () C:\ProgramData\Oracle

2014-04-20 14:59 - 2014-04-20 14:57 - 00004030 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log

2014-04-20 14:59 - 2013-08-30 19:21 - 00000000 ____D () C:\Program Files (x86)\Java

2014-04-20 10:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-04-19 10:35 - 2014-01-16 19:55 - 00000000 ____D () C:\Windows\system32\MRT

2014-04-19 10:31 - 2014-01-16 19:55 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-04-19 10:22 - 2014-04-19 10:22 - 00293792 _____ () C:\Windows\Minidump\041914-14976-01.dmp

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-05-10 16:26

 

==================== End Of Log ============================

 

 

 

Addition.txt

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014

Ran by Asus at 2014-05-19 19:08:11

Running from C:\Users\Asus\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

 

==================== Installed Programs ======================

 

"Assassin's Creed IV - Black Flag" (HKLM-x32\...\{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1) (Version: 1.01.0.0 - )

"FIFA 14" (HKLM-x32\...\{6049054B-DB11-48E1-A583-9A565D5C8856}_is1) (Version: 1.3.0.0 - )

«The Witcher 2 - Assassins of Kings. Enhanced Edition» (HKLM-x32\...\«The Witcher 2 - Assassins of Kings. Enhanced Edition»_is1) (Version:  - CD Projekt RED)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)

Adobe Reader 9.1 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)

Aktualizacje NVIDIA 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden

Any Video Converter 5.5.9 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)

ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)

ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden

ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.018 - ASUSTek Computer Inc.)

Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 5.5 - Auslogics Software Pty Ltd)

Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)

Call of Duty Ghosts (HKLM-x32\...\Call of Duty Ghosts_is1) (Version: Call of Duty Ghosts - )

CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Debugging Tools for Windows (x86) (HKLM-x32\...\{83DD27C9-CDC2-489A-87FA-8622C1F8F8EC}) (Version: 6.11.1.402 - Microsoft Corporation)

DEVIL MAY CRY 4 (HKLM\...\{D4E5A687-797D-44B1-8F96-4FD7A24166A9}) (Version: 1.00.000 - CAPCOM CO., LTD.)

DEVIL MAY CRY 4 (HKLM-x32\...\{D4E5A687-797D-44B1-8F96-4FD7A24166A9}) (Version: 1.00.000 - CAPCOM CO., LTD.)

Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )

Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)

Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

GG (HKCU\...\GG) (Version: 11 - GG Network S.A.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)

Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden

Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)

K-Lite Codec Pack 10.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )

League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)

League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden

Medal of Honor Warfighter (HKLM-x32\...\Medal of Honor Warfighter_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Access MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft DCF MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Excel MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)

Microsoft Groove MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft InfoPath MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Lync MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

Microsoft Office OSM MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Office OSM UX MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft OneNote MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Outlook MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft PowerPoint MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Publisher MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Word MUI (Polish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Minecraft1.7.9 (HKLM-x32\...\Minecraft1.7.9) (Version:  - )

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden

NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden

NVIDIA Sterownik 3D Vision 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)

NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Sterownik graficzny 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)

NVIDIA Sterownik kontrolera 3D Vision 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation)

NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden

OMC ModPack wersja 0.9.0.0 (HKLM-x32\...\{CF9086F7-0490-42CE-8029-09CCB8FB942A}_is1) (Version: 0.9.0.0 - Odem Mortis)

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

OpenFM (HKCU\...\OpenFM) (Version: 2 - GG Network S.A.)

Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)

Panel sterowania NVIDIA 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

PITy2013 IPS 1.5.2.0 kompilacja:1.5.3.10 (HKLM-x32\...\PITy2013IPS_is1) (Version:  - IPS Przedsiębiorstwo Informatyczne)

Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.78.1218.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)

Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)

SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden

Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)

System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)

TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition_is1) (Version:  - )

Tropico 3 (HKLM-x32\...\{6CA1CD8C-2D65-491E-9467-00A3ACA4A0A9}) (Version: 1.00.0000 - Kalypso)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

Обновление 2.0.0.0 для игры «Ведьмак 2: Убийцы королей» (HKLM-x32\...\{34D1912D-12A3-430E-AB7B-11E32BC02A4C}_update2.0.0.0) (Version: 2.0.0.0 - )

 

==================== Restore Points  =========================

 

14-05-2014 18:37:53 Windows Update

18-05-2014 08:07:19 Windows Update

 

==================== Hosts content: ==========================

 

2009-07-14 04:34 - 2014-04-28 16:41 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {01E19D4E-3C97-48B3-95F8-7E0B808D65DD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-29] (Google Inc.)

Task: {05ECB4EC-68E7-448E-88F5-CB2D73222090} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)

Task: {2D1BC376-FD46-4CA8-977F-0E72CBE313DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\Programy\Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

Task: {32B28C06-B425-4524-B05D-1A251422B654} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)

Task: {36EC9C7D-1B7A-4783-8060-3B3749F8E748} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe

Task: {47F5141F-8B6F-4BCF-AC0E-81F338F43486} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-29] (Google Inc.)

Task: {73DFC435-E5B0-4950-84A8-51D0B18BBF9E} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe

Task: {C6FC705C-2151-43F9-88DB-670FF9B359F6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\Programy\Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

Task: {F6FAE3F6-A1CF-4463-99C0-958853DB209F} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Asus-Komputer-Asus Asus-Komputer => D:\Programy\Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-05-01 15:46 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-02-19 17:55 - 2013-12-10 15:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2014-05-14 19:56 - 2014-05-08 01:29 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll

2014-05-14 19:56 - 2014-05-08 01:29 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll

2014-05-14 19:56 - 2014-05-08 01:29 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll

2014-05-14 19:56 - 2014-05-08 01:29 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll

2014-05-14 19:56 - 2014-05-08 01:29 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll

2014-05-14 19:56 - 2014-05-08 01:29 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll

2014-03-25 18:27 - 2014-04-09 18:57 - 00198656 _____ () D:\Gry\World of Tanks\voip.dll

2014-03-25 18:27 - 2014-04-09 18:57 - 00323568 _____ () D:\Gry\World of Tanks\ortp.dll

2014-03-25 18:27 - 2014-02-05 19:41 - 00270336 _____ () D:\Gry\World of Tanks\libcurl.dll

2014-04-10 16:31 - 2014-04-09 13:37 - 00107888 _____ () D:\Gry\World of Tanks\librsync.dll

2014-03-25 18:27 - 2014-02-05 19:41 - 00386600 _____ () D:\Gry\World of Tanks\NxCooking.dll

2014-03-25 18:27 - 2014-02-05 19:41 - 00071208 _____ () D:\Gry\World of Tanks\PhysXLoader.dll

2014-04-16 10:51 - 2014-04-09 18:57 - 20656128 _____ () D:\Gry\World of Tanks\res\awesomium\awesomium.dll

2014-05-14 19:56 - 2014-05-08 01:29 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\ProgramData\TEMP:07BF512B

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

 

==================== EXE Association (whitelisted) =============

 

 

==================== Disabled items from MSCONFIG ==============

 

MSCONFIG\Services: ASGT => 2

MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Programy\Daemon\DAEMON Tools Lite\daemon.exe" -autorun

MSCONFIG\startupreg: NvidiaHostStart => C:\Users\Asus\AppData\Local\NVIDIA Corporation\nvsync.exe

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (05/19/2014 06:50:37 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

 

Error: (05/19/2014 05:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/19/2014 04:29:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/19/2014 10:46:34 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418231

 

Error: (05/19/2014 10:38:11 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/18/2014 11:02:58 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

 

Error: (05/18/2014 04:31:18 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

 

Error: (05/18/2014 04:28:34 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Program Globe Converter Mw3 Exe__3039_i691747860_il15587385.exe w wersji 1.1.5.90 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.

 

Identyfikator procesu: c14

 

Godzina rozpoczęcia: 01cf72a542b30ac9

 

Godzina zakończenia: 4

 

Ścieżka aplikacji: C:\Users\Asus\Desktop\Globe Converter Mw3 Exe__3039_i691747860_il15587385.exe

 

Identyfikator raportu:

 

Error: (05/18/2014 10:10:10 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418231

 

Error: (05/18/2014 10:01:48 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (05/19/2014 05:15:16 PM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )

Description: 0x80070422

 

Error: (05/19/2014 05:15:16 PM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )

Description: 0x80070422

 

Error: (05/19/2014 05:14:41 PM) (Source: BugCheck) (EventID: 1001) (User: )

Description: 0x00000109 (0xa3a039d89c243848, 0xb3b7465eeea1079e, 0xfffff8000342df10, 0x0000000000000001)C:\Windows\MEMORY.DMP051914-12136-01

 

Error: (05/19/2014 05:14:41 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Poprzednie zamknięcie systemu przy 17:13:14 na ‎2014-‎05-‎19 było nieoczekiwane.

 

Error: (05/19/2014 04:28:34 PM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )

Description: 0x80070422

 

Error: (05/19/2014 04:28:33 PM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )

Description: 0x80070422

 

Error: (05/19/2014 10:36:47 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )

Description: 0x80070422

 

Error: (05/19/2014 10:36:47 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )

Description: 0x80070422

 

Error: (05/18/2014 04:31:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Usługa Update HulaToo niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

 

Error: (05/18/2014 10:00:24 AM) (Source: WMPNetworkSvc) (EventID: 14338) (User: )

Description: 0x80070422

 

 

Microsoft Office Sessions:

=========================

Error: (05/19/2014 06:50:37 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

 

Error: (05/19/2014 05:16:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/19/2014 04:29:59 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/19/2014 10:46:34 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418231

 

Error: (05/19/2014 10:38:11 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/18/2014 11:02:58 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

 

Error: (05/18/2014 04:31:18 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )

Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

 

Error: (05/18/2014 04:28:34 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Globe Converter Mw3 Exe__3039_i691747860_il15587385.exe1.1.5.90c1401cf72a542b30ac94C:\Users\Asus\Desktop\Globe Converter Mw3 Exe__3039_i691747860_il15587385.exe

 

Error: (05/18/2014 10:10:10 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418231

 

Error: (05/18/2014 10:01:48 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 36%

Total physical RAM: 8144.51 MB

Available physical RAM: 5146.54 MB

Total Pagefile: 16287.2 MB

Available Pagefile: 12500.36 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:195.21 GB) (Free:54.46 GB) NTFS

Drive d: (Dane) (Fixed) (Total:736.2 GB) (Free:398.17 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 961C7AC9)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=736 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

 

 

 

shortcut.txt

 

 

 

Users shortcut scan result (x64) Version: 17-05-2014

Ran by Asus at 2014-05-19 19:09:02

Running from C:\Users\Asus\Desktop

Boot Mode: Normal

==================== Shortcuts =============================

 

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk -> D:\Programy\PhotoShop CS6\Adobe Bridge CS6 (64 Bit)\Bridge.exe (Adobe Systems, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe (Adobe Systems Incorporated)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk -> D:\Programy\PhotoShop CS6\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe (Adobe Systems Incorporated)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk -> D:\Programy\PhotoShop CS6\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-A91000000001}\SC_Reader.ico ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeui.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks\Deinstalacja programu World of Tanks.lnk -> D:\Gry\World of Tanks\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks\World of Tanks.lnk -> D:\Gry\World of Tanks\WOTLauncher.exe (Wargaming.net)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Rockstar Games Social Club.lnk -> D:\Gry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto IV\Grand Theft Auto IV.lnk -> D:\Gry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Media Player Classic.lnk -> C:\Program Files (x86)\Real Alternative\Media Player Classic\mplayerc.exe (Gabest)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Uninstall\Uninstall Real Alternative.lnk -> C:\Program Files (x86)\Real Alternative\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Help\FAQ.lnk -> C:\Program Files (x86)\Real Alternative\Info\faq.htm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Configuration\RealMedia.lnk -> C:\Program Files (x86)\Real Alternative\settings.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O22y Inc\Call of Duty Ghosts\Call of Duty Ghosts.lnk -> D:\Gry\Call of Duty Ghosts\iw6sp64_ship.exe (Activision)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O22y Inc\Call of Duty Ghosts\Deinstalacja programu Call of Duty Ghosts.lnk -> D:\Gry\Call of Duty Ghosts\Uninstall\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Centrum przekazywania pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Database Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Dziennik telemetryczny dla pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Preferencje językowe pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\misc.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Telemetryczny pulpit nawigacyjny dla pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> D:\Programy\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (MPC-HC Team)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext (x64).lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext64.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk -> D:\Programy\Fraps\fraps.exe (Beepa P/L)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk -> D:\Programy\Fraps\uninstall.exe (Beepa Pty Ltd)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14\Check for updates.lnk -> D:\Gry\FIFA 14\GameUpdater.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14\FIFA 14.lnk -> D:\Gry\FIFA 14\Game\fifasetup\fifaconfig.exe (Electronic Arts Canada)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14\Uninstall.lnk -> D:\Gry\FIFA 14\Uninstall\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)\Debugging Help.lnk -> C:\Program Files (x86)\Debugging Tools for Windows (x86)\debugger.chm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)\Global Flags.lnk -> C:\Program Files (x86)\Debugging Tools for Windows (x86)\gflags.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)\Release Notes.lnk -> C:\Program Files (x86)\Debugging Tools for Windows (x86)\relnotes.txt ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)\WinDbg.lnk -> C:\Program Files (x86)\Debugging Tools for Windows (x86)\windbg.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Projekt RED\The Witcher 2 - Assassins of Kings. Enhanced Edition\Deinstalacja programu The Witcher 2 - Assassins of Kings. Enhanced Edition.lnk -> D:\Gry\The Witcher 2 - Assassins of Kings. Enhanced Edition\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Projekt RED\The Witcher 2 - Assassins of Kings. Enhanced Edition\The Witcher 2 - Assassins of Kings. Enhanced Edition.lnk -> D:\Gry\The Witcher 2 - Assassins of Kings. Enhanced Edition\Launcher.exe (CD Projekt RED)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\The Elder Scrolls V Skyrim - Legendary Edition\Deinstalacja programu The Elder Scrolls V Skyrim - Legendary Edition.lnk -> D:\Gry\The Elder Scrolls V Skyrim - Legendary Edition\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\The Elder Scrolls V Skyrim - Legendary Edition\The Elder Scrolls V Skyrim - Legendary Edition.lnk -> D:\Gry\The Elder Scrolls V Skyrim - Legendary Edition\Launcher.exe (Bethesda Softworks)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\BoostSpeed\Auslogics BoostSpeed on the Web.lnk -> C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\boostspeed.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\BoostSpeed\Auslogics BoostSpeed.lnk -> C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe (Auslogics)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\BoostSpeed\Auslogics Rescue Center.lnk -> C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\RescueCenter.exe (Auslogics)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS GPU Tweak.lnk -> C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe (ASUS)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Assassin's Creed IV - Black Flag.lnk -> D:\Gry\Assassin's Creed IV - Black Flag\Launcher.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Check for updates.lnk -> D:\Gry\Assassin's Creed IV - Black Flag\GameUpdater.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Manual.lnk -> D:\Gry\Assassin's Creed IV - Black Flag\Support\Manual\English\AssassinsCreed.pdf ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Uninstall.lnk -> D:\Gry\Assassin's Creed IV - Black Flag\Uninstall\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter.lnk -> D:\Programy\Any Video Converter\AVCFree.exe (Anvsoft Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Deinstalacja programu Any Video Converter.lnk -> D:\Programy\Any Video Converter\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Strona WWW programu Any Video Converter.lnk -> D:\Programy\Any Video Converter\AVCFree.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\DisplaySwitch.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C3136F22-6E6B-4DBF-83A6-54C4E31AE375}\PlayTasks\0\Uruchom.lnk -> D:\Gry\Tropico 3\tropico3.exe (Haemimont Games)

Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B526365A-13FF-437D-9291-C3EE01B5689E}\PlayTasks\0\Play.lnk -> D:\Gry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG)

Shortcut: C:\Users\Asus\Links\Desktop.lnk -> C:\Users\Asus\Desktop ()

Shortcut: C:\Users\Asus\Links\Downloads.lnk -> C:\Users\Asus\Downloads ()

Shortcut: C:\Users\Asus\Links\GG dysk.lnk -> C:\Users\Asus\GG dysk ()

Shortcut: C:\Users\Asus\Favorites\GG dysk.lnk -> C:\Users\Asus\GG dysk ()

Shortcut: C:\Users\Asus\Documents\Euro Truck Simulator 2\readme.rtf.lnk -> D:\Gry\Euro Truck Simulator 2\readme.rtf (No File)

Shortcut: C:\Users\Asus\Desktop\Auslogics BoostSpeed.lnk -> C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe (Auslogics)

Shortcut: C:\Users\Asus\Desktop\bf4.lnk -> D:\Gry\Battlefield 4\bf4.exe (EA Digital Illusions CE AB)

Shortcut: C:\Users\Asus\Desktop\Call of Duty Ghosts.lnk -> D:\Gry\Call of Duty Ghosts\iw6sp64_ship.exe (Activision)

Shortcut: C:\Users\Asus\Desktop\Call of Juarez Gunslinger.lnk -> D:\Gry\Call of Juarez Gunslinger\CoJGunslinger.exe (Techland)

Shortcut: C:\Users\Asus\Desktop\GG.lnk -> C:\Users\Asus\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)

Shortcut: C:\Users\Asus\Desktop\League of Legends.lnk -> D:\Gry\League of Legends\lol.launcher.exe ()

Shortcut: C:\Users\Asus\Desktop\Medal of Honor Warfighter.lnk -> D:\Gry\Medal of Honor Warfighter\MOHW.exe (Danger Close Games)

Shortcut: C:\Users\Asus\Desktop\OpenFM.lnk -> C:\Users\Asus\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)

Shortcut: C:\Users\Asus\Desktop\Photoshop.lnk -> D:\Programy\PhotoShop CS6\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)

Shortcut: C:\Users\Asus\Desktop\PITy 2013.lnk -> D:\Programy\PITy2013NG\PITy2013NG.exe (IPS Przedsiębiorstwo Informatyczne)

Shortcut: C:\Users\Asus\Desktop\Rome Total War 2.lnk -> D:\Gry\Rome Total War 2\Rome2.exe (The Creative Assembly Ltd)

Shortcut: C:\Users\Asus\Desktop\The Witcher 2 - Assassins of Kings. Enhanced Edition.lnk -> D:\Gry\The Witcher 2 - Assassins of Kings. Enhanced Edition\Launcher.exe (CD Projekt RED)

Shortcut: C:\Users\Asus\Desktop\Tropico 3.lnk -> D:\Gry\Tropico 3\tropico3.exe (Haemimont Games)

Shortcut: C:\Users\Asus\Desktop\ts3.lnk -> D:\Programy\ts3\ts3client_win32.exe (TeamSpeak Systems GmbH)

Shortcut: C:\Users\Asus\Desktop\µTorrent.lnk -> C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)

Shortcut: C:\Users\Asus\Desktop\World of Tanks\OMC ModPack Aktualizacja-Ponownia konfiguracja.lnk -> C:\Users\Asus\Documents\OMC ModPack\OMC ModPack Client.exe ()

Shortcut: C:\Users\Asus\Desktop\World of Tanks\Do nagrań\AVCFree.lnk -> D:\Programy\Any Video Converter\AVCFree.exe (Anvsoft Inc.)

Shortcut: C:\Users\Asus\Desktop\World of Tanks\Do nagrań\Fraps.lnk -> D:\Programy\Fraps\fraps.exe (Beepa P/L)

Shortcut: C:\Users\Asus\Desktop\Serwer Minecraft\LogMeIn Hamachi.lnk -> D:\Programy\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

Shortcut: C:\Users\Asus\Desktop\Serwer Minecraft\Minecraft.lnk -> C:\Users\Asus\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe (TeamExtreme)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Asus\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Asus\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> D:\Programy\ts3\ts3client_win32.exe (TeamSpeak Systems GmbH)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> D:\Programy\ts3\Uninstall.exe (TeamSpeak Systems GmbH)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> C:\Users\Asus\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe (TeamExtreme)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Uninstall.lnk -> C:\Users\Asus\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe ()

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()

Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)

Shortcut: C:\Users\Asus\AppData\Local\OpenFM\Application\openfm.lnk -> C:\Users\Asus\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)

Shortcut: C:\Users\Asus\AppData\Local\GG\Application\gg.lnk -> C:\Users\Asus\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)

Shortcut: C:\Users\Public\Desktop\Assassin's Creed IV - Black Flag.lnk -> D:\Gry\Assassin's Creed IV - Black Flag\Launcher.exe ()

Shortcut: C:\Users\Public\Desktop\CPUID HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)

Shortcut: C:\Users\Public\Desktop\FIFA 14.lnk -> D:\Gry\FIFA 14\Game\fifasetup\fifaconfig.exe (Electronic Arts Canada)

Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

Shortcut: C:\Users\Public\Desktop\Grand Theft Auto IV.lnk -> D:\Gry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG)

Shortcut: C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> D:\Programy\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe ()

Shortcut: C:\Users\Public\Desktop\The Elder Scrolls V Skyrim - Legendary Edition.lnk -> D:\Gry\The Elder Scrolls V Skyrim - Legendary Edition\Launcher.exe (Bethesda Softworks)

Shortcut: C:\Users\Public\Desktop\World of Tanks.lnk -> D:\Gry\World of Tanks\WOTLauncher.exe (Wargaming.net)

 

 

 

 

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto IV\Grand Theft Auto IV Safe Mode.lnk -> D:\Gry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG) -> -safemode

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto IV\Revoke License.lnk -> D:\Gry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG) ->  /revoke

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {C22378E6-9A65-438E-964C-7DB8FBB568DE} REMOVE=ALL

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)\Uninstall Debugging Tools for Windows (x86).lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {83DD27C9-CDC2-489A-87FA-8622C1F8F8EC}

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{B526365A-13FF-437D-9291-C3EE01B5689E}\PlayTasks\3\Revoke License.lnk -> D:\Gry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG) -> /revoke

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{B526365A-13FF-437D-9291-C3EE01B5689E}\PlayTasks\2\Benchmark GTA IV.lnk -> D:\Gry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG) -> -benchmark

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{B526365A-13FF-437D-9291-C3EE01B5689E}\PlayTasks\1\Play (Safe Mode).lnk -> D:\Gry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG) -> -safemode

ShortcutWithArgument: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home

ShortcutWithArgument: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter

ShortcutWithArgument: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo

ShortcutWithArgument: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:

ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter

ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo

 

 

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks\Instrukcja do gry World of Tanks.url -> hxxp://worldoftanks.eu/content/guide/

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks\Strona WWW programu World of Tanks.url -> hxxp://www.worldoftanks.eu

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto IV\Support\Adobe Flash.url -> hxxp://www.adobe.com/products/flash/about

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto IV\Support\Games For Windows - LIVE.url -> hxxp://www.xbox.com/en-US/live/memberships/gamesforwindows.htm

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto IV\Support\Rockstar Games.url -> hxxp://www.rockstargames.com

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto IV\Support\Social Club.url -> hxxp://socialclub.rockstargames.com

InternetURL: C:\Users\Asus\Favorites\Windows Live\Galeria gadżetów Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkID=70742

InternetURL: C:\Users\Asus\Favorites\Windows Live\Poczta usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681

InternetURL: C:\Users\Asus\Favorites\Windows Live\Programy usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700

InternetURL: C:\Users\Asus\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682

InternetURL: C:\Users\Asus\Favorites\MSN — witryny sieci Web\MSN Gospodarka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923

InternetURL: C:\Users\Asus\Favorites\MSN — witryny sieci Web\MSN Rozrywka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924

InternetURL: C:\Users\Asus\Favorites\MSN — witryny sieci Web\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921

InternetURL: C:\Users\Asus\Favorites\MSN — witryny sieci Web\MSN Technologie.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143

InternetURL: C:\Users\Asus\Favorites\MSN — witryny sieci Web\MSN Wideo.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922

InternetURL: C:\Users\Asus\Favorites\MSN — witryny sieci Web\Portal MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\Centrum bezpieczeństwa Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkID=72887

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\Dodatki programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\Microsoft Office Online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72885

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\Microsoft Technet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72886

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\Microsoft w Polsce.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\Oryginalne oprogramowanie firmy Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72900

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\Strona główna programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\Strona główna systemu Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\Technologia RSS.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72889

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\W domu.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406

InternetURL: C:\Users\Asus\Favorites\Microsoft — witryny sieci Web\W pracy.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72407

InternetURL: C:\Users\Asus\Favorites\Links for Polska\Bezpieczeństwo w trybie online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=142211

InternetURL: C:\Users\Asus\Favorites\Links for Polska\Bezpieczny Internet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129626

InternetURL: C:\Users\Asus\Favorites\Links for Polska\Kultura.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129625

InternetURL: C:\Users\Asus\Favorites\Links for Polska\Pogodynka.pl — oficjalny serwis pogodowy IMGW.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129624

InternetURL: C:\Users\Asus\Favorites\Links for Polska\Polska.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129622

InternetURL: C:\Users\Asus\Desktop\Instalki gry\Max Payne2\help\register.url -> hxxp://www.rockstargames.com/register

InternetURL: C:\Users\Asus\Desktop\Instalki gry\Max Payne2\help\support.url -> hxxp://www.maxpayne2.com/support

InternetURL: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com

InternetURL: C:\Users\Asus\AppData\Roaming\.minecraft\Read Me!.url -> hxxp://welcome.teamextrememc.com

 

==================== End of log =============================

 

Logi z OTL wrzucę zaraz.

 

OTL.txt

OTL logfile created on: 2014-05-19 19:08:54 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Asus\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16521)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

7,95 Gb Total Physical Memory | 5,01 Gb Available Physical Memory | 63,04% Memory free

15,91 Gb Paging File | 12,19 Gb Available in Paging File | 76,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 54,46 Gb Free Space | 27,90% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 398,17 Gb Free Space | 54,08% Space Free | Partition Type: NTFS

 

Computer Name: ASUS-KOMPUTER | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014-05-19 19:08:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

PRC - [2014-05-13 20:41:15 | 018,314,096 | ---- | M] (Wargaming.net) -- D:\Gry\World of Tanks\WorldOfTanks.exe

PRC - [2014-05-13 14:29:30 | 003,814,736 | ---- | M] (LogMeIn Inc.) -- D:\Programy\Hamachi\hamachi-2-ui.exe

PRC - [2014-05-08 12:52:32 | 000,704,112 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginServices\PluginService.exe

PRC - [2014-05-08 01:29:35 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2014-04-02 15:29:05 | 002,201,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

PRC - [2014-04-02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

PRC - [2013-12-19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2013-12-10 15:27:58 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2013-12-10 15:27:54 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

PRC - [2013-09-17 07:49:50 | 000,292,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

PRC - [2013-05-10 05:48:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2014-05-08 01:29:33 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppgooglenaclpluginchrome.dll

MOD - [2014-05-08 01:29:32 | 013,695,816 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll

MOD - [2014-05-08 01:29:31 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll

MOD - [2014-05-08 01:29:27 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll

MOD - [2014-05-08 01:29:27 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll

MOD - [2014-05-08 01:29:26 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll

MOD - [2014-05-08 01:29:24 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll

MOD - [2014-04-09 18:57:05 | 020,656,128 | ---- | M] () -- D:\Gry\World of Tanks\res\awesomium\awesomium.dll

MOD - [2014-04-09 18:57:05 | 000,323,568 | ---- | M] () -- D:\Gry\World of Tanks\ortp.dll

MOD - [2014-04-09 18:57:05 | 000,198,656 | ---- | M] () -- D:\Gry\World of Tanks\voip.dll

MOD - [2014-04-09 13:37:40 | 000,107,888 | ---- | M] () -- D:\Gry\World of Tanks\librsync.dll

MOD - [2014-02-05 19:41:19 | 000,386,600 | ---- | M] () -- D:\Gry\World of Tanks\NxCooking.dll

MOD - [2014-02-05 19:41:19 | 000,270,336 | ---- | M] () -- D:\Gry\World of Tanks\libcurl.dll

MOD - [2014-02-05 19:41:19 | 000,071,208 | ---- | M] () -- D:\Gry\World of Tanks\PhysXLoader.dll

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - [2014-04-02 15:28:36 | 020,541,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)

SRV:64bit: - [2014-03-11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2014-03-11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2014-03-01 06:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2013-08-27 15:32:30 | 000,828,376 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®

SRV:64bit: - [2013-08-27 15:32:14 | 000,747,520 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®

SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2014-05-14 20:32:42 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014-05-13 14:29:26 | 002,228,048 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Programy\Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2014-05-08 12:52:32 | 000,704,112 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices)

SRV - [2014-04-02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)

SRV - [2014-01-29 00:27:58 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2013-12-19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2013-12-10 15:27:58 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2013-12-10 15:27:54 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)

SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2012-01-17 11:24:10 | 000,055,296 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\ASGT.exe -- (ASGT)

SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2014-04-28 20:57:43 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)

DRV:64bit: - [2014-03-21 21:43:52 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)

DRV:64bit: - [2014-03-11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2013-12-18 12:34:38 | 000,888,536 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2013-12-10 15:27:54 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)

DRV:64bit: - [2013-11-28 15:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2013-10-02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2013-09-17 07:48:32 | 000,795,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)

DRV:64bit: - [2013-09-17 07:48:32 | 000,358,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)

DRV:64bit: - [2013-09-17 07:48:32 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)

DRV:64bit: - [2013-09-04 19:57:10 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010-07-01 15:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)

DRV:64bit: - [2010-02-23 07:46:36 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)

DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009-03-18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV - [2014-05-19 17:40:25 | 000,045,352 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A4DEB153-33DE-435B-A531-5849BC631D54}\MpKsl620f45f4.sys -- (MpKsl620f45f4)

DRV - [2014-05-19 16:30:18 | 000,045,352 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A4DEB153-33DE-435B-A531-5849BC631D54}\MpKsl48e68be7.sys -- (MpKsl48e68be7)

DRV - [2013-11-27 10:21:22 | 000,000,000 | ---- | M] () [Kernel | Disabled | Running] -- C:\Windows\SysWOW64\drivers\IOMAP64.SYS -- (IOMap)

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://istart.webssearches.com/web/?type=ds&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417&q={searchTerms}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1400423263&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Programy\Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

 

 

[2013-08-30 19:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions

 

========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://istart.webssearches.com/?type=hppp&ts=1400517091&from=amt&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S498341783417

CHR - plugin: Error reading preferences file

CHR - Extension: AdBlock = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.34_0\

CHR - Extension: Google Wallet = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

 

O1 HOSTS File: ([2014-04-28 16:41:31 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\Office\Office15\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [shadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Programy\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

O4 - HKCU..\Run: [] C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Office\Office15\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Office\Office15\EXCEL.EXE (Microsoft Corporation)

O1364bit: - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 10.55.2)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.55.2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{339DB607-6D52-4429-9679-EA646E515218}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\Office\Office15\MSOSB.DLL (Microsoft Corporation)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~2.DLL) - C:\Program Files (x86)\SupTab\SearchProtect64.dll (Skytech Co., Ltd.)

O20 - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~1.DLL) - C:\Program Files (x86)\SupTab\SearchProtect32.dll (Skytech Co., Ltd.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014-05-19 19:08:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2014-05-19 19:07:22 | 000,000,000 | ---D | C] -- C:\FRST

[2014-05-19 19:07:01 | 002,067,456 | ---- | C] (Farbar) -- C:\Users\Asus\Desktop\FRST64.exe

[2014-05-18 16:52:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O22y Inc

[2014-05-18 16:28:13 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\SupTab

[2014-05-18 16:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices

[2014-05-18 16:28:11 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM

[2014-05-18 16:28:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab

[2014-05-18 16:27:46 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\webssearches

[2014-05-14 14:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

[2014-05-09 22:43:59 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\LogMeIn Hamachi

[2014-05-09 22:33:49 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft

[2014-05-09 22:33:36 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\.minecraft

[2014-05-09 22:28:52 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Serwer Minecraft

[2014-05-02 11:19:08 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\NVIDIA

[2014-05-01 15:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2014-05-01 15:46:26 | 006,671,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2014-05-01 15:46:26 | 003,490,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2014-05-01 15:46:26 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2014-05-01 15:46:26 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2014-05-01 15:46:26 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2014-05-01 15:45:59 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2014-05-01 15:45:59 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2014-05-01 15:44:14 | 030,372,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2014-05-01 15:44:14 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2014-05-01 15:44:14 | 022,960,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2014-05-01 15:44:14 | 018,310,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2014-05-01 15:44:14 | 018,222,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2014-05-01 15:44:14 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2014-05-01 15:44:14 | 015,877,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2014-05-01 15:44:14 | 015,230,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2014-05-01 15:44:14 | 011,605,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2014-05-01 15:44:14 | 011,554,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2014-05-01 15:44:14 | 009,700,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2014-05-01 15:44:14 | 009,657,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2014-05-01 15:44:14 | 003,132,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2014-05-01 15:44:14 | 003,125,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2014-05-01 15:44:14 | 003,071,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2014-05-01 15:44:14 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2014-05-01 15:44:14 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2014-05-01 15:44:14 | 002,698,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2014-05-01 15:44:14 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433221.dll

[2014-05-01 15:44:14 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll

[2014-05-01 15:44:14 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433221.dll

[2014-05-01 15:44:14 | 001,436,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2014-05-01 15:44:14 | 001,242,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2014-05-01 15:44:14 | 000,882,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll

[2014-05-01 15:44:14 | 000,879,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll

[2014-05-01 15:44:14 | 000,852,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll

[2014-05-01 15:44:14 | 000,847,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll

[2014-05-01 15:44:14 | 000,479,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll

[2014-05-01 15:44:14 | 000,405,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll

[2014-05-01 15:44:14 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll

[2014-05-01 15:44:14 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll

[2014-05-01 15:44:14 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys

[2014-05-01 15:44:14 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2014-05-01 15:44:14 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2014-05-01 15:44:14 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

[2014-04-30 14:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

[2014-04-30 14:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID

[2014-04-29 15:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe

[2014-04-29 15:00:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2014-04-28 19:52:53 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2014-04-28 19:52:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2014-04-27 09:36:40 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys

[2014-04-27 09:36:40 | 000,033,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll

[2014-04-26 14:08:12 | 000,000,000 | ---D | C] -- C:\Users\Asus\Documents\Ghost Games

[2014-04-21 08:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client

[2014-04-21 08:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2014-04-20 14:59:42 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2014-04-20 14:59:37 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2014-04-20 14:59:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2014-04-20 14:59:37 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

 

========== Files - Modified Within 30 Days ==========

 

[2014-05-19 19:08:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2014-05-19 19:07:02 | 002,067,456 | ---- | M] (Farbar) -- C:\Users\Asus\Desktop\FRST64.exe

[2014-05-19 18:54:07 | 000,072,349 | ---- | M] () -- C:\Users\Asus\Desktop\Przechwytywanie.JPG

[2014-05-19 18:53:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014-05-19 18:50:45 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014-05-19 18:32:02 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014-05-19 18:17:23 | 003,001,396 | ---- | M] () -- C:\Users\Asus\Desktop\Linkin Park Numb   .mp3

[2014-05-19 17:22:03 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014-05-19 17:22:03 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014-05-19 17:20:45 | 001,670,518 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2014-05-19 17:20:45 | 000,740,422 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2014-05-19 17:20:45 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2014-05-19 17:20:45 | 000,155,996 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2014-05-19 17:20:45 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2014-05-19 17:14:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014-05-19 17:14:34 | 606,815,398 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2014-05-19 17:14:33 | 2110,132,223 | -HS- | M] () -- C:\hiberfil.sys

[2014-05-18 16:53:29 | 000,000,000 | -HS- | M] () -- C:\Users\Asus\AppData\Local\LumaEmu

[2014-05-18 16:52:54 | 000,000,523 | ---- | M] () -- C:\Users\Asus\Desktop\Call of Duty Ghosts.lnk

[2014-05-18 16:34:52 | 000,002,149 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014-05-16 16:27:38 | 185,121,437 | ---- | M] () -- C:\Users\Asus\Desktop\Energy_Mix_vol_46_2014_320kb_niepodzielony.mp3

[2014-05-16 14:56:26 | 000,000,855 | ---- | M] () -- C:\Users\Asus\Desktop\µTorrent.lnk

[2014-05-14 20:32:40 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2014-05-14 20:32:40 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2014-05-14 14:02:29 | 000,000,626 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

[2014-05-10 14:04:02 | 000,001,050 | ---- | M] () -- C:\Users\Asus\Desktop\ts3.lnk

[2014-05-04 10:33:50 | 000,194,839 | ---- | M] () -- C:\Users\Asus\Desktop\DeathArmy_Kornel Kaczmarek.pdf

[2014-04-30 14:47:15 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk

[2014-04-30 06:53:58 | 005,022,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2014-04-29 15:04:11 | 000,001,425 | ---- | M] () -- C:\Users\Asus\Desktop\Photoshop.lnk

[2014-04-28 20:57:43 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2014-04-28 16:41:31 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts

[2014-04-27 09:27:39 | 000,007,604 | ---- | M] () -- C:\Users\Asus\AppData\Local\Resmon.ResmonCfg

[2014-04-21 08:27:55 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif

 

========== Files Created - No Company Name ==========

 

[2014-05-19 18:54:06 | 000,072,349 | ---- | C] () -- C:\Users\Asus\Desktop\Przechwytywanie.JPG

[2014-05-19 18:17:21 | 003,001,396 | ---- | C] () -- C:\Users\Asus\Desktop\Linkin Park Numb   .mp3

[2014-05-18 16:53:29 | 000,000,000 | -HS- | C] () -- C:\Users\Asus\AppData\Local\LumaEmu

[2014-05-18 16:52:54 | 000,000,523 | ---- | C] () -- C:\Users\Asus\Desktop\Call of Duty Ghosts.lnk

[2014-05-18 10:06:32 | 185,121,437 | ---- | C] () -- C:\Users\Asus\Desktop\Energy_Mix_vol_46_2014_320kb_niepodzielony.mp3

[2014-05-14 14:02:29 | 000,000,626 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

[2014-05-10 14:04:03 | 000,001,050 | ---- | C] () -- C:\Users\Asus\Desktop\ts3.lnk

[2014-05-04 10:33:50 | 000,194,839 | ---- | C] () -- C:\Users\Asus\Desktop\DeathArmy_Kornel Kaczmarek.pdf

[2014-05-01 15:46:26 | 003,539,040 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin

[2014-05-01 15:44:14 | 000,357,152 | ---- | C] () -- C:\Windows\SysNative\NvIFROpenGL.dll

[2014-05-01 15:44:14 | 000,314,656 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll

[2014-05-01 15:44:14 | 000,023,754 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb

[2014-04-30 14:47:15 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk

[2014-04-29 15:04:13 | 000,001,425 | ---- | C] () -- C:\Users\Asus\Desktop\Photoshop.lnk

[2014-04-29 15:03:32 | 000,000,902 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk

[2014-04-29 15:03:06 | 000,000,876 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk

[2014-04-29 15:02:21 | 000,000,951 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk

[2014-04-29 15:02:18 | 000,001,483 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk

[2014-04-21 08:25:36 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

[2014-03-13 16:42:23 | 000,007,604 | ---- | C] () -- C:\Users\Asus\AppData\Local\Resmon.ResmonCfg

[2014-02-20 11:37:33 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl

[2014-02-11 00:03:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat

[2014-01-05 23:48:00 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2014-01-05 23:47:40 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2013-12-18 23:33:48 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2013-12-18 19:16:48 | 001,642,188 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013-12-18 00:17:23 | 000,000,123 | ---- | C] () -- C:\Windows\disney.ini

[2013-11-27 10:21:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\IOMAP64.SYS

[2013-09-20 15:11:17 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI

[2013-08-29 15:06:00 | 000,054,627 | ---- | C] () -- C:\Windows\Ascd_log.ini

[2013-08-29 15:04:17 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2013-08-29 15:04:11 | 000,040,338 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

 

========== ZeroAccess Check ==========

 

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 

========== LOP Check ==========

 

[2014-05-19 18:34:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\.minecraft

[2014-03-29 18:13:54 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\AnvSoft

[2014-02-20 14:32:39 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Auslogics

[2014-05-19 18:31:30 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite

[2014-04-16 09:51:12 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Dropbox

[2014-04-16 09:51:12 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DropboxMaster

[2014-05-19 16:33:37 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GG

[2014-01-05 23:46:41 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Leadertech

[2013-08-30 21:32:15 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\LolClient

[2013-12-25 17:53:39 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Medal of Honor Warfighter

[2014-04-03 18:19:55 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\OpenFM

[2014-02-01 16:52:19 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Origin

[2014-04-15 09:54:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Publish Providers

[2014-02-16 15:02:38 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Riot Games

[2014-01-26 20:44:28 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Screaming Bee

[2014-05-18 16:28:13 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\SupTab

[2013-10-15 15:27:11 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\The Creative Assembly

[2014-05-18 15:38:06 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Tropico 3

[2014-01-17 23:10:52 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TS3Client

[2013-09-07 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TuneUp Software

[2014-02-12 21:50:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Tunngle

[2014-02-08 00:09:54 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Unity

[2014-05-19 18:31:30 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\uTorrent

[2014-01-04 13:53:48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Wargaming.net

[2014-05-18 16:34:58 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\webssearches

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:07BF512B

 

< End of report >

 

Extras.txt

 

OTL Extras logfile created on: 2014-05-19 19:08:54 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Asus\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16521)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

7,95 Gb Total Physical Memory | 5,01 Gb Available Physical Memory | 63,04% Memory free

15,91 Gb Paging File | 12,19 Gb Available in Paging File | 76,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 54,46 Gb Free Space | 27,90% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 398,17 Gb Free Space | 54,08% Space Free | Partition Type: NTFS

 

Computer Name: ASUS-KOMPUTER | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- D:\Programy\PhotoShop CS6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- D:\Programy\PhotoShop CS6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{10C36B9A-CD7B-40E8-81EE-53AD722925B4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 

"{1184C9FA-B59B-4DBB-B0A8-AFACFF4D46BD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 

"{149874E2-7F5F-4B07-9268-CB92EC65B87C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{1CA0B937-0710-4345-927E-2AE8FED5D74F}" = lport=139 | protocol=6 | dir=in | app=system | 

"{1F5705E9-E656-458E-B51D-B2D4ED6BAC5C}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 

"{1FC11284-C5E8-45F8-94B9-4A8333FA3B8A}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{247F9315-B4D1-4127-97DE-88AB3A889BC3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 

"{2A341346-BC47-498E-9B17-A0149D006E28}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{4B78B597-0597-47FD-BFA4-C7928E1F3461}" = rport=138 | protocol=17 | dir=out | app=system | 

"{5764AEEA-ADE4-482F-A5AB-49BC4B2B0935}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{5BA1B324-97B1-4BB2-A2B6-A03EFE97A822}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{604E95E9-83B2-4F99-841B-5BD9D48C94A2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 

"{63110AC3-1BB0-4974-AFD4-B5C197060EB1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{7659D4C1-A479-4E0B-9177-6D46645BDC72}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 

"{7929DF20-9B8D-47E1-A344-5A5DA0854B64}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{796821A3-09DA-4D38-9160-4B07EBBD4A1B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{7BCAD6D8-0774-4681-ADBD-E0E18571039B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 

"{7DF92774-8CEC-4385-8EAD-5A73B6EF5D13}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{7E058FE8-17A1-4DA0-AE13-34399990B42A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 

"{7F8D5CA9-BD55-4978-8127-958E7C70937F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{801F85E9-1848-43F6-A091-C5FEFA08AC7B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 

"{9545EACE-A9A2-442C-879B-2787C13BE753}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{9B6F1250-A651-4E57-A76C-798ECF18CAD9}" = lport=138 | protocol=17 | dir=in | app=system | 

"{9F559146-B63B-4D9B-8E54-D1E3B410C0B8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{A9EDC2FF-8CAF-4FE1-BB80-92E84A58AF2D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{AD766AEC-A41F-43FE-B9C2-409945F9E3FC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{AF93CC59-C304-41D8-8632-DBA2B5D9EE5B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 

"{B2B5A56C-FED4-4361-A278-F1C31B457BC3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{B34051F2-8813-487E-8A3C-4DAF7F45B792}" = rport=139 | protocol=6 | dir=out | app=system | 

"{C9611930-9370-41FD-8D34-D0EA7B4B4774}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{D0B42383-F672-4E80-BC06-625BCA2AC671}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{D4C39080-85AE-4104-8FA9-F4EBE4684D4A}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{D745949C-5125-40E1-9D2B-A2524F074DFF}" = lport=445 | protocol=6 | dir=in | app=system | 

"{D7E978B5-44BC-4B5B-BE1D-6E5BFAE77887}" = rport=445 | protocol=6 | dir=out | app=system | 

"{D7EA83F1-0C18-4421-A33D-2D347B248CCB}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 

"{DB24B786-B9D7-415C-AB7A-D281C77DB857}" = rport=137 | protocol=17 | dir=out | app=system | 

"{E44BABC1-E4A6-45E5-9AF7-F62600C8A537}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{F5A50AE7-D460-495B-8034-578991E316EA}" = lport=137 | protocol=17 | dir=in | app=system | 

"{F6F52E89-0B18-435D-A445-EA32618DC866}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{028349ED-39CE-4753-BC25-FE0AC537D814}" = protocol=1 | dir=in | [email protected],-28543 | 

"{040C0ECB-3E1A-48DC-A92C-21A4232CCFFA}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe | 

"{07424AD6-6C6F-49DF-A920-25FB70EE01D9}" = protocol=6 | dir=in | app=d:\gry\fifa 14\game\fifa14.exe | 

"{08D8FC03-3AD9-42F5-8DDA-83D796856056}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{1398886C-1300-487B-ACE8-1645E34F69C7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{22EE6101-231A-42E1-83C8-97CBC1EA1B5F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{26D6CA58-3514-4DA2-9CEC-98374995D57E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{2BF19FE2-DCF7-4E75-B854-B76150EA9BB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{33BD2CA5-C354-4828-833E-34278E24529E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{3472F6F1-82A0-413F-8CB9-6D4FD09A9CFA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{48D7E0BA-41FD-4998-90A6-6341CDEC56E1}" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\launchgtaiv.exe | 

"{6593E9E3-D773-42C1-931C-BE7D6BD183A2}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe | 

"{663314BD-247F-40D9-A4DA-2764AC470574}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{6896AC49-ECD7-44B2-BE5A-61EFE548603F}" = protocol=17 | dir=in | app=d:\gry\fifa 14\game\fifa14.exe | 

"{6AA79844-BB37-4F36-8DA1-19597CBD2A76}" = protocol=58 | dir=out | [email protected],-28546 | 

"{6D3DE0ED-5AA5-4C46-9D68-654B0ABE372C}" = protocol=17 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe | 

"{6DB46BFE-B22F-4305-A93B-9F67933AD4CD}" = protocol=17 | dir=in | app=d:\gry\battlefield 4\bf4.exe | 

"{6E5B957E-FBD2-44E9-972C-947287C128A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{74142C51-BA93-4DC3-B1C6-E782DD81A9F9}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\dropbox\bin\dropbox.exe | 

"{79B0E109-D7C0-4516-980D-1554131616D4}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe | 

"{7CA8ED02-DE92-4FE7-B8E5-C4A1DDFF99DE}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe | 

"{7D287234-CA16-4FE6-854B-BA832196F475}" = protocol=17 | dir=in | app=d:\gry\tropico 3\tropico3.exe | 

"{8785390B-9CC8-45C7-ADA0-CB0A3EC16F8A}" = protocol=6 | dir=in | app=d:\gry\battlefield 4\bf4_x86.exe | 

"{8BB406A4-5A53-40CD-9AF2-9DFE7B49407C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{8FFE6862-CA9F-4F2D-A166-B39BCE698279}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 

"{91E157DA-0329-46B4-BDA2-9FA2BBD9EA77}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{9485A68A-82CD-4AC8-9A2C-082EA3E52EDD}" = protocol=17 | dir=in | app=d:\gry\assassin's creed iv - black flag\ac4bfsp.exe | 

"{95827B3C-063A-44DE-9039-94109C8E6854}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{A401F613-5104-4A86-B27E-44675493BB7C}" = protocol=6 | dir=out | app=system | 

"{A6F8F46E-D013-4825-B745-31C87D5495C9}" = protocol=6 | dir=in | app=d:\gry\tropico 3\tropico3.exe | 

"{AAEC1095-A1FA-40BB-9388-3D2CD65AAEFF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{B3F4BACE-08EE-49C8-AEE0-5E92CCCF9CB8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{BB1F0AF3-B545-49F2-9C12-D89F3707F7B2}" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\launchgtaiv.exe | 

"{BC9C301E-904D-4DE3-87E4-B0AAF0F2BA05}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{BD24DF09-C95E-4A53-8BB5-D9F5A6D1E489}" = protocol=58 | dir=in | [email protected],-28545 | 

"{C7261FFE-238A-4A64-91A2-08C4DBD1A032}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{D2437334-0E21-499C-88D5-F3C029D4B80B}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\dropbox\bin\dropbox.exe | 

"{D58C3C9A-D644-4D58-ABA9-78A21B483317}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{DF491ECD-2DF2-427F-88A3-D98D80782BEF}" = protocol=6 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe | 

"{DF6FE91B-ACC4-4A84-B7F1-055981E7A13A}" = protocol=6 | dir=in | app=d:\gry\assassin's creed iv - black flag\ac4bfsp.exe | 

"{EDD3A520-6108-4857-AEED-5E3680AD1AAC}" = protocol=6 | dir=in | app=d:\gry\battlefield 4\bf4.exe | 

"{FA979D39-59EB-49F6-B8AB-8A7DD61581EE}" = protocol=17 | dir=in | app=d:\gry\battlefield 4\bf4_x86.exe | 

"{FB01F1B9-0338-4E3F-9793-7DFDBFC2B9B5}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 

"{FF27B834-E9F2-468A-B28F-5E5F303A22A1}" = protocol=1 | dir=out | [email protected],-28544 | 

"TCP Query User{2A368F6B-57AF-4C96-A637-EB2CCF5A8CEC}D:\gry\rome total war 2\rome2.exe" = protocol=6 | dir=in | app=d:\gry\rome total war 2\rome2.exe | 

"TCP Query User{2E4458D9-4BC9-4218-9F70-76A514346826}D:\gry\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\gry\world of tanks\worldoftanks.exe | 

"TCP Query User{4822C57C-A892-4459-83C6-A02EC5C5EF42}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 

"TCP Query User{61571FC8-AA34-4A36-8530-DAEAE7E3B574}D:\gry\world of tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\gry\world of tanks\wotlauncher.exe | 

"TCP Query User{814C0DF5-B661-45E2-8BC4-DDA94D57A19A}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | 

"TCP Query User{97B71F12-1D09-4638-BEBA-15C214DA0880}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | 

"TCP Query User{D6244BE2-5DD4-4E26-B226-5C27C3B6856A}D:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe | 

"TCP Query User{F686F07A-0D14-44BE-B0A7-E25FC79267F3}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 

"UDP Query User{19454B34-DD3F-481E-97E3-6E3E709AD6C8}D:\gry\world of tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\gry\world of tanks\wotlauncher.exe | 

"UDP Query User{51A9711A-3F93-46B4-A04D-3390528DE045}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 

"UDP Query User{66205624-3EDC-4EF6-A855-4A1A6EF1FBD7}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | 

"UDP Query User{8091FC04-4BA0-4915-AE5A-DE361A5FB8A9}D:\gry\rome total war 2\rome2.exe" = protocol=17 | dir=in | app=d:\gry\rome total war 2\rome2.exe | 

"UDP Query User{98B38199-413B-4138-8316-F761D148139F}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | 

"UDP Query User{C173C837-5CEE-4C78-9478-4BF8A98EA671}D:\gry\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\gry\world of tanks\worldoftanks.exe | 

"UDP Query User{CFC81EC6-C767-49B9-B77E-E2BA3570D994}D:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe | 

"UDP Query User{DBBFEEAC-C00D-4162-B9A9-C864CF87C7A9}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK)

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610

"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables

"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013

"{90150000-0015-0415-1000-0000000FF1CE}" = Microsoft Access MUI (Polish) 2013

"{90150000-0016-0415-1000-0000000FF1CE}" = Microsoft Excel MUI (Polish) 2013

"{90150000-0018-0415-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Polish) 2013

"{90150000-0019-0415-1000-0000000FF1CE}" = Microsoft Publisher MUI (Polish) 2013

"{90150000-001A-0415-1000-0000000FF1CE}" = Microsoft Outlook MUI (Polish) 2013

"{90150000-001B-0415-1000-0000000FF1CE}" = Microsoft Word MUI (Polish) 2013

"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch

"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English

"{90150000-001F-0415-1000-0000000FF1CE}" = Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski

"{90150000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2013

"{90150000-0044-0415-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Polish) 2013

"{90150000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2013

"{90150000-0090-0415-1000-0000000FF1CE}" = Microsoft DCF MUI (Polish) 2013

"{90150000-00A1-0415-1000-0000000FF1CE}" = Microsoft OneNote MUI (Polish) 2013

"{90150000-00BA-0415-1000-0000000FF1CE}" = Microsoft Groove MUI (Polish) 2013

"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013

"{90150000-00C1-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2013

"{90150000-00E1-0415-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Polish) 2013

"{90150000-00E2-0415-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Polish) 2013

"{90150000-012B-0415-1000-0000000FF1CE}" = Microsoft Lync MUI (Polish) 2013

"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski)

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 332.21

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 332.21

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 332.21

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 332.21

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.1220

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 12.4.55

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.30.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.55

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.22

"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client

"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client

"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant

"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4

"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64

"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24

"Microsoft Security Client" = Microsoft Security Essentials

"Office15.PROPLUS" = Microsoft Office Professional Plus 2013

"WinRAR archiver" = WinRAR 4.01 (64-bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform

"{032DC00A-51D1-4D28-BFB7-1D0E85291E11}" = Futuremark SystemInfo

"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery

"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005

"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common

"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks

"{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}" = System Requirements Lab for Intel

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20

"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55

"{34D1912D-12A3-430E-AB7B-11E32BC02A4C}_update2.0.0.0" = Обновление 2.0.0.0 для игры «Ведьмак 2: Убийцы королей»

"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610

"{3EEF6B1E-38AA-4F22-BA70-30A73BB06AAE}" = Photo Common

"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak

"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV

"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable

"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends

"{6049054B-DB11-48E1-A583-9A565D5C8856}_is1" = "FIFA 14"

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer

"{6CA1CD8C-2D65-491E-9467-00A3ACA4A0A9}" = Tropico 3

"{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}" = MSVCRT Redists

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed

"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6

"{77655DF6-A143-4A25-A5F8-127C8CE63EDA}" = Galeria fotografii

"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.13

"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005

"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX

"{83DD27C9-CDC2-489A-87FA-8622C1F8F8EC}" = Debugging Tools for Windows (x86)

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110

"{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}" = Podstawowe programy Windows Live

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610

"{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1" = "Assassin's Creed IV - Black Flag"

"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™

"{AC57543E-EC54-4AB7-A18C-4B04BB1CF09A}" = Windows Live UX Platform Language Pack

"{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish

"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform

"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6

"{C0B16F2E-3980-44F8-8CF4-F84696541FF7}" = ASUS Product Register Program

"{C22378E6-9A65-438E-964C-7DB8FBB568DE}" = LogMeIn Hamachi

"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE

"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

"{CF9086F7-0490-42CE-8029-09CCB8FB942A}_is1" = OMC ModPack wersja 0.9.0.0

"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions

"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4

"{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}" = Movie Maker

"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"«The Witcher 2 - Assassins of Kings. Enhanced Edition»_is1" = «The Witcher 2 - Assassins of Kings. Enhanced Edition»

"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin

"Any Video Converter_is1" = Any Video Converter 5.5.9

"Battlelog Web Plugins" = Battlelog Web Plugins

"Call of Duty Ghosts_is1" = Call of Duty Ghosts

"ESN Sonar-0.70.4" = ESN Sonar

"Fraps" = Fraps (remove only)

"Google Chrome" = Google Chrome

"InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak

"KLiteCodecPack_is1" = K-Lite Codec Pack 10.1.5 Full

"League of Legends 3.0.1" = League of Legends

"LogMeIn Hamachi" = LogMeIn Hamachi

"Medal of Honor Warfighter_R.G. Mechanics_is1" = Medal of Honor Warfighter

"Minecraft1.7.9" = Minecraft1.7.9

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"OpenAL" = OpenAL

"Origin" = Origin

"PITy2013IPS_is1" = PITy2013 IPS 1.5.2.0 kompilacja:1.5.3.10

"RealAlt_is1" = Real Alternative 2.0.2

"The Elder Scrolls V Skyrim - Legendary Edition_is1" = The Elder Scrolls V Skyrim - Legendary Edition

"WinLiveSuite" = Podstawowe programy Windows Live

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"GG" = GG

"OpenFM" = OpenFM

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"uTorrent" = µTorrent

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 2014-03-13 11:25:00 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

Error - 2014-03-13 11:26:14 | Computer Name = Asus-Komputer | Source = WinMgmt | ID = 10

Description = 

 

Error - 2014-03-13 11:33:33 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

Error - 2014-03-13 11:33:33 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

Error - 2014-03-13 11:34:47 | Computer Name = Asus-Komputer | Source = WinMgmt | ID = 10

Description = 

 

Error - 2014-03-13 11:44:21 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

Error - 2014-03-13 11:44:21 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

Error - 2014-03-13 11:45:34 | Computer Name = Asus-Komputer | Source = WinMgmt | ID = 10

Description = 

 

Error - 2014-03-13 17:58:59 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

Error - 2014-03-13 17:58:59 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

[ System Events ]

Error - 2014-05-18 04:00:24 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-18 10:31:53 | Computer Name = Asus-Komputer | Source = Service Control Manager | ID = 7031

Description = Usługa Update HulaToo niespodziewanie zakończyła pracę. Wystąpiło 

to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna:

 Uruchom usługę ponownie.

 

Error - 2014-05-19 04:36:47 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 04:36:47 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 10:28:33 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 10:28:34 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 11:14:41 | Computer Name = Asus-Komputer | Source = EventLog | ID = 6008

Description = Poprzednie zamknięcie systemu przy 17:13:14 na ?2014-?05-?19 było 

nieoczekiwane.

 

Error - 2014-05-19 11:14:41 | Computer Name = ASUS-KOMPUTER | Source = BugCheck | ID = 1001

Description = 

 

Error - 2014-05-19 11:15:16 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 11:15:16 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

 

< End of report >

 

 

 

P.S jeśli to pomoże, to problem pojawił się od 18.05.2014

[Spartakus97]

Tak użyłem, dzięki za pomoc.

Folder Usunięto : C:\ProgramData\IePluginServices
Folder Usunięto : C:\ProgramData\WPM
Folder Usunięto : C:\Program Files (x86)\SupTab
Plik Usunięto : C:\Users\Asus\daemonprocess.txt


***** [ Skróty ] *****




***** [ Rejestr ] *****


Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseSmart_RASAPI32
Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseSmart_RASMANCS
Klucz Usunięto : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klucz Usunięto : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klucz Usunięto : HKLM\Software\SupTab
Klucz Usunięto : HKLM\Software\supWPM
Klucz Usunięto : HKLM\Software\webssearchesSoftware
Klucz Usunięto : HKLM\Software\Wpm


***** [ Przeglądarki internetowe ] *****


-\\ Internet Explorer v11.0.9600.16521




-\\ Google Chrome v34.0.1847.137


[ Plik : C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\preferences ]




*************************


AdwCleaner[R0].txt - [3664 octets] - [20/02/2014 13:25:35]
AdwCleaner[R1].txt - [2219 octets] - [19/05/2014 20:22:38]
AdwCleaner[S0].txt - [3089 octets] - [20/02/2014 13:26:24]
AdwCleaner[S1].txt - [2095 octets] - [19/05/2014 20:33:38]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2155 octets] ##########

[Janusz.]

Jeśli nie ma to lecisz dalej. punkt po punkcie. napisałem to odinstalowywanie ponieważ widziałem je na komputerze u ciebie ale nie widziałem w zainstalowanych. być może sam je usuwałeś ale szczątki zostały. jeśli nie używasz ff to ją zostaw.

[Janusz.]

To w takim razie kończymy.

 

Usuń FRST, Adwcleaner.exe (i folder na dysku C) SC-Cleaner i log który wykonał za pomocą kombinacji przycisków shift+ctrl (omija kosz) w OTL użyj sprzątanie i to by było na tyle.

[Spartakus97]

Fix

 

 

All processes killed

========== OTL ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\ deleted successfully.

C:\Program Files (x86)\SupTab\SupTab.dll moved successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SupTab\SEARCH~1.DLL deleted successfully.

C:\Program Files (x86)\SupTab\SearchProtect32.dll moved successfully.

ADS C:\ProgramData\TEMP:07BF512B deleted successfully.

========== FILES ==========

C:\Users\Asus\AppData\Roaming\SupTab folder moved successfully.

C:\Users\Asus\AppData\Roaming\webssearches\log folder moved successfully.

C:\Users\Asus\AppData\Roaming\webssearches\images\code folder moved successfully.

C:\Users\Asus\AppData\Roaming\webssearches\images folder moved successfully.

C:\Users\Asus\AppData\Roaming\webssearches folder moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Asus

->Temp folder emptied: 2092 bytes

->Temporary Internet Files folder emptied: 1970813 bytes

->Java cache emptied: 0 bytes

->Google Chrome cache emptied: 347018990 bytes

->Flash cache emptied: 1659 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 333,00 mb

 

 

OTL by OldTimer - Version 3.2.69.0 log created on 05192014_195155

 

Files\Folders moved on Reboot...

C:\Users\Asus\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

C:\Users\Asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

 

 

Extras

OTL Extras logfile created on: 2014-05-19 19:57:31 - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Asus\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16521)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

7,95 Gb Total Physical Memory | 6,46 Gb Available Physical Memory | 81,27% Memory free

15,91 Gb Paging File | 14,24 Gb Available in Paging File | 89,52% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 54,81 Gb Free Space | 28,08% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 398,17 Gb Free Space | 54,08% Space Free | Partition Type: NTFS

 

Computer Name: ASUS-KOMPUTER | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_USERS\S-1-5-21-2120599999-3823338773-1484169776-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- D:\Programy\PhotoShop CS6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- D:\Programy\PhotoShop CS6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{10C36B9A-CD7B-40E8-81EE-53AD722925B4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 

"{1184C9FA-B59B-4DBB-B0A8-AFACFF4D46BD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 

"{149874E2-7F5F-4B07-9268-CB92EC65B87C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{1CA0B937-0710-4345-927E-2AE8FED5D74F}" = lport=139 | protocol=6 | dir=in | app=system | 

"{1F5705E9-E656-458E-B51D-B2D4ED6BAC5C}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 

"{1FC11284-C5E8-45F8-94B9-4A8333FA3B8A}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{247F9315-B4D1-4127-97DE-88AB3A889BC3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | 

"{2A341346-BC47-498E-9B17-A0149D006E28}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{4B78B597-0597-47FD-BFA4-C7928E1F3461}" = rport=138 | protocol=17 | dir=out | app=system | 

"{5764AEEA-ADE4-482F-A5AB-49BC4B2B0935}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{5BA1B324-97B1-4BB2-A2B6-A03EFE97A822}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{604E95E9-83B2-4F99-841B-5BD9D48C94A2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 

"{63110AC3-1BB0-4974-AFD4-B5C197060EB1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{7659D4C1-A479-4E0B-9177-6D46645BDC72}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 

"{7929DF20-9B8D-47E1-A344-5A5DA0854B64}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{796821A3-09DA-4D38-9160-4B07EBBD4A1B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{7BCAD6D8-0774-4681-ADBD-E0E18571039B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 

"{7DF92774-8CEC-4385-8EAD-5A73B6EF5D13}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{7E058FE8-17A1-4DA0-AE13-34399990B42A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 

"{7F8D5CA9-BD55-4978-8127-958E7C70937F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{801F85E9-1848-43F6-A091-C5FEFA08AC7B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 

"{9545EACE-A9A2-442C-879B-2787C13BE753}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{9B6F1250-A651-4E57-A76C-798ECF18CAD9}" = lport=138 | protocol=17 | dir=in | app=system | 

"{9F559146-B63B-4D9B-8E54-D1E3B410C0B8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{A9EDC2FF-8CAF-4FE1-BB80-92E84A58AF2D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{AD766AEC-A41F-43FE-B9C2-409945F9E3FC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{AF93CC59-C304-41D8-8632-DBA2B5D9EE5B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | 

"{B2B5A56C-FED4-4361-A278-F1C31B457BC3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{B34051F2-8813-487E-8A3C-4DAF7F45B792}" = rport=139 | protocol=6 | dir=out | app=system | 

"{C9611930-9370-41FD-8D34-D0EA7B4B4774}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{D0B42383-F672-4E80-BC06-625BCA2AC671}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{D4C39080-85AE-4104-8FA9-F4EBE4684D4A}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{D745949C-5125-40E1-9D2B-A2524F074DFF}" = lport=445 | protocol=6 | dir=in | app=system | 

"{D7E978B5-44BC-4B5B-BE1D-6E5BFAE77887}" = rport=445 | protocol=6 | dir=out | app=system | 

"{D7EA83F1-0C18-4421-A33D-2D347B248CCB}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | 

"{DB24B786-B9D7-415C-AB7A-D281C77DB857}" = rport=137 | protocol=17 | dir=out | app=system | 

"{E44BABC1-E4A6-45E5-9AF7-F62600C8A537}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{F5A50AE7-D460-495B-8034-578991E316EA}" = lport=137 | protocol=17 | dir=in | app=system | 

"{F6F52E89-0B18-435D-A445-EA32618DC866}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{028349ED-39CE-4753-BC25-FE0AC537D814}" = protocol=1 | dir=in | [email protected],-28543 | 

"{040C0ECB-3E1A-48DC-A92C-21A4232CCFFA}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe | 

"{07424AD6-6C6F-49DF-A920-25FB70EE01D9}" = protocol=6 | dir=in | app=d:\gry\fifa 14\game\fifa14.exe | 

"{08D8FC03-3AD9-42F5-8DDA-83D796856056}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{1398886C-1300-487B-ACE8-1645E34F69C7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{22EE6101-231A-42E1-83C8-97CBC1EA1B5F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{26D6CA58-3514-4DA2-9CEC-98374995D57E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{2BF19FE2-DCF7-4E75-B854-B76150EA9BB4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{33BD2CA5-C354-4828-833E-34278E24529E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{3472F6F1-82A0-413F-8CB9-6D4FD09A9CFA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{48D7E0BA-41FD-4998-90A6-6341CDEC56E1}" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\launchgtaiv.exe | 

"{6593E9E3-D773-42C1-931C-BE7D6BD183A2}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe | 

"{663314BD-247F-40D9-A4DA-2764AC470574}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{6896AC49-ECD7-44B2-BE5A-61EFE548603F}" = protocol=17 | dir=in | app=d:\gry\fifa 14\game\fifa14.exe | 

"{6AA79844-BB37-4F36-8DA1-19597CBD2A76}" = protocol=58 | dir=out | [email protected],-28546 | 

"{6D3DE0ED-5AA5-4C46-9D68-654B0ABE372C}" = protocol=17 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe | 

"{6DB46BFE-B22F-4305-A93B-9F67933AD4CD}" = protocol=17 | dir=in | app=d:\gry\battlefield 4\bf4.exe | 

"{6E5B957E-FBD2-44E9-972C-947287C128A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{74142C51-BA93-4DC3-B1C6-E782DD81A9F9}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\dropbox\bin\dropbox.exe | 

"{79B0E109-D7C0-4516-980D-1554131616D4}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe | 

"{7CA8ED02-DE92-4FE7-B8E5-C4A1DDFF99DE}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\utorrent\utorrent.exe | 

"{7D287234-CA16-4FE6-854B-BA832196F475}" = protocol=17 | dir=in | app=d:\gry\tropico 3\tropico3.exe | 

"{8785390B-9CC8-45C7-ADA0-CB0A3EC16F8A}" = protocol=6 | dir=in | app=d:\gry\battlefield 4\bf4_x86.exe | 

"{8BB406A4-5A53-40CD-9AF2-9DFE7B49407C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{8FFE6862-CA9F-4F2D-A166-B39BCE698279}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 

"{91E157DA-0329-46B4-BDA2-9FA2BBD9EA77}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{9485A68A-82CD-4AC8-9A2C-082EA3E52EDD}" = protocol=17 | dir=in | app=d:\gry\assassin's creed iv - black flag\ac4bfsp.exe | 

"{95827B3C-063A-44DE-9039-94109C8E6854}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{A401F613-5104-4A86-B27E-44675493BB7C}" = protocol=6 | dir=out | app=system | 

"{A6F8F46E-D013-4825-B745-31C87D5495C9}" = protocol=6 | dir=in | app=d:\gry\tropico 3\tropico3.exe | 

"{AAEC1095-A1FA-40BB-9388-3D2CD65AAEFF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{B3F4BACE-08EE-49C8-AEE0-5E92CCCF9CB8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{BB1F0AF3-B545-49F2-9C12-D89F3707F7B2}" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\launchgtaiv.exe | 

"{BC9C301E-904D-4DE3-87E4-B0AAF0F2BA05}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{BD24DF09-C95E-4A53-8BB5-D9F5A6D1E489}" = protocol=58 | dir=in | [email protected],-28545 | 

"{C7261FFE-238A-4A64-91A2-08C4DBD1A032}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{D2437334-0E21-499C-88D5-F3C029D4B80B}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\dropbox\bin\dropbox.exe | 

"{D58C3C9A-D644-4D58-ABA9-78A21B483317}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{DF491ECD-2DF2-427F-88A3-D98D80782BEF}" = protocol=6 | dir=in | app=d:\gry\gta iv\rockstar games social club\rgsclauncher.exe | 

"{DF6FE91B-ACC4-4A84-B7F1-055981E7A13A}" = protocol=6 | dir=in | app=d:\gry\assassin's creed iv - black flag\ac4bfsp.exe | 

"{EDD3A520-6108-4857-AEED-5E3680AD1AAC}" = protocol=6 | dir=in | app=d:\gry\battlefield 4\bf4.exe | 

"{FA979D39-59EB-49F6-B8AB-8A7DD61581EE}" = protocol=17 | dir=in | app=d:\gry\battlefield 4\bf4_x86.exe | 

"{FB01F1B9-0338-4E3F-9793-7DFDBFC2B9B5}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 

"{FF27B834-E9F2-468A-B28F-5E5F303A22A1}" = protocol=1 | dir=out | [email protected],-28544 | 

"TCP Query User{2A368F6B-57AF-4C96-A637-EB2CCF5A8CEC}D:\gry\rome total war 2\rome2.exe" = protocol=6 | dir=in | app=d:\gry\rome total war 2\rome2.exe | 

"TCP Query User{2E4458D9-4BC9-4218-9F70-76A514346826}D:\gry\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\gry\world of tanks\worldoftanks.exe | 

"TCP Query User{4822C57C-A892-4459-83C6-A02EC5C5EF42}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 

"TCP Query User{61571FC8-AA34-4A36-8530-DAEAE7E3B574}D:\gry\world of tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\gry\world of tanks\wotlauncher.exe | 

"TCP Query User{814C0DF5-B661-45E2-8BC4-DDA94D57A19A}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | 

"TCP Query User{97B71F12-1D09-4638-BEBA-15C214DA0880}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | 

"TCP Query User{D6244BE2-5DD4-4E26-B226-5C27C3B6856A}D:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe | 

"TCP Query User{F686F07A-0D14-44BE-B0A7-E25FC79267F3}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 

"UDP Query User{19454B34-DD3F-481E-97E3-6E3E709AD6C8}D:\gry\world of tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\gry\world of tanks\wotlauncher.exe | 

"UDP Query User{51A9711A-3F93-46B4-A04D-3390528DE045}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 

"UDP Query User{66205624-3EDC-4EF6-A855-4A1A6EF1FBD7}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | 

"UDP Query User{8091FC04-4BA0-4915-AE5A-DE361A5FB8A9}D:\gry\rome total war 2\rome2.exe" = protocol=17 | dir=in | app=d:\gry\rome total war 2\rome2.exe | 

"UDP Query User{98B38199-413B-4138-8316-F761D148139F}D:\gry\gta iv\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\gta iv\grand theft auto iv\gtaiv.exe | 

"UDP Query User{C173C837-5CEE-4C78-9478-4BF8A98EA671}D:\gry\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\gry\world of tanks\worldoftanks.exe | 

"UDP Query User{CFC81EC6-C767-49B9-B77E-E2BA3570D994}D:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\gry\the witcher 2 - assassins of kings. enhanced edition\bin\witcher2.exe | 

"UDP Query User{DBBFEEAC-C00D-4162-B9A9-C864CF87C7A9}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{45F1F774-38B4-3CC3-BAAF-051E6D19E48E}" = Microsoft .NET Framework 4.5.1 (PLK)

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610

"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables

"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013

"{90150000-0015-0415-1000-0000000FF1CE}" = Microsoft Access MUI (Polish) 2013

"{90150000-0016-0415-1000-0000000FF1CE}" = Microsoft Excel MUI (Polish) 2013

"{90150000-0018-0415-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Polish) 2013

"{90150000-0019-0415-1000-0000000FF1CE}" = Microsoft Publisher MUI (Polish) 2013

"{90150000-001A-0415-1000-0000000FF1CE}" = Microsoft Outlook MUI (Polish) 2013

"{90150000-001B-0415-1000-0000000FF1CE}" = Microsoft Word MUI (Polish) 2013

"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch

"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English

"{90150000-001F-0415-1000-0000000FF1CE}" = Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski

"{90150000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2013

"{90150000-0044-0415-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Polish) 2013

"{90150000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2013

"{90150000-0090-0415-1000-0000000FF1CE}" = Microsoft DCF MUI (Polish) 2013

"{90150000-00A1-0415-1000-0000000FF1CE}" = Microsoft OneNote MUI (Polish) 2013

"{90150000-00BA-0415-1000-0000000FF1CE}" = Microsoft Groove MUI (Polish) 2013

"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013

"{90150000-00C1-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2013

"{90150000-00E1-0415-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Polish) 2013

"{90150000-00E2-0415-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Polish) 2013

"{90150000-012B-0415-1000-0000000FF1CE}" = Microsoft Lync MUI (Polish) 2013

"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski)

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 332.21

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 332.21

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 332.21

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 332.21

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.1220

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 12.4.55

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.30.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.55

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.22

"{B5E06417-A4AC-4225-B36E-7E34C91616E7}" = Intel® Trusted Connect Service Client

"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client

"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant

"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4

"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64

"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24

"Microsoft Security Client" = Microsoft Security Essentials

"Office15.PROPLUS" = Microsoft Office Professional Plus 2013

"WinRAR archiver" = WinRAR 4.01 (64-bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform

"{032DC00A-51D1-4D28-BFB7-1D0E85291E11}" = Futuremark SystemInfo

"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery

"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005

"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common

"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks

"{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}" = System Requirements Lab for Intel

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 20

"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55

"{34D1912D-12A3-430E-AB7B-11E32BC02A4C}_update2.0.0.0" = Обновление 2.0.0.0 для игры «Ведьмак 2: Убийцы королей»

"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610

"{3EEF6B1E-38AA-4F22-BA70-30A73BB06AAE}" = Photo Common

"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak

"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV

"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable

"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends

"{6049054B-DB11-48E1-A583-9A565D5C8856}_is1" = "FIFA 14"

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer

"{6CA1CD8C-2D65-491E-9467-00A3ACA4A0A9}" = Tropico 3

"{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}" = MSVCRT Redists

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed

"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6

"{77655DF6-A143-4A25-A5F8-127C8CE63EDA}" = Galeria fotografii

"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.13

"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005

"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX

"{83DD27C9-CDC2-489A-87FA-8622C1F8F8EC}" = Debugging Tools for Windows (x86)

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110

"{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}" = Podstawowe programy Windows Live

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610

"{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1" = "Assassin's Creed IV - Black Flag"

"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™

"{AC57543E-EC54-4AB7-A18C-4B04BB1CF09A}" = Windows Live UX Platform Language Pack

"{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish

"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform

"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6

"{C0B16F2E-3980-44F8-8CF4-F84696541FF7}" = ASUS Product Register Program

"{C22378E6-9A65-438E-964C-7DB8FBB568DE}" = LogMeIn Hamachi

"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE

"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

"{CF9086F7-0490-42CE-8029-09CCB8FB942A}_is1" = OMC ModPack wersja 0.9.0.0

"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions

"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4

"{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}" = Movie Maker

"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"«The Witcher 2 - Assassins of Kings. Enhanced Edition»_is1" = «The Witcher 2 - Assassins of Kings. Enhanced Edition»

"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin

"Any Video Converter_is1" = Any Video Converter 5.5.9

"Battlelog Web Plugins" = Battlelog Web Plugins

"Call of Duty Ghosts_is1" = Call of Duty Ghosts

"ESN Sonar-0.70.4" = ESN Sonar

"Fraps" = Fraps (remove only)

"Google Chrome" = Google Chrome

"InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak

"KLiteCodecPack_is1" = K-Lite Codec Pack 10.1.5 Full

"League of Legends 3.0.1" = League of Legends

"LogMeIn Hamachi" = LogMeIn Hamachi

"Medal of Honor Warfighter_R.G. Mechanics_is1" = Medal of Honor Warfighter

"Minecraft1.7.9" = Minecraft1.7.9

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"OpenAL" = OpenAL

"Origin" = Origin

"PITy2013IPS_is1" = PITy2013 IPS 1.5.2.0 kompilacja:1.5.3.10

"RealAlt_is1" = Real Alternative 2.0.2

"The Elder Scrolls V Skyrim - Legendary Edition_is1" = The Elder Scrolls V Skyrim - Legendary Edition

"WinLiveSuite" = Podstawowe programy Windows Live

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-2120599999-3823338773-1484169776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"GG" = GG

"OpenFM" = OpenFM

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"uTorrent" = µTorrent

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 2014-03-16 04:57:57 | Computer Name = Asus-Komputer | Source = Office 2013 Licensing Service | ID = 0

Description = 

 

Error - 2014-03-17 06:45:52 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

Error - 2014-03-17 06:45:52 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

Error - 2014-03-17 06:47:05 | Computer Name = Asus-Komputer | Source = WinMgmt | ID = 10

Description = 

 

Error - 2014-03-17 06:55:29 | Computer Name = Asus-Komputer | Source = Office 2013 Licensing Service | ID = 0

Description = 

 

Error - 2014-03-17 16:04:57 | Computer Name = Asus-Komputer | Source = Application Error | ID = 1000

Description = Nazwa aplikacji powodującej błąd: League of Legends.exe, wersja: 4.3.0.495,

 sygnatura czasowa: 0x531164e2  Nazwa modułu powodującego błąd: League of Legends.exe,

 wersja: 4.3.0.495, sygnatura czasowa: 0x531164e2  Kod wyjątku: 0xc0000005  Przesunięcie

 błędu: 0x005801e0  Identyfikator procesu powodującego błąd: 0x1498  Godzina uruchomienia

 aplikacji powodującej błąd: 0x01cf4216cbb657a3  Ścieżka aplikacji powodującej błąd:

 D:\Gry\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.13\deploy\League

 of Legends.exe  Ścieżka modułu powodującego błąd: D:\Gry\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.13\deploy\League

 of Legends.exe  Identyfikator raportu: 69631de9-ae0f-11e3-a30c-60a44c3795d6

 

Error - 2014-03-18 09:39:02 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

Error - 2014-03-18 09:39:02 | Computer Name = Asus-Komputer | Source = NvStreamSvc | ID = 131073

Description = 

 

Error - 2014-03-18 09:40:13 | Computer Name = Asus-Komputer | Source = WinMgmt | ID = 10

Description = 

 

Error - 2014-03-18 09:48:34 | Computer Name = Asus-Komputer | Source = Office 2013 Licensing Service | ID = 0

Description = 

 

[ System Events ]

Error - 2014-05-19 04:36:47 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 10:28:33 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 10:28:34 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 11:14:41 | Computer Name = Asus-Komputer | Source = EventLog | ID = 6008

Description = Poprzednie zamknięcie systemu przy 17:13:14 na ?2014-?05-?19 było 

nieoczekiwane.

 

Error - 2014-05-19 11:14:41 | Computer Name = ASUS-KOMPUTER | Source = BugCheck | ID = 1001

Description = 

 

Error - 2014-05-19 11:15:16 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 11:15:16 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 13:51:55 | Computer Name = Asus-Komputer | Source = Service Control Manager | ID = 7034

Description = Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła

 pracę. Wystąpiło to razy: 1.

 

Error - 2014-05-19 13:53:13 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

Error - 2014-05-19 13:53:13 | Computer Name = Asus-Komputer | Source = WMPNetworkSvc | ID = 866306

Description = 

 

 

< End of report >

 

otl

OTL logfile created on: 2014-05-19 19:57:31 - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Asus\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16521)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

7,95 Gb Total Physical Memory | 6,46 Gb Available Physical Memory | 81,27% Memory free

15,91 Gb Paging File | 14,24 Gb Available in Paging File | 89,52% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,21 Gb Total Space | 54,81 Gb Free Space | 28,08% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 398,17 Gb Free Space | 54,08% Space Free | Partition Type: NTFS

 

Computer Name: ASUS-KOMPUTER | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014-05-19 19:08:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

PRC - [2014-05-13 14:29:30 | 003,814,736 | ---- | M] (LogMeIn Inc.) -- D:\Programy\Hamachi\hamachi-2-ui.exe

PRC - [2014-05-08 12:52:32 | 000,704,112 | ---- | M] (Cherished Technololgy LIMITED) -- C:\ProgramData\IePluginServices\PluginService.exe

PRC - [2014-05-08 01:29:35 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2014-04-02 15:29:05 | 002,201,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

PRC - [2014-04-02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

PRC - [2013-12-19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2013-12-10 15:27:58 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2013-12-10 15:27:54 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

PRC - [2013-09-17 07:49:50 | 000,292,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2014-05-08 01:29:33 | 000,390,472 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppgooglenaclpluginchrome.dll

MOD - [2014-05-08 01:29:31 | 004,081,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll

MOD - [2014-05-08 01:29:27 | 000,674,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll

MOD - [2014-05-08 01:29:27 | 000,093,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll

MOD - [2014-05-08 01:29:26 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll

MOD - [2014-05-08 01:29:24 | 000,065,352 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - [2014-04-02 15:28:36 | 020,541,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)

SRV:64bit: - [2014-03-11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2014-03-11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2014-03-01 06:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2013-08-27 15:32:30 | 000,828,376 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®

SRV:64bit: - [2013-08-27 15:32:14 | 000,747,520 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®

SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2014-05-14 20:32:42 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014-05-13 14:29:26 | 002,228,048 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Programy\Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2014-05-08 12:52:32 | 000,704,112 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices)

SRV - [2014-04-02 15:28:46 | 001,615,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)

SRV - [2014-01-29 00:27:58 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2013-12-19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2013-12-10 15:27:58 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2013-12-10 15:27:54 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)

SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2012-01-17 11:24:10 | 000,055,296 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\ASGT.exe -- (ASGT)

SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2014-04-28 20:57:43 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)

DRV:64bit: - [2014-03-21 21:43:52 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)

DRV:64bit: - [2014-03-11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2013-12-18 12:34:38 | 000,888,536 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2013-12-10 15:27:54 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)

DRV:64bit: - [2013-11-28 15:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2013-10-02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2013-09-17 07:48:32 | 000,795,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)

DRV:64bit: - [2013-09-17 07:48:32 | 000,358,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)

DRV:64bit: - [2013-09-17 07:48:32 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)

DRV:64bit: - [2013-09-04 19:57:10 | 000,871,408 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010-07-01 15:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)

DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009-03-18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 

IE - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

IE - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

IE - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Programy\Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

 

 

[2013-08-30 19:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions

 

========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: https://www.google.pl/

CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft Office 2013 (Disabled) = C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

CHR - plugin: Java Deployment Toolkit 7.0.550.14 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

CHR - plugin: Java Platform SE 7 U55 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll

CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

CHR - Extension: AdBlock = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.34_0\

CHR - Extension: Google Wallet = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

 

O1 HOSTS File: ([2014-04-28 16:41:31 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\Office\Office15\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [shadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Programy\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2120599999-3823338773-1484169776-1000..\Run: [] C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Office\Office15\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programy\Office\Office15\EXCEL.EXE (Microsoft Corporation)

O1364bit: - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 10.55.2)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.55.2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{339DB607-6D52-4429-9679-EA646E515218}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programy\Office\Office15\MSOSB.DLL (Microsoft Corporation)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~2.DLL) - C:\Program Files (x86)\SupTab\SearchProtect64.dll (Skytech Co., Ltd.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014-05-19 19:51:55 | 000,000,000 | ---D | C] -- C:\_OTL

[2014-05-19 19:08:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2014-05-19 19:07:22 | 000,000,000 | ---D | C] -- C:\FRST

[2014-05-18 16:52:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O22y Inc

[2014-05-18 16:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices

[2014-05-18 16:28:11 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM

[2014-05-18 16:28:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SupTab

[2014-05-14 14:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

[2014-05-09 22:43:59 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\LogMeIn Hamachi

[2014-05-09 22:33:49 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft

[2014-05-09 22:33:36 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\.minecraft

[2014-05-09 22:28:52 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Serwer Minecraft

[2014-05-02 11:19:08 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\NVIDIA

[2014-05-01 15:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2014-05-01 15:46:26 | 006,671,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2014-05-01 15:46:26 | 003,490,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2014-05-01 15:46:26 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2014-05-01 15:46:26 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2014-05-01 15:46:26 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2014-05-01 15:45:59 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2014-05-01 15:45:59 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2014-05-01 15:44:14 | 030,372,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2014-05-01 15:44:14 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2014-05-01 15:44:14 | 022,960,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2014-05-01 15:44:14 | 018,310,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2014-05-01 15:44:14 | 018,222,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2014-05-01 15:44:14 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2014-05-01 15:44:14 | 015,877,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2014-05-01 15:44:14 | 015,230,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2014-05-01 15:44:14 | 011,605,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2014-05-01 15:44:14 | 011,554,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2014-05-01 15:44:14 | 009,700,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2014-05-01 15:44:14 | 009,657,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2014-05-01 15:44:14 | 003,132,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2014-05-01 15:44:14 | 003,125,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2014-05-01 15:44:14 | 003,071,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2014-05-01 15:44:14 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2014-05-01 15:44:14 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2014-05-01 15:44:14 | 002,698,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2014-05-01 15:44:14 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433221.dll

[2014-05-01 15:44:14 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll

[2014-05-01 15:44:14 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433221.dll

[2014-05-01 15:44:14 | 001,436,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2014-05-01 15:44:14 | 001,242,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2014-05-01 15:44:14 | 000,882,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll

[2014-05-01 15:44:14 | 000,879,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll

[2014-05-01 15:44:14 | 000,852,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll

[2014-05-01 15:44:14 | 000,847,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll

[2014-05-01 15:44:14 | 000,479,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll

[2014-05-01 15:44:14 | 000,405,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll

[2014-05-01 15:44:14 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll

[2014-05-01 15:44:14 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll

[2014-05-01 15:44:14 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys

[2014-05-01 15:44:14 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2014-05-01 15:44:14 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2014-05-01 15:44:14 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

[2014-04-30 14:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

[2014-04-30 14:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID

[2014-04-29 15:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe

[2014-04-29 15:00:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2014-04-28 19:52:53 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2014-04-28 19:52:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2014-04-27 09:36:40 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys

[2014-04-27 09:36:40 | 000,033,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll

[2014-04-26 14:08:12 | 000,000,000 | ---D | C] -- C:\Users\Asus\Documents\Ghost Games

[2014-04-21 08:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client

[2014-04-21 08:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client

[2014-04-20 14:59:42 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2014-04-20 14:59:37 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2014-04-20 14:59:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2014-04-20 14:59:37 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

 

========== Files - Modified Within 30 Days ==========

 

[2014-05-19 20:00:06 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014-05-19 20:00:06 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014-05-19 19:58:52 | 001,670,518 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2014-05-19 19:58:52 | 000,740,422 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2014-05-19 19:58:52 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2014-05-19 19:58:52 | 000,155,996 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2014-05-19 19:58:52 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2014-05-19 19:53:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014-05-19 19:53:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014-05-19 19:52:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014-05-19 19:52:45 | 2110,132,223 | -HS- | M] () -- C:\hiberfil.sys

[2014-05-19 19:32:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014-05-19 19:08:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2014-05-19 18:17:23 | 003,001,396 | ---- | M] () -- C:\Users\Asus\Desktop\Linkin Park Numb   .mp3

[2014-05-19 17:14:34 | 606,815,398 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2014-05-18 16:53:29 | 000,000,000 | -HS- | M] () -- C:\Users\Asus\AppData\Local\LumaEmu

[2014-05-18 16:52:54 | 000,000,523 | ---- | M] () -- C:\Users\Asus\Desktop\Call of Duty Ghosts.lnk

[2014-05-18 16:34:52 | 000,002,149 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014-05-16 16:27:38 | 185,121,437 | ---- | M] () -- C:\Users\Asus\Desktop\Energy_Mix_vol_46_2014_320kb_niepodzielony.mp3

[2014-05-16 14:56:26 | 000,000,855 | ---- | M] () -- C:\Users\Asus\Desktop\µTorrent.lnk

[2014-05-14 20:32:40 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2014-05-14 20:32:40 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2014-05-14 14:02:29 | 000,000,626 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

[2014-05-10 14:04:02 | 000,001,050 | ---- | M] () -- C:\Users\Asus\Desktop\ts3.lnk

[2014-05-04 10:33:50 | 000,194,839 | ---- | M] () -- C:\Users\Asus\Desktop\DeathArmy_Kornel Kaczmarek.pdf

[2014-04-30 14:47:15 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk

[2014-04-30 06:53:58 | 005,022,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2014-04-29 15:04:11 | 000,001,425 | ---- | M] () -- C:\Users\Asus\Desktop\Photoshop.lnk

[2014-04-28 20:57:43 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys

[2014-04-28 16:41:31 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts

[2014-04-27 09:27:39 | 000,007,604 | ---- | M] () -- C:\Users\Asus\AppData\Local\Resmon.ResmonCfg

[2014-04-21 08:27:55 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif

 

========== Files Created - No Company Name ==========

 

[2014-05-19 18:17:21 | 003,001,396 | ---- | C] () -- C:\Users\Asus\Desktop\Linkin Park Numb   .mp3

[2014-05-18 16:53:29 | 000,000,000 | -HS- | C] () -- C:\Users\Asus\AppData\Local\LumaEmu

[2014-05-18 16:52:54 | 000,000,523 | ---- | C] () -- C:\Users\Asus\Desktop\Call of Duty Ghosts.lnk

[2014-05-18 10:06:32 | 185,121,437 | ---- | C] () -- C:\Users\Asus\Desktop\Energy_Mix_vol_46_2014_320kb_niepodzielony.mp3

[2014-05-14 14:02:29 | 000,000,626 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

[2014-05-10 14:04:03 | 000,001,050 | ---- | C] () -- C:\Users\Asus\Desktop\ts3.lnk

[2014-05-04 10:33:50 | 000,194,839 | ---- | C] () -- C:\Users\Asus\Desktop\DeathArmy_Kornel Kaczmarek.pdf

[2014-05-01 15:46:26 | 003,539,040 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin

[2014-05-01 15:44:14 | 000,357,152 | ---- | C] () -- C:\Windows\SysNative\NvIFROpenGL.dll

[2014-05-01 15:44:14 | 000,314,656 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll

[2014-05-01 15:44:14 | 000,023,754 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb

[2014-04-30 14:47:15 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk

[2014-04-29 15:04:13 | 000,001,425 | ---- | C] () -- C:\Users\Asus\Desktop\Photoshop.lnk

[2014-04-29 15:03:32 | 000,000,902 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk

[2014-04-29 15:03:06 | 000,000,876 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk

[2014-04-29 15:02:21 | 000,000,951 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk

[2014-04-29 15:02:18 | 000,001,483 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk

[2014-04-21 08:25:36 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

[2014-03-13 16:42:23 | 000,007,604 | ---- | C] () -- C:\Users\Asus\AppData\Local\Resmon.ResmonCfg

[2014-02-20 11:37:33 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl

[2014-02-11 00:03:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat

[2014-01-05 23:48:00 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2014-01-05 23:47:40 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2013-12-18 23:33:48 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2013-12-18 19:16:48 | 001,642,188 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013-12-18 00:17:23 | 000,000,123 | ---- | C] () -- C:\Windows\disney.ini

[2013-11-27 10:21:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\IOMAP64.SYS

[2013-09-20 15:11:17 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI

[2013-08-29 15:06:00 | 000,054,627 | ---- | C] () -- C:\Windows\Ascd_log.ini

[2013-08-29 15:04:17 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2013-08-29 15:04:11 | 000,040,338 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

 

========== ZeroAccess Check ==========

 

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013-07-26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013-07-26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 

========== LOP Check ==========

 

[2014-05-19 18:34:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\.minecraft

[2014-03-29 18:13:54 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\AnvSoft

[2014-02-20 14:32:39 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Auslogics

[2014-05-19 18:31:30 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite

[2014-04-16 09:51:12 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Dropbox

[2014-04-16 09:51:12 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DropboxMaster

[2014-05-19 19:51:54 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GG

[2014-01-05 23:46:41 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Leadertech

[2013-08-30 21:32:15 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\LolClient

[2013-12-25 17:53:39 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Medal of Honor Warfighter

[2014-04-03 18:19:55 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\OpenFM

[2014-02-01 16:52:19 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Origin

[2014-04-15 09:54:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Publish Providers

[2014-02-16 15:02:38 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Riot Games

[2014-01-26 20:44:28 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Screaming Bee

[2013-10-15 15:27:11 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\The Creative Assembly

[2014-05-18 15:38:06 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Tropico 3

[2014-01-17 23:10:52 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TS3Client

[2013-09-07 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TuneUp Software

[2014-02-12 21:50:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Tunngle

[2014-02-08 00:09:54 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Unity

[2014-05-19 18:31:30 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\uTorrent

[2014-01-04 13:53:48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Wargaming.net

[2013-09-27 16:26:03 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software

[2013-09-27 16:26:03 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

 

========== Purity Check ==========

 

 

 

< End of report >