wirus

[pat531]

witam potrzebuje szybkiej pomocy na google nie mogę znaleźć, prawdopodobnie mam wirusa który zabrał mi admina i menedżer zadań co mogę zrobić szybko 

[Rzary.]

Przeskanuj komputer w celu znalezienia wirusów, ot filozofia.

[domin3p]

Zrób formata, bo jak namieszał dużo w systemie to tego nie naprawisz, a jeśli da się naprawić to szkoda czasu.

[pat531]

Przeskanuj komputer w celu znalezienia wirusów, ot filozofia.

Dr. Web nic nie wykrył 

 

@domin3p a jak zrobić formata jak nie mam płytki z systemem ? 

[Gość]

DnaloPub kazał przekazać.

 

wykonaj obowiązkowe logi
http://www.mpcforum.pl/topic/679592-tutlogi-co-i-jak/

[pat531]

tutaj z FRST (FRST.txt, Addition.txt i Shortcut.txt)

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-07-2014 01
Ran by Pat (administrator) on PAT-KOMPUTER on 16-07-2014 20:57:28
Running from C:\Users\Pat\Desktop
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ef7356bc77a65e9e\stacsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() E:\Acrylic DNS Proxy\AcrylicService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Hi-Rez Studios) D:\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Razer Inc.) E:\Razer Game Booster\RzKLService.exe
(LogMeIn Inc.) E:\hamachi-2.exe
(LogMeIn, Inc.) E:\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Apple Inc.) E:\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(B***h & B***h) C:\ProgramData\bhib19yc\7z72uuox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(B***h & B***h) C:\ProgramData\bhib19yc\7z72uuox.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(B***h & B***h) C:\ProgramData\bhib19yc\7z72uuox.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5078504 2013-03-04] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [switchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [bCSSync] => E:\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap.dll [1122312 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483422 2009-03-12] (IDT, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => E:\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Run: [LogMeIn Hamachi Ui] => E:\hamachi-2-ui.exe [3816272 2014-07-15] (LogMeIn Inc.)
HKLM\...\Run: [uv4wt2o] => C:\Windows\system32\bhib19yc\7z72uuox.exe [142848 2014-07-15] (B***h & B***h)
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,C:\Windows\system32\bhib19yc\7z72uuox.exe
HKLM\...\Policies\Explorer: [NoViewContextMenu] 1
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\Run: [Google Update] => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-04-01] (Google Inc.)
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\Run: [GoogleChromeAutoLaunch_3761880807D2FC22AB5D1BC4CC332465] => C:\Program Files\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\Run: [Facebook Update] => C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-12] (Facebook Inc.)
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\RunOnce: [1b52a99da94c48b0b9fd46ba7f1971d6] - C:\Users\Pat\AppData\Local\Temp\pjdectjj.x1l.vbs [675 2014-07-16] ()
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\RunOnce: [12447a36ada5478cb8afad669575aeb3] - C:\Users\Pat\AppData\Local\Temp\fmfpwcg3.cwk.vbs [675 2014-07-16] ()
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\RunOnce: [ced2b728243042c881f33f92d3f0e2aa] - C:\Users\Pat\AppData\Local\Temp\5fgol0py.ojx.vbs [675 2014-07-16] ()
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\Policies\Explorer: [NoViewContextMenu] 1
AppInit_DLLs: C:\Program Files\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SEARCH~1.DLL File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\msconfig.exe: [Debugger] dgdpx150.2d2
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\reg.exe: [Debugger] 2qouk4mp.xoy
IFEO\regedit.exe: [Debugger] y0avmxt0.oam
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\taskkill.exe: [Debugger] i2s2gkww.gjf
IFEO\tasklist.exe: [Debugger] 1v4wjpnf.qde
IFEO\taskmgr.exe: [Debugger] yshnpnld.feh
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-page.com/web/?type=ds&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=210&systemid=488&v=a12834-376&apn_uid=3581253102204675&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=210&systemid=488&v=a12834-376&apn_uid=3581253102204675&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKCU - {E6A5F6C6-FE67-4BC8-801C-05CB20FD0230} URL = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61
Tcpip\..\Interfaces\{D0456428-A75F-4E7B-A41F-51B1F8FA468C}: [NameServer]127.0.0.1,192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: sweet-page
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: sweet-page
FF Homepage: hxxp://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=210&systemid=488&v=a12834-376&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=3581253102204675&o=APN11459&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - E:\Mozilla Plugins\npitunes.dll ()
FF Plugin: @esn.me/esnsonar,version=0.70.4 - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin: @esn/npbattlelog,version=2.3.2 - C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.4.0 - C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - E:\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - E:\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 - E:\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Pat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Pat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Pat\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Pat\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Pat\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Pat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Pat\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Pat\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF Extension: Quick Start - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\[email protected] [2014-06-18]
FF Extension: webget - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{9edd0ea8-2819-47c2-8320-b007d5996f8a}.xpi [2014-05-21]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2013-04-01]
FF Extension: Easy YouTube Video Downloader - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013-04-01]
FF Extension: Adblock Plus - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-06]
FF Extension: Greasemonkey - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-09-12]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DAP\daplinkchecker
FF Extension: DAP Link Checker - C:\Program Files\DAP\daplinkchecker [2013-05-20]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\extensions\[email protected]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-04-01]
FF HKCU\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox
FF Extension: Download Accelerator Plus (DAP) extension - C:\Program Files\DAP\DAPFireFox [2013-05-20]
FF StartMenuInternet: FIREFOX.EXE - E:\mozilla\firefox.exe

Chrome:
=======
CHR HomePage: hxxp://start.facemoods.com/?a=ddr
CHR StartupUrls: "hxxp://msn.gazeta.pl/msn/0,0.html?pc=UP21&ocid=UP21DHP&dt=052413", "hxxp://www.search.ask.com/?o=APN11459&gct=hp&d=488-210&v=a12834-376&t=4", "hxxp://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (Facebook App for Google Chrome™) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainkhhbgcdbenmmbaoacambbhjfgnmmm [2013-04-01]
CHR Extension: (Dokumenty Google) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-01]
CHR Extension: (Dysk Google) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-01]
CHR Extension: (YouTube) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-01]
CHR Extension: (Battlefield Heroes) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-03-26]
CHR Extension: (Adblock Plus) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-04-01]
CHR Extension: (Szukaj w Google) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-01]
CHR Extension: (Easy Video Downloader Express) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbcpmdpjjlhppmhfkcgbeanaanipdjbk [2014-02-17]
CHR Extension: (Tampermonkey) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-12-15]
CHR Extension: (Pogoda) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2013-07-02]
CHR Extension: (Zapisz na Dysku Google) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2013-04-01]
CHR Extension: (Pixlr Express) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2013-07-02]
CHR Extension: (KodyRabatowe.pl) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\kafpjghdfockenndmdalblagbonhemkf [2013-04-09]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2013-07-02]
CHR Extension: (Google Hangouts) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-01]
CHR Extension: (Google Wallet) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Battlefield Play4Free) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2013-09-07]
CHR Extension: (Gmail) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-01]
CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files\DAP\DAPChrome\DAPChrome6.crx [2013-05-20]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-18]

========================== Services (Whitelisted) =================

R2 AcrylicController; E:\Acrylic DNS Proxy\AcrylicService.exe [518656 2014-01-04] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1341664 2013-03-04] (ESET)
R2 Hamachi2Svc; E:\hamachi-2.exe [1903952 2014-07-15] (LogMeIn Inc.)
R2 HiPatchService; D:\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19742664 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-03-26] ()
R2 RzKLService; E:\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ef7356bc77a65e9e\STacSV.exe [254036 2009-03-12] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 SafetyNutManager; C:\Program Files\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe [X]
S2 Update webget; "C:\Program Files\webget\updatewebget.exe" [X]
S2 Util webget; "C:\Program Files\webget\bin\utilwebget.exe" [X]
S2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe -service [X]

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278728 2013-07-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-04-02] (DT Soft Ltd)
R3 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171680 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [150080 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [46056 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [47568 2013-02-14] (ESET)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22560 2013-12-03] (REALiX)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2013-07-16] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [34432 2012-10-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [22656 2013-01-31] (ManyCam LLC)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 XFDriver; C:\Program Files\Xfire2\XFDriver.sys [16648 2013-03-14] (XFire)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
S3 cpuz126; \??\C:\Users\Pat\AppData\Local\Temp\cpuz.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 EverestDriver; \??\E:\EVEREST Home Edition\kerneld.wnt [X]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files\Browser Tab Search by Ask\SafetyNut\configmgrc1.cfg [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-16 20:57 - 2014-07-16 20:57 - 00027601 _____ () C:\Users\Pat\Desktop\FRST.txt
2014-07-16 20:57 - 2014-07-16 20:57 - 00000000 ____D () C:\FRST
2014-07-16 20:56 - 2014-07-16 20:57 - 00602112 _____ (OldTimer Tools) C:\Users\Pat\Desktop\OTL.exe
2014-07-16 20:56 - 2014-07-16 20:56 - 01077248 _____ (Farbar) C:\Users\Pat\Desktop\FRST.exe
2014-07-16 20:44 - 2014-07-16 20:47 - 144525024 _____ () C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57 (1).exe
2014-07-16 20:40 - 2014-07-16 20:42 - 144525024 _____ () C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57.exe
2014-07-16 20:00 - 2014-07-16 20:00 - 00000000 ____D () C:\Users\Pat\Doctor Web
2014-07-16 19:54 - 2014-07-16 19:58 - 152160472 _____ () C:\Users\Pat\Desktop\0uiae71b.exe
2014-07-16 19:30 - 2014-07-16 19:46 - 00000000 ___HD () C:\ProgramData\bhib19yc
2014-07-16 19:23 - 2014-07-16 19:47 - 00000840 _____ () C:\Windows\setupact.log
2014-07-16 19:23 - 2014-07-16 19:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 19:21 - 2014-07-16 19:47 - 00000000 ___HD () C:\Windows\system32\bhib19yc
2014-07-16 19:15 - 2014-07-16 19:17 - 00000000 ____D () C:\Users\Pat\Desktop\BoL Studio (2)
2014-07-16 19:14 - 2014-07-16 19:15 - 10339653 _____ () C:\Users\Pat\Desktop\BoL Studio (2).rar
2014-07-16 18:56 - 2014-07-16 18:57 - 14064606 _____ () C:\Users\Pat\Desktop\BOL.rar
2014-07-16 18:31 - 2014-07-16 18:32 - 00000000 ____D () C:\Users\Pat\Desktop\bolfree
2014-07-16 18:01 - 2014-07-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy
2014-07-16 17:53 - 2014-07-16 17:56 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\cloudrop
2014-07-16 15:02 - 2014-07-11 03:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-16 15:02 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-16 15:02 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-16 15:02 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-16 12:39 - 2014-07-16 12:39 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-15 23:08 - 2014-07-15 23:08 - 00000000 ____D () C:\Users\Pat\Documents\MKJogo
2014-07-15 23:06 - 2014-07-15 23:08 - 00001079 _____ () C:\Users\Pat\Desktop\MK LOL.lnk
2014-07-13 05:00 - 2014-07-13 05:00 - 00000000 ____D () C:\Users\Pat\Desktop\Scripts by SeleX
2014-07-13 04:57 - 2014-07-13 04:57 - 00103326 _____ () C:\Users\Pat\Desktop\Scripts by SeleX.rar
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\Program Files\iPod
2014-07-09 13:49 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 13:49 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 13:49 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 13:49 - 2014-06-19 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 13:49 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 13:49 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 13:49 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 13:49 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 13:49 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 13:49 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 13:49 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 13:49 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 13:49 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 13:49 - 2014-06-19 01:23 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 13:49 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 13:49 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 13:49 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 13:49 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 13:49 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 13:49 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 13:49 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 13:49 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 13:49 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 13:49 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 13:49 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 13:49 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 13:49 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 13:49 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 13:49 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 13:49 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 13:49 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 13:49 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 13:49 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 13:49 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 13:49 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-08 19:21 - 2014-07-08 19:21 - 00020290 _____ () C:\Users\Pat\Desktop\addmefast youtube subscriber.rms
2014-07-08 02:29 - 2014-07-06 12:25 - 00000570 _____ () C:\Users\Pat\Desktop\XBMC.lnk
2014-07-06 12:25 - 2014-07-06 12:25 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2014-07-05 11:33 - 2014-07-05 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-05 11:32 - 2014-07-05 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-04 20:56 - 2014-07-04 20:56 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\MPC-HC
2014-07-04 20:55 - 2014-07-04 20:55 - 00000600 _____ () C:\Users\Pat\Desktop\MPC-HC.lnk
2014-07-04 20:55 - 2014-07-04 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-06-28 10:38 - 2014-06-28 10:38 - 00000539 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-06-26 01:31 - 2014-06-26 01:31 - 06762889 _____ () C:\Users\Pat\Desktop\miniTrainer.zip
2014-06-21 14:54 - 2014-06-21 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-06-20 12:31 - 2014-06-20 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-06-20 11:57 - 2014-07-12 15:14 - 00001361 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-20 11:55 - 2014-06-20 11:55 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-19 14:55 - 2014-06-19 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
2014-06-19 10:03 - 2014-06-22 22:55 - 00000000 ____D () C:\Users\Pat\AppData\Local\Adobe
2014-06-18 11:46 - 2014-07-16 20:50 - 00000000 ____D () C:\Program Files\SupTab
2014-06-18 11:46 - 2014-06-20 11:42 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-18 11:46 - 2014-06-18 22:17 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-18 11:46 - 2014-06-18 11:46 - 00000606 _____ () C:\Users\Pat\Desktop\Cheat Engine.lnk
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\Documents\My Cheat Tables
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\sweet-page
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\SupTab
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
2014-06-17 21:02 - 2014-06-17 21:02 - 00000000 ____D () C:\Users\Pat\AppData\Local\WarThunder
2014-06-17 21:02 - 2014-06-17 21:02 - 00000000 ____D () C:\ProgramData\WarThunder
2014-06-17 21:01 - 2014-06-17 21:01 - 00000603 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-06-17 21:01 - 2014-06-17 21:01 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder

==================== One Month Modified Files and Folders =======

2014-07-16 20:57 - 2014-07-16 20:57 - 00027601 _____ () C:\Users\Pat\Desktop\FRST.txt
2014-07-16 20:57 - 2014-07-16 20:57 - 00000000 ____D () C:\FRST
2014-07-16 20:57 - 2014-07-16 20:56 - 00602112 _____ (OldTimer Tools) C:\Users\Pat\Desktop\OTL.exe
2014-07-16 20:56 - 2014-07-16 20:56 - 01077248 _____ (Farbar) C:\Users\Pat\Desktop\FRST.exe
2014-07-16 20:53 - 2013-04-01 15:29 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Skype
2014-07-16 20:50 - 2014-06-18 11:46 - 00000000 ____D () C:\Program Files\SupTab
2014-07-16 20:50 - 2014-06-13 08:10 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-07-16 20:50 - 2014-05-21 16:11 - 00000000 ____D () C:\Program Files\webget
2014-07-16 20:47 - 2014-07-16 20:44 - 144525024 _____ () C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57 (1).exe
2014-07-16 20:42 - 2014-07-16 20:40 - 144525024 _____ () C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57.exe
2014-07-16 20:18 - 2013-04-01 15:20 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-16 20:17 - 2013-04-02 11:35 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA.job
2014-07-16 20:10 - 2013-04-01 21:37 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-16 20:00 - 2014-07-16 20:00 - 00000000 ____D () C:\Users\Pat\Doctor Web
2014-07-16 20:00 - 2013-03-31 21:47 - 00000000 ____D () C:\Users\Pat
2014-07-16 19:58 - 2014-07-16 19:54 - 152160472 _____ () C:\Users\Pat\Desktop\0uiae71b.exe
2014-07-16 19:54 - 2013-03-31 21:49 - 01172164 _____ () C:\Windows\WindowsUpdate.log
2014-07-16 19:53 - 2009-07-14 06:34 - 00021504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-16 19:53 - 2009-07-14 06:34 - 00021504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-16 19:47 - 2014-07-16 19:23 - 00000840 _____ () C:\Windows\setupact.log
2014-07-16 19:47 - 2014-07-16 19:21 - 00000000 ___HD () C:\Windows\system32\bhib19yc
2014-07-16 19:46 - 2014-07-16 19:30 - 00000000 ___HD () C:\ProgramData\bhib19yc
2014-07-16 19:46 - 2014-06-15 13:44 - 00000000 ____D () C:\Users\Pat\AppData\Local\LogMeIn Hamachi
2014-07-16 19:46 - 2014-02-20 02:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-16 19:46 - 2013-07-03 14:37 - 00000440 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-16 19:46 - 2013-04-01 15:20 - 00001028 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-16 19:46 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-16 19:34 - 2013-05-08 20:55 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA.job
2014-07-16 19:23 - 2014-07-16 19:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 19:17 - 2014-07-16 19:15 - 00000000 ____D () C:\Users\Pat\Desktop\BoL Studio (2)
2014-07-16 19:15 - 2014-07-16 19:14 - 10339653 _____ () C:\Users\Pat\Desktop\BoL Studio (2).rar
2014-07-16 19:12 - 2014-02-27 11:53 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\BoL
2014-07-16 18:59 - 2014-02-02 15:47 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-16 18:59 - 2014-02-02 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-16 18:59 - 2014-02-02 15:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-16 18:59 - 2013-04-01 17:49 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\uTorrent
2014-07-16 18:57 - 2014-07-16 18:56 - 14064606 _____ () C:\Users\Pat\Desktop\BOL.rar
2014-07-16 18:32 - 2014-07-16 18:31 - 00000000 ____D () C:\Users\Pat\Desktop\bolfree
2014-07-16 18:07 - 2013-04-01 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-16 18:01 - 2014-07-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy
2014-07-16 17:56 - 2014-07-16 17:53 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\cloudrop
2014-07-16 15:02 - 2013-10-20 23:31 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-16 15:02 - 2013-04-01 17:25 - 00000000 ____D () C:\Program Files\Java
2014-07-16 12:52 - 2013-04-02 11:35 - 00000998 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core.job
2014-07-16 12:39 - 2014-07-16 12:39 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-15 23:08 - 2014-07-15 23:08 - 00000000 ____D () C:\Users\Pat\Documents\MKJogo
2014-07-15 23:08 - 2014-07-15 23:06 - 00001079 _____ () C:\Users\Pat\Desktop\MK LOL.lnk
2014-07-15 23:08 - 2013-11-23 18:57 - 00000052 _____ () C:\Windows\JQHApp.dat
2014-07-15 22:34 - 2013-05-08 20:55 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core.job
2014-07-13 05:25 - 2014-05-07 22:05 - 00000000 ____D () C:\Users\Pat\Desktop\Scripts
2014-07-13 05:00 - 2014-07-13 05:00 - 00000000 ____D () C:\Users\Pat\Desktop\Scripts by SeleX
2014-07-13 04:57 - 2014-07-13 04:57 - 00103326 _____ () C:\Users\Pat\Desktop\Scripts by SeleX.rar
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\Program Files\iPod
2014-07-12 15:14 - 2014-06-20 11:57 - 00001361 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-12 15:14 - 2013-10-19 10:25 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-11 18:29 - 2013-05-18 17:49 - 00000000 ____D () C:\ProgramData\Origin
2014-07-11 18:28 - 2013-05-18 19:08 - 00000000 ____D () C:\Users\Pat\Documents\FIFA 13
2014-07-11 03:02 - 2014-07-16 15:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-11 02:56 - 2014-07-16 15:02 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-11 02:56 - 2014-07-16 15:02 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-11 02:55 - 2014-07-16 15:02 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-10 19:50 - 2013-08-10 01:13 - 00282296 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-07-10 19:50 - 2013-06-11 23:52 - 00282296 _____ () C:\Windows\system32\PnkBstrB.exe
2014-07-10 19:47 - 2013-06-11 23:53 - 00139648 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-07-10 19:47 - 2013-06-11 23:52 - 00282296 _____ () C:\Windows\system32\PnkBstrB.ex0
2014-07-10 19:16 - 2013-11-29 13:58 - 00000000 ____D () C:\Users\Pat\AppData\Local\screenSHU
2014-07-09 23:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-07-09 23:25 - 2009-07-14 06:33 - 03787184 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 23:24 - 2010-11-21 02:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 23:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-07-09 15:44 - 2013-04-11 14:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 15:42 - 2013-07-20 22:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 15:39 - 2013-04-03 15:13 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 13:18 - 2013-05-18 17:43 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\XBMC
2014-07-09 12:09 - 2013-04-01 21:37 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 12:09 - 2013-04-01 21:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 03:20 - 2013-04-01 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-08 19:21 - 2014-07-08 19:21 - 00020290 _____ () C:\Users\Pat\Desktop\addmefast youtube subscriber.rms
2014-07-08 15:08 - 2009-07-14 06:53 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-06 12:25 - 2014-07-08 02:29 - 00000570 _____ () C:\Users\Pat\Desktop\XBMC.lnk
2014-07-06 12:25 - 2014-07-06 12:25 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2014-07-05 11:33 - 2014-07-05 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-05 11:33 - 2013-10-19 10:25 - 00001819 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-05 11:33 - 2013-04-01 17:00 - 00000000 ____D () C:\Program Files\QuickTime
2014-07-05 11:32 - 2014-07-05 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-04 20:56 - 2014-07-04 20:56 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\MPC-HC
2014-07-04 20:55 - 2014-07-04 20:55 - 00000600 _____ () C:\Users\Pat\Desktop\MPC-HC.lnk
2014-07-04 20:55 - 2014-07-04 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-07-04 11:33 - 2013-11-26 01:23 - 00000000 ____D () C:\Users\Pat\Desktop\skrypty do bola
2014-07-03 22:39 - 2011-02-04 16:24 - 00740422 _____ () C:\Windows\system32\perfh015.dat
2014-07-03 22:39 - 2011-02-04 16:24 - 00155996 _____ () C:\Windows\system32\perfc015.dat
2014-07-03 22:39 - 2010-11-20 23:01 - 01670518 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-03 22:05 - 2013-12-18 17:58 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\.minecraft
2014-06-30 12:56 - 2013-04-05 20:13 - 00000000 ____D () C:\Users\Pat\Documents\Euro Truck Simulator 2
2014-06-30 12:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-28 10:38 - 2014-06-28 10:38 - 00000539 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-06-27 15:01 - 2014-03-30 18:12 - 00000000 ____D () C:\Users\Pat\Documents\FIFA World
2014-06-26 01:31 - 2014-06-26 01:31 - 06762889 _____ () C:\Users\Pat\Desktop\miniTrainer.zip
2014-06-25 12:47 - 2013-05-08 20:18 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\GG
2014-06-24 11:51 - 2013-07-16 19:01 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-06-22 22:55 - 2014-06-19 10:03 - 00000000 ____D () C:\Users\Pat\AppData\Local\Adobe
2014-06-22 16:12 - 2013-04-02 13:39 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\DAEMON Tools Lite
2014-06-21 14:54 - 2014-06-21 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-06-21 14:54 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-20 21:39 - 2014-07-09 13:49 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 12:31 - 2014-06-20 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-06-20 12:31 - 2014-06-13 08:10 - 00001251 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-06-20 11:58 - 2013-10-19 10:26 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Apple Computer
2014-06-20 11:57 - 2013-10-18 19:49 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-20 11:55 - 2014-06-20 11:55 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-20 11:54 - 2013-10-18 19:48 - 00000000 ____D () C:\ProgramData\Apple
2014-06-20 11:42 - 2014-06-18 11:46 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-19 14:55 - 2014-06-19 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
2014-06-19 02:16 - 2014-07-09 13:49 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 01:56 - 2014-07-09 13:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 01:56 - 2014-07-09 13:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 01:38 - 2014-07-09 13:49 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 01:37 - 2014-07-09 13:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 01:36 - 2014-07-09 13:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 13:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 01:32 - 2014-07-09 13:49 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 01:28 - 2014-07-09 13:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 13:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 01:25 - 2014-07-09 13:49 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 01:23 - 2014-07-09 13:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 01:23 - 2014-07-09 13:49 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 01:22 - 2014-07-09 13:49 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 01:16 - 2014-07-09 13:49 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 01:12 - 2014-07-09 13:49 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 13:49 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 13:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 00:59 - 2014-07-09 13:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 13:49 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 13:49 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 00:52 - 2014-07-09 13:49 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 00:49 - 2014-07-09 13:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 13:49 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 13:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 13:49 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:13 - 2014-07-09 13:49 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:09 - 2014-07-09 13:49 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:07 - 2014-07-09 13:49 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-18 22:17 - 2014-06-18 11:46 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-18 11:46 - 2014-06-18 11:46 - 00000606 _____ () C:\Users\Pat\Desktop\Cheat Engine.lnk
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\Documents\My Cheat Tables
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\sweet-page
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\SupTab
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
2014-06-18 10:59 - 2013-06-30 16:38 - 00000000 ____D () C:\Windows\system32\directx
2014-06-18 03:51 - 2014-07-09 13:49 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 02:52 - 2014-07-09 13:49 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 21:02 - 2014-06-17 21:02 - 00000000 ____D () C:\Users\Pat\AppData\Local\WarThunder
2014-06-17 21:02 - 2014-06-17 21:02 - 00000000 ____D () C:\ProgramData\WarThunder
2014-06-17 21:01 - 2014-06-17 21:01 - 00000603 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-06-17 21:01 - 2014-06-17 21:01 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-06-17 21:01 - 2013-05-02 17:06 - 00000000 ____D () C:\Users\Pat\Documents\My Games

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Menedľer rozruchu systemu Windows
---------------------------------
Identyfikator {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale pl-PL
inherit {globalsettings}
default {current}
resumeobject {42dda226-9a43-11e2-a046-f01e581a6c31}
displayorder {current}
{42dda22a-9a43-11e2-a046-f01e581a6c31}
toolsdisplayorder {memdiag}
timeout 0

Modu adujĄcy rozruchu systemu Windows
---------------------------------------
Identyfikator {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale pl-PL
inherit {bootloadersettings}
recoverysequence {42dda228-9a43-11e2-a046-f01e581a6c31}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {42dda226-9a43-11e2-a046-f01e581a6c31}
nx OptIn
increaseuserva 2800
sos No

Modu adujĄcy rozruchu systemu Windows
---------------------------------------
Identyfikator {42dda228-9a43-11e2-a046-f01e581a6c31}
device ramdisk=[C:]\Recovery\42dda228-9a43-11e2-a046-f01e581a6c31\Winre.wim,{42dda229-9a43-11e2-a046-f01e581a6c31}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\42dda228-9a43-11e2-a046-f01e581a6c31\Winre.wim,{42dda229-9a43-11e2-a046-f01e581a6c31}
systemroot \windows
nx OptIn
winpe Yes

Wznawianie ze stanu hibernacji
------------------------------
Identyfikator {42dda226-9a43-11e2-a046-f01e581a6c31}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale pl-PL
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Modu testujĄcy pami©† systemu Windows
--------------------------------------
Identyfikator {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Diagnostyka pami©ci systemu Windows
locale pl-PL
inherit {globalsettings}
badmemoryaccess Yes

Sektor rozruchowy trybu rzeczywistego
-------------------------------------
Identyfikator {42dda22a-9a43-11e2-a046-f01e581a6c31}
device partition=D:
path \g2ldr.mbr
description Debian GNU/Linux - Kontynuacja procesu instalacji

Ustawienia usug EMS
--------------------
Identyfikator {emssettings}
bootems Yes

Ustawienia debugera
-------------------
Identyfikator {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Uszkodzenia pami©ci RAM
-----------------------
Identyfikator {badmemory}

Ustawienia globalne
-------------------
Identyfikator {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Ustawienia moduu adujĄcego rozruchu
-------------------------------------
Identyfikator {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Ustawienia funkcji hypervisor
-----------------------------
Identyfikator {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Ustawienia moduu adujĄcego wznawiania
---------------------------------------
Identyfikator {resumeloadersettings}
inherit {globalsettings}

Opcje urzĄdzenia
----------------
Identyfikator {42dda229-9a43-11e2-a046-f01e581a6c31}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\42dda228-9a43-11e2-a046-f01e581a6c31\boot.sdi



LastRegBack: 2014-07-08 00:33

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:15-07-2014 01
Ran by Pat at 2014-07-16 20:58:16
Running from C:\Users\Pat\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Zapora osobista ESET (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
7 Days to Die - Alpha version 4 (HKLM\...\{967E55B4-6DDD-4A2F-BFC7-07F1E327971E}_is1) (Version: 4 - The Fun Pimps LLC)
Ace of Spades (HKLM\...\Steam App 224540) (Version: - Jagex Limited)
Action! (HKLM\...\Mirillis Action!) (Version: 1.12.2 - Mirillis)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Aktualizacje NVIDIA 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM\...\{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Heroes (HKCU\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions)
Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM\...\{DB93E2C2-851F-44B2-B09C-351D2C624AE1}) (Version: 8.0.4.1060 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Clownfish for Skype (HKLM\...\Clownfish) (Version: - )
Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
Counter-Strike 1.6 v48 (HKLM\...\Counter-Strike 1.6) (Version: v48 - CSSetti.pl)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Curse (HKLM\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CWK (Czasowy Wyłącznik Komputera) (HKLM\...\CWK) (Version: 2.52.3.43 - Damian Pasternak)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dead Island (HKLM\...\Steam App 91310) (Version: - Techland)
Dead Space (HKLM\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Detektor Winampa (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
DiceVenture (Remove only) (HKLM\...\{DF55FE2E-3448-46ac-80E4-91FAB4059598}_is1) (Version: 1.0 - CJ Games Global)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10053 (Build 2558) - Speedbit Ltd.)
Duel of Champions (HKLM\...\MMDoC-PDCLive) (Version: - Ubisoft)
Dwarfs F2P (HKLM\...\Steam App 213650) (Version: - Power of 2)
EA Sports FIFA World (HKLM\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 6.3.0.44917 - Electronic Arts, Inc.)
ESET Smart Security (HKLM\...\{0FAB8FFC-69DD-4625-A2D4-7785F9B78DD1}) (Version: 6.0.314.2 - ESET, spol s r. o.)
Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
EXPERTool v8.6 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.6.0.0 - Gainward Co. Ltd.)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.7.0.0 - Electronic Arts)
FIFA 14 Demo (HKLM\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
FormatFactory 3.1.1 (HKLM\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
Game Dev Tycoon v1.3.2 (HKLM\...\Game Dev Tycoon v1.3.21.3.2) (Version: 1.3.2 - Friends in War)
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version: - )
Geeks3D FurMark 1.12.0 (HKLM\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GG (HKCU\...\GG) (Version: 12 - GG Network S.A.)
GhostMouse (HKLM\...\GhostMouse_is1) (Version: Free V3.2.1 - ghost-mouse.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk Plugin (HKLM\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Might and Magic V - Dzikie Hordy (HKLM\...\{ACC75323-DB4A-4f7f-9AF3-1D1DEFF2D1B5}_is1) (Version: - Ubisoft)
Heroes of Might and Magic V - Tribes of the East (HKLM\...\{ACC75323-DB4A-4F7F-9AF3-1D1DEFF2D1B5}) (Version: - )
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.20001.0 - IDT)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KM Wakeup 1.4 MUI (HKLM\...\KM Wakeup) (Version: 1.4 MUI - Marcin Nowok)
League of Legends (HKLM\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.222 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.222 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM\...\LOLReplay) (Version: 0.8.5.1 - www.leaguereplays.com)
Mario Forever 5.01 (HKLM\...\Mario Forever 5.01) (Version: - )
Metin2 (HKLM\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Access MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)
MK LOL (HKCU\...\MK LOL) (Version: - )
MKLOL (HKCU\...\MKLOL) (Version: - )
ModooMarble (Remove only) (HKLM\...\{5C92C8DB-B920-438F-94D8-37492BB8C0A5}_is1) (Version: 1.0 - joygame.com)
Mount&Blade (HKLM\...\Mount&Blade) (Version: - )
Mozilla Firefox 21.0 (x86 pl) (HKLM\...\Mozilla Firefox 21.0 (x86 pl)) (Version: 21.0 - Mozilla)
Mozilla Firefox 29.0.1 (x86 pl) (HKCU\...\Mozilla Firefox 29.0.1 (x86 pl)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 21.0 - Mozilla)
MPC-HC 1.7.5 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.5 - MPC-HC Team)
MSI Afterburner 2.3.1 (HKLM\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM\...\TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1) (Version: 1 - )
Need for Speed™ Most Wanted (HKLM\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (HKLM\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Sterownik 3D Vision 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Obsługa programów Apple (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Origin (HKLM\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
osu! (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Panel sterowania NVIDIA 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
Papers, Please (HKLM\...\GOGPACKPAPERSPLEASE_is1) (Version: 2.0.0.4 - GOG.com)
Path of Exile (HKLM\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.0.1.29801 - Grinding Gear Games)
Path of Exile (HKLM\...\Steam App 238960) (Version: - Grinding Gear Games)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Program ładujący instalator Debiana (HKLM\...\Debian-Installer Loader) (Version: 0.7.4.7+deb7u1 - The Debian Project)
Program Plemiona v. bud. 9852 (HKLM\...\Program Plemiona_is1) (Version: 3 - Paweł Adamski [email protected])
ProxySwitcher Standard (HKLM\...\ProxySwitcher Standard_is1) (Version: 5.9.1 - V-Tech LLC)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
RivaTuner Statistics Server 5.2.0 (HKLM\...\RTSS) (Version: 5.2.0 - Unwinder)
ROCCAT Power-Grid version 0.459 (HKLM\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.459 - ROCCAT GmbH)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Saints Row IV (HKLM\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
screenSHU - the fastest screen capture ever. (HKLM\...\screenSHU) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smite (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2215.6 - Hi-Rez Studios)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version: - Rebellion)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
SpeedUpMyComputer (HKLM\...\SpeedUpMyComputer) (Version: 38.1 - SmartTweak Software) <==== ATTENTION
StarCraft II (HKLM\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM\...\{97A19679-4C07-4B34-8ACB-D5565C3440FC}) (Version: - )
Stronghold 2 Deluxe (HKLM\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.000 - Firefly Studios)
Stronghold Crusader (HKLM\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - )
sweet-page uninstaller (HKLM\...\sweet-page uninstaller) (Version: - sweet-page) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Terraria version 1.2.4.1 (HKLM\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 1.2.4.1 - )
The Binding of Isaac (HKLM\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.632 - Electronic Arts)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{70D90D6A-7373-40DD-BF09-9F0B9C55FA36}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{1B21CC3B-3FE0-4386-B29E-6EF68C45FD9E}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Vegas Movie Studio HD Platinum 10.0 (HKLM\...\{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}) (Version: 10.0.179 - Sony)
Viber (HKCU\...\Viber) (Version: 3.0.0.132799 - Viber Media Inc)
VirtualDJ Home FREE (HKLM\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
War Thunder Launcher 1.0.1.361 (HKLM\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Warcraft III (HKLM\...\Warcraft III) (Version: - Blizzard Entertainment)
webget (HKLM\...\webget) (Version: 2014.05.21.110459 - webget) <==== ATTENTION
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WindowsProtectManger20.0.0.401 (HKLM\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION
WinRAR 4.20 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XBMC (HKCU\...\XBMC) (Version: - Team XBMC)
Xfire 2.0 (HKLM\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM\...\XfireCodec) (Version: - )
YTD Video Downloader 4.8.2 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.2 - GreenTree Applications SRL)

==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0E0A1B71-3D31-4AF3-B71B-45549BB66DAD} - System32\Tasks\{0713C7B3-FE8C-41B7-A936-E8AE0DA912FE} => D:\age of empires\empires2.exe [1927-03-20] (Microsoft Corporation)
Task: {41C61873-3868-4FC5-A9FE-3F90127D39C8} - System32\Tasks\{0379EE24-DCE3-4152-A1AB-EB18BEE52868} => D:\LeagueofLegends.exe
Task: {521013BD-FD95-433D-A820-6C8E50F17348} - System32\Tasks\{395297F3-87A3-4B60-A26F-14DF196CE178} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.107/pl/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {61D7039E-ECF4-4AC4-9195-C04A0AF329F1} - System32\Tasks\EVGAPrecision => E:\EVGA Precision X\EVGAPrecision.exe
Task: {6FF2964E-A2D4-495F-9310-DFE4BFA95CD1} - System32\Tasks\AdobeAAMUpdater-1.0-Pat-Komputer-Pat => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {81EC2651-5117-45D4-9E8D-07999B8FA89C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {97146635-5F3B-4ADF-B214-09E8BF76DC62} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {9EB89911-3024-434B-9E84-91BDBD186C0E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {B03E08BA-D4F7-431B-A105-35BA6F6DF63C} - System32\Tasks\MSIAfterburner => E:\MSI Afterburner\MSIAfterburner.exe [2013-01-23] ()
Task: {B2885F64-8588-4B50-ADBC-7FBF19EB0C18} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D2B12E46-7F80-4D61-8D5A-73ECCD832050} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {DB791E4B-16DF-4C29-96F1-89959C1BBBF2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {DF0E9296-A187-495E-BFFC-4D84D0CA10AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {EB2D7134-F899-474B-B41E-DF25326E2C18} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core => C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-12] (Facebook Inc.)
Task: {EC69B262-EB89-418E-A864-0F046232F049} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA => C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-12] (Facebook Inc.)
Task: {EED94C7E-6CB0-4718-9BDB-48D3B8F02E65} - System32\Tasks\uv4wt2o => C:\Windows\system32\bhib19yc\7z72uuox.exe [2014-07-15] (B***h & B***h)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core.job => C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA.job => C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core.job => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA.job => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-30 21:02 - 2012-09-29 13:24 - 00167936 _____ () C:\Windows\System32\HPM1210LM.DLL
2013-09-30 21:02 - 2012-09-29 13:24 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HPM1210PP.dll
2013-09-30 21:02 - 2012-09-29 13:24 - 02396160 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\hpm1210su.dll
2013-09-30 21:02 - 2012-09-29 13:54 - 00794624 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\HPM1210GC.dll
2014-01-04 00:12 - 2014-01-04 00:12 - 00518656 _____ () E:\Acrylic DNS Proxy\AcrylicService.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-11 23:52 - 2014-03-26 15:45 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2014-06-13 13:19 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 13:19 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 13:19 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\AppInfo => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\AppMgmt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Base => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Boot Bus Extender => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Boot file system => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\CryptSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\DcomLaunch => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\EFS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\EventLog => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\File system => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Filter => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\HelpSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\KeyIso => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Netlogon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\NTDS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\PCI Configuration => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\PlugPlay => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\PNP Filter => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Power => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Primary disk => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\ProfSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\RpcEptMapper => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\RpcSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\sacsvr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\SCSI Class => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\sermouse.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\SWPRV => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\System Bus Extender => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\TabletInputService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\TBS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\TrustedInstaller => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\VDS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\vga.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\vgasave.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\vmms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\volmgr.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\volmgrx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\WinDefend => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\WinMgmt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\WudfPf => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\WudfRd => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\WudfSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{36FC9E60-C465-11CF-8056-444553540000} => ""="Universal Serial Bus controllers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E965-E325-11CE-BFC1-08002BE10318} => ""="CD-ROM Drive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E967-E325-11CE-BFC1-08002BE10318} => ""="DiskDrive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E969-E325-11CE-BFC1-08002BE10318} => ""="Standard floppy disk controller"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E96A-E325-11CE-BFC1-08002BE10318} => ""="Hdc"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E96B-E325-11CE-BFC1-08002BE10318} => ""="Keyboard"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E96F-E325-11CE-BFC1-08002BE10318} => ""="Mouse"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E977-E325-11CE-BFC1-08002BE10318} => ""="PCMCIA Adapters"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E97B-E325-11CE-BFC1-08002BE10318} => ""="SCSIAdapter"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E97D-E325-11CE-BFC1-08002BE10318} => ""="System"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E980-E325-11CE-BFC1-08002BE10318} => ""="Floppy disk drive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{533C5B84-EC70-11D2-9505-00C04F79DEAF} => ""="Volume shadow copy"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} => ""="IEEE 1394 Bus host controllers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{71A27CDD-812A-11D0-BEC7-08002BE2092F} => ""="Volume"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} => ""="Human Interface Devices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{D48179BE-EC20-11D1-B6B8-00C04FA372A7} => ""="SBP2 IEEE 1394 Devices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} => ""="SecurityDevices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\AFD => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\AppInfo => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\AppMgmt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Base => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Boot Bus Extender => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Boot file system => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\bowser => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Browser => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\CryptSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\DcomLaunch => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\dfsc => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Dhcp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\DnsCache => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Dot3Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Eaphost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\EFS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\EventLog => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\File system => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Filter => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\HelpSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\IKEEXT => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\ipnat.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\KeyIso => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\LanmanServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\LanmanWorkstation => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\LmHosts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Messenger => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\MPSDrv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\MPSSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\mrxsmb => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\mrxsmb10 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\mrxsmb20 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NativeWifiP => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NDIS => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NDIS Wrapper => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\ndiscap => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Ndisuio => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetBIOS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetBIOSGroup => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetBT => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetDDEGroup => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Netlogon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetMan => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\netprofm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Network => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetworkProvider => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NlaSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Nsi => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\nsiproxy.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NTDS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\PCI Configuration => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\PlugPlay => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\PNP Filter => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\PNP_TDI => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\PolicyAgent => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Power => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Primary disk => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\ProfSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\rdbss => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\rdpencdd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\rdsessmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\RpcEptMapper => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\RpcSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\sacsvr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\SCardSvr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\SCSI Class => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\sermouse.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Streams Drivers => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\SWPRV => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\System Bus Extender => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\TabletInputService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\TBS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Tcpip => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\TDI => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\TrustedInstaller => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\VaultSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\VDS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\vga.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\vgasave.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\vmms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\volmgr.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\volmgrx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WinDefend => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WinMgmt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Wlansvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WudfPf => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WudfRd => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WudfSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WudfUsbccidDriver => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{36FC9E60-C465-11CF-8056-444553540000} => ""="Universal Serial Bus controllers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E965-E325-11CE-BFC1-08002BE10318} => ""="CD-ROM Drive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E967-E325-11CE-BFC1-08002BE10318} => ""="DiskDrive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E969-E325-11CE-BFC1-08002BE10318} => ""="Standard floppy disk controller"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E96A-E325-11CE-BFC1-08002BE10318} => ""="Hdc"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E96B-E325-11CE-BFC1-08002BE10318} => ""="Keyboard"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E96F-E325-11CE-BFC1-08002BE10318} => ""="Mouse"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E972-E325-11CE-BFC1-08002BE10318} => ""="Net"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E973-E325-11CE-BFC1-08002BE10318} => ""="NetClient"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E974-E325-11CE-BFC1-08002BE10318} => ""="NetService"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E975-E325-11CE-BFC1-08002BE10318} => ""="NetTrans"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E977-E325-11CE-BFC1-08002BE10318} => ""="PCMCIA Adapters"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E97B-E325-11CE-BFC1-08002BE10318} => ""="SCSIAdapter"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E97D-E325-11CE-BFC1-08002BE10318} => ""="System"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E980-E325-11CE-BFC1-08002BE10318} => ""="Floppy disk drive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{50DD5230-BA8A-11D1-BF5D-0000F805F530} => ""="Smart card readers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{533C5B84-EC70-11D2-9505-00C04F79DEAF} => ""="Volume shadow copy"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} => ""="IEEE 1394 Bus host controllers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{71A27CDD-812A-11D0-BEC7-08002BE2092F} => ""="Volume"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} => ""="Human Interface Devices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{D48179BE-EC20-11D1-B6B8-00C04FA372A7} => ""="SBP2 IEEE 1394 Devices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} => ""="SecurityDevices"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^Users^Pat^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pat^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ChicaPasswordManager => "C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
MSCONFIG\startupreg: ChomikBox => C:\Program Files\ChomikBox\ChomikBox.exe
MSCONFIG\startupreg: Clownfish => "C:\Program Files\Clownfish\Clownfish.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: EADM => "E:\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GG => "C:\Users\Pat\AppData\Local\GG\Application\gghub.exe"
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: googletalk => C:\Users\Pat\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: iTunesHelper => "E:\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "E:\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: ManyCam => "C:\Program Files\ManyCam\Bin\ManyCam.exe" /silent
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Pando Media Booster => "C:\Program Files\Pando Networks\Media Booster\PMB.exe"
MSCONFIG\startupreg: PSwitch => E:\Proxy Switcher Standard\ProxySwitcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RazerGameBooster => E:\Razer Game Booster\RazerGameBooster.exe -autorun
MSCONFIG\startupreg: RocketDock => "E:\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: screenSHU => "E:\screenSHU\screenSHU.exe" --hidden
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
MSCONFIG\startupreg: Steam => "D:\steam\Steam.exe" -silent
MSCONFIG\startupreg: TBPanel => "C:\Program Files\EXPERTool\TBPanel.exe" /A
MSCONFIG\startupreg: uTorrent => "C:\Users\Pat\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: Viber => "C:\Users\Pat\AppData\Local\Viber\Viber.exe" StartMinimized

==================== Faulty Device Manager Devices =============

Name: Kontroler PCI Simple Communications
Description: Kontroler PCI Simple Communications
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: F06DEFF2-5B9C-490D-910F-35D3A91196222
Description: F06DEFF2-5B9C-490D-910F-35D3A91196222
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: F06DEFF2-5B9C-490D-910F-35D3A91196222
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/16/2014 07:47:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 07:31:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 07:24:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 07:23:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (2308) WebCacheLocal: Wystąpił błąd -1811 podczas otwierania pliku dziennika C:\Users\Pat\AppData\Local\Microsoft\Windows\WebCache\V010021D.log.

Error: (07/16/2014 07:23:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (07/16/2014 07:23:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (07/16/2014 07:23:18 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (07/16/2014 06:53:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 06:44:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 06:40:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.


Microsoft Office Sessions:
=========================
Error: (07/16/2014 07:47:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 07:31:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 07:24:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 07:23:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost2308WebCacheLocal: C:\Users\Pat\AppData\Local\Microsoft\Windows\WebCache\V010021D.log-1811

Error: (07/16/2014 07:23:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (07/16/2014 07:23:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (07/16/2014 07:23:18 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (07/16/2014 06:53:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 06:44:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 06:40:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 54%
Total physical RAM: 3325.79 MB
Available physical RAM: 1528.83 MB
Total Pagefile: 7420.08 MB
Available Pagefile: 5072.32 MB
Total Virtual: 2799.88 MB
Available Virtual: 2630.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:59.53 GB) (Free:7.44 GB) NTFS
Drive d: (gry) (Fixed) (Total:465.76 GB) (Free:237.88 GB) NTFS
Drive e: (programy) (Fixed) (Total:298.09 GB) (Free:277.81 GB) NTFS
Drive i: (zdjęcia,muzyka,filmy) (Fixed) (Total:232.88 GB) (Free:155.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 0CFF9EF4)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: 00070423)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 3EBF3EBE)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 233 GB) (Disk ID: 100F59DC)
Partition 1: (Not Active) - (Size=233 GB) - (Type=OF Extended)

==================== End Of Log ============================

 

 

 

Users shortcut scan result (x86) Version:15-07-2014 01
Ran by Pat at 2014-07-16 21:02:29
Running from C:\Users\Pat\Desktop
Boot Mode: Normal
==================== Shortcuts =============================

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Download Accelerator Plus (DAP).lnk -> C:\Program Files\DAP\DAP.exe (Speedbit Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Softendo Games World.lnk -> D:\mario\Mario Forever 5.01\Data\Softendo.com.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk -> I:\Photoshop\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk -> I:\Photoshop\Adobe Device Central CS5\DeviceCentral.exe (Adobe Systems Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk -> C:\Program Files\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk -> I:\Photoshop\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files\Adobe\Adobe Help\Adobe Help.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk -> I:\Photoshop\Adobe Photoshop CS5\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> E:\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CWK.lnk -> E:\czasowy wylacznij\CWK.exe (Damian Pasternak)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk -> E:\JDownloader\JDUninstall.exe (AppWork GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk -> E:\JDownloader\JDUpdate.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk -> E:\JDownloader\JDownloaderPortable.exe (AppWork GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\Uninstall.lnk -> C:\Program Files\GreenTree Applications\YTD Video Downloader\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk -> C:\Program Files\GreenTree Applications\YTD Video Downloader\ytd.exe (GreenTree Applications SRL)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire2\Xfire.lnk -> C:\Program Files\Xfire2\Xfire.exe (Xfire Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Co nowego.lnk -> E:\Winamp\whatsnew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Odinstaluj Winampa.lnk -> E:\Winamp\UninstWA.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp.lnk -> E:\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III\Pomoc techniczna firmy Blizzard.lnk -> D:\WARCRAFT\Warcraft III\TechSupport.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III\Warcraft III — dezinstalacja.lnk -> C:\Program Files\Common Files\Blizzard Entertainment\Warcraft III\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III\Warcraft III — edytor światów.lnk -> D:\WARCRAFT\Warcraft III\World Editor.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III\Warcraft III — rejestracja.lnk -> D:\WARCRAFT\Warcraft III\Register Warcraft III.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III\Warcraft III.lnk -> D:\WARCRAFT\Warcraft III\Warcraft III.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Czytaj.to (Readme).lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Readme 3.0.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Deinstalacja programu Heroes of Might and Magic V - Dzikie Hordy.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Edytor map.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\bin\H5_MapEditor.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Heroes of Might and Magic V - Dzikie Hordy.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\bin\H5_Game.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Podręcznik do gry.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Game Manual 3.0.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Uaktualnienia.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\bin\UpgradeLauncher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Zarejestruj grę.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\registration\RegistrationReminder.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Zawartość stworzona przez fanów\Instrukcja stworzona przez fanów.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\FanDocuments\Heroes5_Manual_3.0.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Zawartość stworzona przez fanów\Koło talentów.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\FanDocuments\Skillwheel.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Linki\Strona internetowa developera.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Web\Developer.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Linki\Strona internetowa gry.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Web\Game.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Linki\Strona internetowa Wydawcy.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Web\Publisher.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Generator losowych map.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_RMG_Tutorial.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Kampanie graczy.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_Users_Campaign_Editor.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Powtórki dialogów.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_Dialogs_Replay.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Powtórki walk.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_Combat_Replay.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Tryb obserwatora.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_Spectator_Mode.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Instrukcje Edytora\Funkcje Skryptów.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_Script_Functions.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Instrukcje Edytora\ID Skryptów.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_IDs_for_Scripts.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Instrukcje Edytora\Kody (cheats).lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_CheatCodes.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Instrukcje Edytora\Nowe funkcje skryptów.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_A2_Script_Functions.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Instrukcje Edytora\Nowe ID skryptów.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_A2_IDs_for_Scripts.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Instrukcje Edytora\Pojedynki własne.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_Preset_Editor.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Instrukcje Edytora\Poradnik do Edytora.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_Editor_Practical_Guide.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Instrukcje Edytora\Poziom bohatera i doświadczenie.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_Hero_Level_and_Experience.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\Instrukcje\Instrukcje Edytora\Teoria Edytora.lnk -> D:\Heroes of Might and Magic V - Dzikie Hordy\Editor Documentation\HOMM5_Editor_Theory.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terraria\Terraria.lnk -> D:\Terraria\Terraria.exe (Re-Logic)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terraria\Uninstall Terraria.lnk -> D:\Terraria\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 8.lnk -> C:\Windows\Installer\{DB93E2C2-851F-44B2-B09C-351D2C624AE1}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Studio 8.lnk -> C:\Windows\Installer\{DB93E2C2-851F-44B2-B09C-351D2C624AE1}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> E:\teamspeak\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> E:\teamspeak\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.lnk -> C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C92.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\Pomoc techniczna Blizzard.lnk -> C:\Program Files\StarCraft II\Support\TechSupport.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\Publiczny serwer testowy StarCraft II.lnk -> C:\Program Files\StarCraft II\StarCraft II Public Test.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II - Edytor Map.lnk -> C:\Program Files\StarCraft II\Support\SC2Editor.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II - Instrukcja.lnk -> C:\Program Files\StarCraft II\Support\Manual.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II.lnk -> D:\StarCraft II\StarCraft II.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\Zarządzanie kontem Battle.net.lnk -> C:\Program Files\StarCraft II\Support\BattlenetAccount.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Help and HOW-TO.lnk -> E:\SpeedFan\speedfan.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Release info.lnk -> E:\SpeedFan\speedfan.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\SpeedFan.lnk -> E:\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Uninstall SpeedFan.lnk -> E:\SpeedFan\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Movie Studio HD Platinum 10.0\Vegas Movie Studio HD Platinum 10.0 Readme.lnk -> E:\sonyvegas movie studio\Readme\Vegas_Movie_Studio_readme.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Movie Studio HD Platinum 10.0\Vegas Movie Studio HD Platinum 10.0.lnk -> E:\sonyvegas movie studio\VegasMovieStudioPE100.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Movie Studio HD Platinum 10.0\Video Capture 6.0 Readme.lnk -> E:\sonyvegas movie studio\Readme\Videocapture_readme.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer\San Andreas Multiplayer.lnk -> D:\GTA SAN ANDREAS\samp.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer\Uninstall.lnk -> D:\GTA SAN ANDREAS\SAMPUninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rome - Total War\Rimuovi Rome - Total War.lnk -> C:\Program (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rome - Total War\Rome - Total War.lnk -> D:\total war\RomeTW.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rome - Total War\Aiuto per Rome - Total War\Assistenza clienti.lnk -> D:\total war\Docs\Help\Tech Help\Customer Support\Customer_support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rome - Total War\Aiuto per Rome - Total War\Readme.lnk -> D:\total war\Docs\Help\Readme\readme.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rome - Total War\Aiuto per Rome - Total War\Sistema di aiuto per Rome - Total War.lnk -> D:\total war\Docs\Help\index.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Power-Grid\ROCCAT Power-Grid.lnk -> D:\Power-Grid\ROCCATPowerGrid.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Game Booster\Razer Game Booster.lnk -> E:\Razer Game Booster\RazerGameBooster.exe (Razer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\O programie QuickTime.lnk -> C:\Windows\Installer\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard\Anonymous Surfing Tutorial.lnk -> E:\Proxy Switcher Standard\AnSurf.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard\License.lnk -> E:\Proxy Switcher Standard\License.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard\ProxySwitcher Standard Help.lnk -> E:\Proxy Switcher Standard\psw.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard\Readme.lnk -> E:\Proxy Switcher Standard\ReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard\Setting Up Mozilla FireFox Tutorial.lnk -> E:\Proxy Switcher Standard\FireFox.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard\Uninstall ProxySwitcher Standard.lnk -> E:\Proxy Switcher Standard\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Program Plemiona\Deinstalacja programu Program Plemiona.lnk -> E:\Program Plemiona\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Program Plemiona\Program Plemiona.lnk -> E:\Program Plemiona\plemiona.exe (program-plemiona.pl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Program Plemiona\www\Strona WWW programu Program Plemiona.lnk -> E:\Program Plemiona\Program Plemiona.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\PhotoScape.lnk -> C:\Program Files\PhotoScape\PhotoScape.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\Uninstall PhotoScape.lnk -> C:\Program Files\PhotoScape\uninstall.exe (Mooii)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle\Peggle End User License Agreement.lnk -> D:\Origin Games\Peggle Deluxe\Support\eula\en_US_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle\Peggle.lnk -> D:\Origin Games\Peggle Deluxe\Peggle.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle\Technical Support.lnk -> D:\Origin Games\Peggle Deluxe\Support\EA Help\Technical Support.en_US.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!\osu! updater.lnk -> D:\osume.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!\osu!.lnk -> D:\osu!.exe (ppy)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> E:\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Usuń Origin.lnk -> E:\Origin\OriginUninstall.exe (Electronic Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> E:\Notepad++\notepad++.exe (Don HO [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewFeature1\Riot Games\Graj w League of Legends.lnk -> D:\League of Legends\League of Legends\lol.launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetmarbleMena\ModooMarble\ModooMarble.lnk -> D:\ModooMarble\MMGUpdater.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted\Need for Speed™ Most Wanted.lnk -> D:\Origin Games\Need for Speed Most Wanted\NFS13.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted\Plik Przeczytaj.lnk -> D:\Origin Games\Need for Speed Most Wanted\Support\readme\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted\Pomoc techniczna.lnk -> D:\Origin Games\Need for Speed Most Wanted\Support\EA Help\Pomoc techniczna.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted\Umowa użytkownika Need for Speed™ Most Wanted.lnk -> D:\Origin Games\Need for Speed Most Wanted\Support\eula\pl_PL_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\Changelog.lnk -> E:\MPC-HC\Changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\Deinstalacja programu MPC-HC.lnk -> E:\MPC-HC\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\MPC-HC.lnk -> E:\MPC-HC\mpc-hc.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade\Mount&Blade.lnk -> D:\Mount&Blade\mount&blade.exe ( Taleworlds Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade\Uninstall.lnk -> D:\Mount&Blade\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis\Action!\Action!.lnk -> C:\Program Files\Mirillis\Action!\Action.exe (Mirillis Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis\Action!\User Manual JP.lnk -> C:\Program Files\Mirillis\Action!\Action!_User_Manual_JP.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis\Action!\User Manual.lnk -> C:\Program Files\Mirillis\Action!\Action!_User_Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> C:\Users\Pat\AppData\Roaming\.minecraft\Minecraft.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Centrum Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Certyfikat cyfrowy dla projektów VBA.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Preferencje językowe pakietu Microsoft Office 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II - The Conquerors Expansion\Age of Empires II - The Conquerors Expansion Readme.lnk -> D:\age of empires\Readmex.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II - The Conquerors Expansion\The Conquerors.lnk -> D:\age of empires\age2_x1\age2_x1.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II\Age of Empires II Readme.lnk -> D:\age of empires\Readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II\Age of Empires II.lnk -> D:\age of empires\empires2.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2\Metin2.lnk -> D:\GameforgeLive\GameforgeLive.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Girls Games.lnk -> D:\mario\Mario Forever 5.01\Data\Girls Games.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Legend of Zelda Games.lnk -> D:\mario\Mario Forever 5.01\Data\Legend of Zelda Games.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Mario Forever Games.lnk -> D:\mario\Mario Forever 5.01\Data\Mario Forever.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Megaman Games.lnk -> D:\mario\Mario Forever 5.01\Data\Megaman.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Metal Gear Solid Games.lnk -> D:\mario\Mario Forever 5.01\Data\Metal Gear Solid Games.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Metal Slug Games.lnk -> D:\mario\Mario Forever 5.01\Data\Metal Slug.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Naruto Games.lnk -> D:\mario\Mario Forever 5.01\Data\Naruto.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Scooby Doo Games.lnk -> D:\mario\Mario Forever 5.01\Data\Scooby Doo.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Sonic Games.lnk -> D:\mario\Mario Forever 5.01\Data\Sonic Games.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Spongebob Games.lnk -> D:\mario\Mario Forever 5.01\Data\Spongebob.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.01\Game Database\Super Mario Games.lnk -> D:\mario\Mario Forever 5.01\Data\Super Mario.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> E:\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> D:\lol.launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KM Wakeup\Deinstalacja.lnk -> C:\Program Files\KM Wakeup\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KM Wakeup\Historia zmian.lnk -> C:\Program Files\KM Wakeup\historia.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KM Wakeup\Informacje.lnk -> C:\Program Files\KM Wakeup\czytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KM Wakeup\KM Wakeup.lnk -> C:\Program Files\KM Wakeup\kmwakeup.exe (kmtools.win-os.pl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KM Wakeup\Pomoc.lnk -> C:\Program Files\KM Wakeup\kmwakeupPL.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> E:\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\O programie iTunes….lnk -> E:\iTunes.Resources\pl.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Zdjęcia iCloud.lnk -> C:\Program Files\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Hi-Rez Diagnostics and Support.lnk -> D:\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone\Hearthstone.lnk -> C:\Program Files\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune Manual.lnk -> E:\HD Tune\hdtune.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune on the Web.lnk -> E:\HD Tune\HDTune.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune.lnk -> E:\HD Tune\HDTune.exe (EFD Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\Uninstall HD Tune.lnk -> E:\HD Tune\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games\Path of Exile.lnk -> D:\Path of Exile\PathOfExile.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Stronghold Crusader Extreme HD\Language Setup.lnk -> C:\GOG Games\Stronghold Crusader Extreme HD\Language Setup.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Stronghold Crusader Extreme HD\Stronghold Crusader Extreme HD.lnk -> C:\GOG Games\Stronghold Crusader Extreme HD\Stronghold_Crusader_Extreme.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Stronghold Crusader Extreme HD\Stronghold Crusader HD.lnk -> C:\GOG Games\Stronghold Crusader Extreme HD\Stronghold Crusader.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Stronghold Crusader Extreme HD\Uninstall Stronghold Crusader Extreme HD.lnk -> C:\GOG Games\Stronghold Crusader Extreme HD\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Stronghold Crusader Extreme HD\Documents\Manual.lnk -> C:\GOG Games\Stronghold Crusader Extreme HD\manual\manual.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Stronghold Crusader Extreme HD\Documents\Readme.lnk -> C:\GOG Games\Stronghold Crusader Extreme HD\Readme.html (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Papers, Please\Papers, Please.lnk -> C:\GOG Games\Papers, Please\PapersPlease.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Papers, Please\Uninstall Papers, Please.lnk -> C:\GOG Games\Papers, Please\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Papers, Please\Documents\Readme.lnk -> C:\GOG Games\Papers, Please\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GhostMouse\GhostMouse Free.lnk -> E:\GhostMouse\GhostMouse.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GhostMouse\Support.lnk -> E:\GhostMouse\Support.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GhostMouse\Uninstall GhostMouse Free.lnk -> E:\GhostMouse\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.12.0\FurMark.lnk -> E:\FurMark_1.12.0\FurMark.exe (Geeks3D (www.geeks3d.com))
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.12.0\Uninstall FurMark.lnk -> E:\FurMark_1.12.0\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\GameSpy Arcade.lnk -> E:\Program Files\GameSpy Arcade\Aphex.exe (GameSpy Industries, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\Uninstall GameSpy Arcade.lnk -> E:\Program Files\GameSpy Arcade\UNWISE.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold Crusader\Readme.lnk -> D:\stronghold crusader\Readme.doc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold Crusader\Stronghold Crusader.lnk -> D:\stronghold crusader\Stronghold Crusader.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold Crusader\Uninstall.lnk -> C:\Program Files\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\Setup.exe (InstallShield Software Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold 2\Play Stronghold 2.lnk -> D:\stronghold 2\Stronghold2.exe (Firefly Studios)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold 2\Uninstall Stronghold 2.lnk -> C:\Program Files\InstallShield Installation Information\{16D2C649-CBA8-44EE-B730-12584667D487}\setup.exe (Macrovision Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold 2\View Readme.lnk -> D:\stronghold 2\readme_en.doc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold\Readme.lnk -> D:\stronghold\stronghold readme.doc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold\Stronghold.lnk -> D:\stronghold\stronghold.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold\Uninstall.lnk -> C:\Program Files\InstallShield Installation Information\{97A19679-4C07-4B34-8ACB-D5565C3440FC}\Setup.exe (InstallShield Software Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14 Demo\FIFA 14 Demo.lnk -> D:\Origin Games\FIFA 14 Demo\Game\fifa14_demo.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14 Demo\Plik Przeczytaj.lnk -> D:\Origin Games\FIFA 14 Demo\Support\readme\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14 Demo\Pomoc techniczna.lnk -> D:\Origin Games\FIFA 14 Demo\Support\EA Help\Pomoc techniczna.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool\EXPERTool.lnk -> C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co. Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool\Uninstall EXPERTool.lnk -> C:\Program Files\EXPERTool\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Graj w Euro Truck Simulator 2.lnk -> D:\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Instrukcja do gry Euro Truck Simulator 2.lnk -> D:\Euro Truck Simulator 2\manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Postępowanie awaryjne\Postępowanie awaryjne - DirectX.lnk -> D:\Euro Truck Simulator 2\bin\win_x86\troubleshoot_dx9.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Postępowanie awaryjne\Postępowanie awaryjne - OpenGL.lnk -> D:\Euro Truck Simulator 2\bin\win_x86\troubleshoot_gl.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Postępowanie awaryjne\Postępowanie awaryjne - Tryb awaryjny.lnk -> D:\Euro Truck Simulator 2\bin\win_x86\troubleshoot_safe.cmd ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Dokumentacja.lnk -> C:\Program Files\ESET\ESET Smart Security\eset.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET Smart Security.lnk -> C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET SysInspector.lnk -> C:\Program Files\ESET\ESET Smart Security\SysInspector.exe (ESET)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\ESET SysRescue.lnk -> C:\Program Files\ESET\ESET Smart Security\SysRescue.exe (ESET)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Umowa Licencyjna.lnk -> C:\Program Files\ESET\ESET Smart Security\eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World\EA Sports FIFA World.lnk -> D:\Origin Games\FIFA World\fifaworld.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World\Plik Przeczytaj.lnk -> D:\Origin Games\FIFA World\Support\readme\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World\Pomoc techniczna.lnk -> D:\Origin Games\FIFA World\Support\EA Help\Pomoc techniczna.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World\Umowa użytkownika EA Sports FIFA World.lnk -> D:\Origin Games\FIFA World\Support\eula\pl_PL_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher\Duel of Champions Launcher Website.lnk -> D:\MMDoC-PDCLive\MMDoC-PDCLive website.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher\Duel of Champions Launcher.lnk -> D:\MMDoC-PDCLive\Launcher.exe (Ubisoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher\Uninstall Duel of Champions Launcher.lnk -> D:\MMDoC-PDCLive\uninstall.exe (Ubisoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Accelerator Plus (DAP)\DAP Update.lnk -> C:\Program Files\DAP\dapupd.exe (Speedbit Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Accelerator Plus (DAP)\Download Accelerator Plus.lnk -> C:\Program Files\DAP\DAP.exe (Speedbit Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space\Dead Space.lnk -> D:\Origin Games\Dead Space\Dead Space.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space\Plik Przeczytaj.lnk -> D:\Origin Games\Dead Space\Support\readme\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space\Pomoc techniczna.lnk -> D:\Origin Games\Dead Space\Support\EA Help\Pomoc techniczna.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space\Umowa użytkownika Dead Space.lnk -> D:\Origin Games\Dead Space\Support\eula\pl_PL_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> E:\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DTGadget.lnk -> E:\DAEMON Tools Lite\DT.gadget ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\SPTD Setup.lnk -> E:\DAEMON Tools Lite\SPTDinst-x86.exe (Duplex Secure Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cry of Fear\Launch Cry of Fear.lnk -> D:\cry of fear\CryOfFear\CoFLaunchApp.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> E:\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> E:\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Counter-Strike 1.6.lnk -> D:\cs 1.6\cstrike.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Uninstall Counter-Strike 1.6.lnk -> D:\cs 1.6\Uninstal.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish\Clownfish.lnk -> C:\Program Files\Clownfish\Clownfish.exe (Bogdan Sharkov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish\Uninstall.lnk -> C:\Program Files\Clownfish\uninstall.exe (Shark Labs)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3 (32-bit).lnk -> E:\Cheat Engine 6.3\cheatengine-i386.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3 (64-bit).lnk -> E:\Cheat Engine 6.3\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3.lnk -> E:\Cheat Engine 6.3\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine help.lnk -> E:\Cheat Engine 6.3\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine tutorial.lnk -> E:\Cheat Engine 6.3\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Reset settings.lnk -> E:\Cheat Engine 6.3\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Uninstall Cheat Engine.lnk -> E:\Cheat Engine 6.3\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Kernel stuff\Unload kernel module.lnk -> E:\Cheat Engine 6.3\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Battlefield 3.lnk -> D:\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\EA EULA.lnk -> D:\Origin Games\Battlefield 3\Support\eula\ru_RU_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Readme.lnk -> D:\Origin Games\Battlefield 3\Support\readme\readme.ru.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Техническая поддержка.lnk -> D:\Origin Games\Battlefield 3\Support\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> D:\heartstone\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Media Player.lnk -> C:\Program Files\Adobe Media Player\Adobe Media Player.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy\Uninstall\Uninstall.lnk -> E:\Acrylic DNS Proxy\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy\Support\Advanced Support Tools\Run Acrylic Console Version.lnk -> E:\Acrylic DNS Proxy\AcrylicConsole.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7 Days to Die\7 Days to Die - Alpha.lnk -> D:\7DaysToDie-Alpha\7DaysToDie.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7 Days to Die\Uninstall 7 Days to Die - Alpha.lnk -> D:\7DaysToDie-Alpha\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\PlayTasks\3\Centrum Pomocy.lnk -> D:\sims3\Support\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\sims3\Support\pl_EULA.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\PlayTasks\1\Przeczytaj.lnk -> D:\sims3\Support\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\PlayTasks\0\Play.lnk -> D:\sims3\Game\Bin\Sims3Launcher.exe (EA.com)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Pat\Links\Desktop.lnk -> C:\Users\Pat\Desktop ()
Shortcut: C:\Users\Pat\Links\Downloads.lnk -> C:\Users\Pat\Downloads ()
Shortcut: C:\Users\Pat\Links\Dysk Google.lnk -> C:\Users\Pat\Dysk Google ()
Shortcut: C:\Users\Pat\Links\GG dysk (pat53-onet_pl).lnk -> C:\Users\Pat\GG dysk (pat53-onet_pl) ()
Shortcut: C:\Users\Pat\Links\GG dysk.lnk -> C:\Users\Pat\GG dysk ()
Shortcut: C:\Users\Pat\Favorites\GG dysk (pat53-onet_pl).lnk -> C:\Users\Pat\GG dysk (pat53-onet_pl) ()
Shortcut: C:\Users\Pat\Favorites\GG dysk.lnk -> C:\Users\Pat\GG dysk ()
Shortcut: C:\Users\Pat\Documents\StarCraft II\[email protected] -> C:\Users\Pat\Documents\StarCraft II\Accounts\133068094\2-S2-1-3001577 ()
Shortcut: C:\Users\Pat\Documents\Euro Truck Simulator 2\readme.rtf.lnk -> D:\readme.rtf (No File)
Shortcut: C:\Users\Pat\Desktop\Action — skrót (2).lnk -> C:\Program Files\Mirillis\Action!\Action.exe (Mirillis Ltd.)
Shortcut: C:\Users\Pat\Desktop\Adobe Photoshop CS5.lnk -> I:\Photoshop\Adobe Photoshop CS5\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Pat\Desktop\Cheat Engine.lnk -> E:\Cheat Engine 6.3\Cheat Engine.exe ()
Shortcut: C:\Users\Pat\Desktop\Clownfish.lnk -> C:\Program Files\Clownfish\Clownfish.exe (Bogdan Sharkov)
Shortcut: C:\Users\Pat\Desktop\Curse.lnk -> C:\Users\Pat\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Shortcut: C:\Users\Pat\Desktop\DAEMON Tools Lite.lnk -> E:\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\Pat\Desktop\Dysk Google.lnk -> C:\Users\Pat\Dysk Google ()
Shortcut: C:\Users\Pat\Desktop\FIFA 13.lnk -> D:\Origin Games\FIFA 13\Game\fifa13.exe (Electronic Arts)
Shortcut: C:\Users\Pat\Desktop\Fraps.lnk -> D:\fraps\fraps.exe (Beepa P/L)
Shortcut: C:\Users\Pat\Desktop\FurMark.lnk -> E:\FurMark_1.12.0\FurMark.exe (Geeks3D (www.geeks3d.com))
Shortcut: C:\Users\Pat\Desktop\KM Wakeup.lnk -> C:\Program Files\KM Wakeup\kmwakeup.exe (kmtools.win-os.pl)
Shortcut: C:\Users\Pat\Desktop\maks opowiada.lnk -> I:\muzyka\lololo ()
Shortcut: C:\Users\Pat\Desktop\MK LOL.lnk -> C:\Program Files\MKJogo\MKLOL\Bin\MKIM.exe ()
Shortcut: C:\Users\Pat\Desktop\MPC-HC.lnk -> E:\MPC-HC\mpc-hc.exe (MPC-HC Team)
Shortcut: C:\Users\Pat\Desktop\Origin.lnk -> E:\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Pat\Desktop\Spambot+v2.0+-by+IQONMAN — skrót.lnk -> E:\Spambot+v2.0+-by+IQONMAN\Spambot+v2.0+-by+IQONMAN ()
Shortcut: C:\Users\Pat\Desktop\TeamSpeak 3 Client.lnk -> E:\TS3\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Pat\Desktop\Viber.lnk -> C:\Users\Pat\AppData\Local\Viber\Viber.exe ()
Shortcut: C:\Users\Pat\Desktop\VirtualDJ Home FREE.lnk -> E:\virtualdj_home.exe (Atomix Productions)
Shortcut: C:\Users\Pat\Desktop\XBMC.lnk -> E:\XBMC\XBMC.exe (Team XBMC)
Shortcut: C:\Users\Pat\Desktop\XenoXT2Client_13_04_2012_by_Pawemol — skrót.lnk -> D:\XenoXT2Client_13_04_2012_by_Pawemol ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Pat\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk -> C:\Users\Pat\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Pat\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\screenSHU.lnk -> E:\screenSHU\screenSHU.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC\Uninstall XBMC.lnk -> E:\XBMC\Uninstall.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC\XBMC.lnk -> E:\XBMC\XBMC.exe (Team XBMC)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Deinstalacja programu War Thunder.lnk -> D:\WarThunder\unins000.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> D:\WarThunder\launcher.exe (Gaijin Entertainment)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac\The Binding of Isaac.lnk -> D:\the binding of isaac\The Binding of Isaac\Binding_of_Isaac.exe (Edmund Mcmillen & Florian Himsl )
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac\Uninstall.lnk -> D:\the binding of isaac\The Binding of Isaac\TDU.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria\Dedicated Server.lnk -> D:\start-server.bat ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria\Terraria.lnk -> D:\Terraria.exe (Re-Logic)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z\TechPowerUp GPU-Z.lnk -> E:\GPU-Z\GPU-Z.exe (techPowerUp (www.techpowerup.com))
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z\Uninstall.lnk -> E:\GPU-Z\uninstall.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> E:\TS3\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> E:\TS3\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\ReadMe.lnk -> E:\RivaTuner Statistics Server\Doc\ReadMe.pdf ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\RivaTuner Statistics Server.lnk -> E:\RivaTuner Statistics Server\RTSS.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\Uninstall.lnk -> E:\RivaTuner Statistics Server\Uninstall.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server localization reference.lnk -> E:\RivaTuner Statistics Server\SDK\Doc\Localization reference.pdf ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server skin format reference.lnk -> E:\RivaTuner Statistics Server\SDK\Doc\USF skin format reference.pdf ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\Samples.lnk -> E:\RivaTuner Statistics Server\SDK\Samples ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs\More Portable Programs.lnk -> C:\Program Files\1-click run\More Portable Programs.url ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner On-Screen Display Server.lnk -> E:\MSI Afterburner\Bundle\OSDServer\RTSS.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk -> E:\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk -> E:\MSI Afterburner\Doc\ReadMe.pdf ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk -> E:\MSI Afterburner\Uninstall.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk -> E:\MSI Afterburner\SDK\Doc\Localization reference.pdf ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk -> E:\MSI Afterburner\SDK\Doc\USF skin format reference.pdf ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk -> E:\MSI Afterburner\SDK\Samples ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo\MKLOL\MK LOL.lnk -> C:\Program Files\MKJogo\MKLOL\MK.exe (No File)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo\MK IM\MK LOL.lnk -> D:\MKJogo\MK IM\Bin\MKIM.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo\MK IM\Uninstall.lnk -> D:\MKJogo\MK IM\Bin\uInst.exe (MK)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk -> E:\FormatFactory\FormatFactory.exe (Free Time)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk -> E:\FormatFactory\uninst.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa\Odinstaluj Detektor Winampa.lnk -> E:\Winamp Detect\UninstWaDetect.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Uninstall.lnk -> D:\Gry\Counter-Strike 1.6\uninst.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Website.lnk -> D:\Gry\Counter-Strike 1.6\Counter-Strike 1.6.url ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run\Game Dev Tycoon v1.3.2\GameDevTycoon.lnk -> C:\Program Files\1-click run\Game Dev Tycoon v1.3.2\GameDevTycoon.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\SendTo\Format Factory.lnk -> E:\FormatFactory\FormatFactory.exe (Free Time)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk -> C:\Program Files\PhotoScape\PhotoScape.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Viber.lnk -> C:\Users\Pat\AppData\Local\Viber\Viber.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk -> E:\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Pat\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CS5.lnk -> I:\Photoshop\Adobe Photoshop CS5\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> E:\mozilla\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PhotoScape.lnk -> E:\PhotoScape\PhotoScape.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Action — skrót (2).lnk -> C:\Program Files\Mirillis\Action!\Action.exe (Mirillis Ltd.)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Download Accelerator Plus (DAP).lnk -> C:\Program Files\DAP\DAP.exe (Speedbit Ltd.)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\EXPERTool.lnk -> C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co. Ltd.)
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\GhostMouse Free.lnk -> E:\GhostMouse\GhostMouse.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\Users\Pat\AppData\Local\Microsoft\Windows\GameExplorer\{CF736E3A-B79D-4079-830B-6212120E4A46}\PlayTasks\0\Zagraj.lnk -> D:\age of empires\empires2.exe (Microsoft Corporation)
Shortcut: C:\Users\Pat\AppData\Local\Microsoft\Windows\GameExplorer\{B0F86F52-6FAE-4D54-ABD7-9A2D21FF9C7D}\PlayTasks\0\Zagraj.lnk -> D:\stronghold crusader\Stronghold Crusader.exe ( )
Shortcut: C:\Users\Pat\AppData\Local\Microsoft\Windows\GameExplorer\{984D5E53-E72A-4540-8F2E-1CCD1FC3A5C8}\PlayTasks\0\Zagraj.lnk -> D:\GTA SAN ANDREAS\gta_sa.exe ()
Shortcut: C:\Users\Pat\AppData\Local\Microsoft\Windows\GameExplorer\{878841AD-85C3-47C6-8DF9-996120D32F95}\PlayTasks\0\Zagraj.lnk -> D:\stronghold\Stronghold.exe ()
Shortcut: C:\Users\Pat\AppData\Local\Microsoft\Windows\GameExplorer\{76308F47-2B45-4359-9BCE-5B1F97168ABC}\PlayTasks\0\Zagraj.lnk -> D:\age of empires\age2_x1\age2_x1.exe (Microsoft Corporation)
Shortcut: C:\Users\Pat\AppData\Local\Microsoft\Windows\GameExplorer\{6C8E764E-E5EF-4F80-91B9-BCC1CBF9E6FA}\PlayTasks\0\Zagraj.lnk -> G:\GAME\EMPIRES2.EXE (No File)
Shortcut: C:\Users\Pat\AppData\Local\Microsoft\Windows\GameExplorer\{29D302C9-4B8E-485F-ACC0-E9619AA574E3}\PlayTasks\0\Zagraj.lnk -> D:\WARCRAFT\Warcraft III\Warcraft III.exe (Blizzard Entertainment)
Shortcut: C:\Users\Pat\AppData\Local\Microsoft\Windows\GameExplorer\{02AD99BD-7F48-42F6-B002-04229D633043}\PlayTasks\0\Zagraj.lnk -> D:\stronghold 2\Stronghold2.exe (Firefly Studios)
Shortcut: C:\Users\Pat\AppData\Local\GG\Application\gg.lnk -> C:\Users\Pat\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Public\Desktop\Camtasia Studio 8.lnk -> D:\CamtasiaStudio.exe (TechSmith Corporation)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\CPUID CPU-Z.lnk -> E:\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\EA Sports FIFA World.lnk -> D:\Origin Games\FIFA World\fifaworld.exe (Electronic Arts)
Shortcut: C:\Users\Public\Desktop\EXPERTool.lnk -> C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co. Ltd.)
Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\Users\Public\Desktop\GhostMouse Free.lnk -> E:\GhostMouse\GhostMouse.exe ()
Shortcut: C:\Users\Public\Desktop\Graj w League of Legends.lnk -> D:\League of Legends\League of Legends\lol.launcher.exe ()
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> E:\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\LOL Recorder.lnk -> D:\League of Legends\LOLReplay\LOLRecorder.exe (LOL Replay)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> E:\mozilla\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Razer Game Booster.lnk -> E:\Razer Game Booster\RazerGameBooster.exe (Razer Inc.)
Shortcut: C:\Users\Public\Desktop\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> D:\steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\WarThunder.lnk -> D:\WarThunder\launcher.exe (Gaijin Entertainment)
Shortcut: C:\Users\Public\Desktop\Winamp.lnk -> E:\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Public\Desktop\YTD Video Downloader.lnk -> C:\Program Files\GreenTree Applications\YTD Video Downloader\ytd.exe (GreenTree Applications SRL)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp (Tryb awaryjny).lnk -> E:\Winamp\winamp.exe (Nullsoft, Inc.) -> /SAFE=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Odinstaluj QuickTime.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /i {111EE7DF-FC45-40C7-98A7-753AC46B12FB} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard\ProxySwitcher Standard.lnk -> E:\Proxy Switcher Standard\ProxySwitcher.exe (Proxy Switcher) -> -logo
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard\Upgrade ProxySwitcher Standard Anytime....lnk -> E:\Proxy Switcher Standard\ProxySwitcher.exe (Proxy Switcher) -> -9
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Switcher Standard\Support\ProxySwitcher Standard (Safe mode).lnk -> E:\Proxy Switcher Standard\ProxySwitcher.exe (Proxy Switcher) -> -logo -w -first
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetmarbleGlobal\DiceVenture\DiceVenture.lnk -> C:\NetmarbleGlobal\MarbleStation\GlbMSLauncher.exe (CJ E&M) -> moma
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II - The Conquerors Expansion\Uninstall Age of Empires II - The Conquerors Expansion.lnk -> D:\age of empires\UNINSTALX.EXE (Microsoft Corporation) -> /runtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II\Uninstall Age of Empires II.lnk -> D:\age of empires\UNINSTAL.EXE (Microsoft Corporation) -> /runtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /i {B54E3B7E-9D42-484A-BC16-56D49719A84A} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Kalendarz.lnk -> C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Kontakty.lnk -> C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notatki.lnk -> C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Poczta.lnk -> C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Przypomnienia.lnk -> C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Znajdź mój iPhone.lnk -> C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Smite.lnk -> D:\HiRezLauncherUI.exe (Hi-Rez Studios Inc.) -> game=300 product=17
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Uninstall All Hi-Rez Games.lnk -> D:\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company) -> uninstall=all
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth Plug-in.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} FEEDBACK=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold 2\Stronghold 2 Graphics Configuration.lnk -> D:\stronghold 2\Stronghold2.exe (Firefly Studios) -> -config
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET Smart Security\Odinstaluj.lnk -> C:\Program Files\ESET\ESET Smart Security\callmsi.exe (ESET) -> /i {0FAB8FFC-69DD-4625-A2D4-7785F9B78DD1}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Dedicated Server.lnk -> D:\cs 1.6\hlds.exe (Valve) -> -nomaster -game cstrike -insecure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\main.lua.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> E:\Cheat Engine 6.3\main.lua
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy\Support\About Acrylic.lnk -> E:\Acrylic DNS Proxy\AcrylicController.exe () -> AboutAcrylic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy\Support\Advanced Support Tools\Browse Debug Log.lnk -> E:\Acrylic DNS Proxy\AcrylicController.exe () -> BrowseAcrylicDebugLog
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy\Support\Advanced Support Tools\Enable Disable Debug Log.lnk -> E:\Acrylic DNS Proxy\AcrylicController.exe () -> EnableDisableAcrylicDebugLog
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy\Config\Edit Acrylic Configuration File.lnk -> E:\Acrylic DNS Proxy\AcrylicController.exe () -> EditAcrylicConfigurationFile
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy\Config\Edit Acrylic Hosts File.lnk -> E:\Acrylic DNS Proxy\AcrylicController.exe () -> EditAcrylicHostsFile
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy\Config\Purge Acrylic Cache Data.lnk -> E:\Acrylic DNS Proxy\AcrylicController.exe () -> PurgeAcrylicCache
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy\Config\Start Acrylic Service.lnk -> E:\Acrylic DNS Proxy\AcrylicController.exe () -> StartAcrylicService
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy\Config\Stop Acrylic Service.lnk -> E:\Acrylic DNS Proxy\AcrylicController.exe () -> StopAcrylicService
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Logs and errors.lnk -> D:\WarThunder\.game_logs () -> cd
ShortcutWithArgument: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Replays.lnk -> D:\WarThunder\Replays () -> cd
ShortcutWithArgument: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\Screenshots.lnk -> D:\WarThunder\Screenshots () -> cd
ShortcutWithArgument: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk -> E:\FormatFactory\FormatFactory.exe (Free Time) -> /help
ShortcutWithArgument: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Counter-Strike 1.6.lnk -> D:\Gry\Counter-Strike 1.6\hl.exe (Valve) -> -steam -game cstrike -noipx -nojoy -noforcemparms -noforcemaccel
ShortcutWithArgument: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Public\Desktop\Smite.lnk -> D:\HiRezLauncherUI.exe (Hi-Rez Studios Inc.) -> game=300 product=17


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\Web site.url -> hxxp://www.ytddownloader.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC\Strona WWW programu MPC-HC.url -> hxxp://mpc-hc.org/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\MINECRAFTinstall.net.url -> hxxp://www.minecraftinstall.net
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Stronghold Crusader Extreme HD\Documents\Support.url -> hxxp://www.gog.com/en/support/stronghold_crusader
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Papers, Please\Documents\Support.url -> hxxp://www.gog.com/support/papers_please
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.12.0\Geeks3D.com.url -> hxxp://www.geeks3d.com/category/geeks3d/furmark-geeks3d/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.12.0\Homepage.url -> hxxp://www.ozone3d.net/benchmarks/fur/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.12.0\Scores comparative tables FurMark 1.9.2+.url -> hxxp://ozone3d.net/redirect.php?id=222
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.12.0\Scores webpage FurMark 1.9.2+.url -> hxxp://ozone3d.net/redirect.php?id=217
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.12.0\SLI and CrossFire support.url -> hxxp://ozone3d.net/redirect.php?id=211
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold Crusader\Firefly Studios' Website.url -> www.fireflyworlds.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold Crusader\Gathering Website.url -> hxxp://www.gatheringofdevelopers.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold Crusader\Play Stronghold Crusader Online with GameSpy Arcade!.url -> hxxp://www.gamespyarcade.com/features/launch.asp?svcname=strongholdc&distid=639
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold Crusader\Register Stronghold Crusader.url -> hxxp://www.godgames.com/main.php?section=support&page=registration
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold 2\Visit 2K Games Website.url -> hxxp://www.2kgames.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold 2\Visit Firefly Studios Website.url -> hxxp://www.fireflyworlds.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold 2\Visit Stronghold 2 Website.url -> hxxp://www.stronghold2.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold\Play Stronghold Online Free with GameSpy Arcade.url -> hxxp://www.gamespyarcade.com/features/launch.asp?svcname=stronghold
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios\Stronghold\Register Stronghold.url -> hxxp://www.godgames.com/main.php?section=support&page=registration
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool\EXPERTool on the Web.url -> hxxp://www.gainward.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Strona Euro Truck Simulator 2.url -> hxxp://www.eurotrucksimulator2.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2\Strona SCS Software.url -> hxxp://www.scssoft.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\Pat\Favorites\Links for Polska\Bezpieczeństwo w trybie online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=142211
InternetURL: C:\Users\Pat\Favorites\Links for Polska\Bezpieczny Internet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129626
InternetURL: C:\Users\Pat\Favorites\Links for Polska\Kultura.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129625
InternetURL: C:\Users\Pat\Favorites\Links for Polska\Pogodynka.pl — oficjalny serwis pogodowy IMGW.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129624
InternetURL: C:\Users\Pat\Favorites\Links for Polska\Polska.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129622
InternetURL: C:\Users\Pat\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Pat\Favorites\Links\Sugerowane witryny.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC\Visit XBMC Online.url -> hxxp://xbmc.org
InternetURL: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\GameSpy Arcade Help.url -> hxxp://www.gamespyarcade.com/help/
InternetURL: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\GameSpy Arcade Website.url -> hxxp://www.gamespyarcade.com/
InternetURL: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\GameSpy.com Gaming's Homepage.url -> hxxp://www.gamespy.com/
InternetURL: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\Register GameSpy Arcade.url -> hxxp://www.gamespyarcade.com/register/
InternetURL: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games\Battlefield Play4Free\Battlefield Play4Free.url -> hxxp://battlefield.play4free.com/
InternetURL: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games\Battlefield Heroes\Battlefield Heroes.url -> hxxp://www.battlefieldheroes.com/
InternetURL: C:\Users\Pat\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.url -> hxxp://www.voga360.com

==================== End of log =============================

 

 

OTL (OTL.Txt Extras.txt)

 

OTL logfile created on: 2014-07-16 20:58:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pat\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 49,26% Memory free
7,25 Gb Paging File | 5,01 Gb Available in Paging File | 69,09% Paging File free
Paging file location(s): C:\pagefile.sys 4096 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 59,53 Gb Total Space | 7,49 Gb Free Space | 12,59% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 237,88 Gb Free Space | 51,07% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 277,81 Gb Free Space | 93,20% Space Free | Partition Type: NTFS
Drive I: | 232,88 Gb Total Space | 155,35 Gb Free Space | 66,71% Space Free | Partition Type: NTFS

Computer Name: PAT-KOMPUTER | User Name: Pat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-07-16 20:57:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pat\Desktop\OTL.exe
PRC - [2014-07-16 20:56:56 | 001,077,248 | ---- | M] (Farbar) -- C:\Users\Pat\Desktop\FRST.exe
PRC - [2014-07-15 22:34:16 | 000,142,848 | -H-- | M] (B***h & B***h) -- C:\ProgramData\bhib19yc\7z72uuox.exe
PRC - [2014-07-15 11:09:32 | 001,903,952 | ---- | M] (LogMeIn Inc.) -- E:\hamachi-2.exe
PRC - [2014-07-14 14:19:06 | 000,375,056 | ---- | M] (LogMeIn, Inc.) -- E:\LMIGuardianSvc.exe
PRC - [2014-07-08 08:49:56 | 000,152,392 | ---- | M] (Apple Inc.) -- E:\iTunesHelper.exe
PRC - [2014-06-05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014-05-30 01:28:21 | 002,350,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-05-30 01:23:57 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014-05-30 01:22:52 | 019,742,664 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2014-05-20 02:04:07 | 000,943,048 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2014-05-20 02:04:06 | 001,818,456 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2014-05-20 01:11:19 | 000,410,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014-02-28 15:23:54 | 000,009,216 | ---- | M] (Hi-Rez Studios) -- D:\HiPatchService.exe
PRC - [2014-02-25 19:38:48 | 000,105,448 | ---- | M] (Razer Inc.) -- E:\Razer Game Booster\RzKLService.exe
PRC - [2014-01-04 00:12:24 | 000,518,656 | ---- | M] () -- E:\Acrylic DNS Proxy\AcrylicService.exe
PRC - [2013-12-21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-08-02 02:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013-03-04 09:24:22 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2013-03-04 09:24:14 | 005,078,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2012-11-23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011-05-11 17:44:06 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 23:29:12 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2010-11-20 23:29:06 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
PRC - [2009-03-12 12:53:46 | 000,483,422 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009-03-12 12:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ef7356bc77a65e9e\stacsv.exe


========== Modules (No Company Name) ==========

MOD - [2014-06-05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014-06-05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014-06-05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014-04-23 16:05:12 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014-04-23 16:04:54 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014-02-12 19:51:22 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014-02-12 19:51:14 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014-02-12 19:50:46 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014-02-12 19:50:38 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\ProgramData\WindowsProtectManger\wprotectmanager.exe -- (WindowsProtectManger)
SRV - File not found [Auto | Stopped] -- C:\Program Files\webget\bin\utilwebget.exe -- (Util webget)
SRV - File not found [Auto | Stopped] -- C:\Program Files\webget\updatewebget.exe -- (Update webget)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe -- (SafetyNutManager)
SRV - File not found [Auto | Stopped] -- C:\ProgramData\IePluginServices\PluginService.exe -- (IePluginServices)
SRV - [2014-07-15 11:09:32 | 001,903,952 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- E:\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014-07-09 12:09:13 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-06-19 01:23:24 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014-05-30 01:23:57 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-05-30 01:22:52 | 019,742,664 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014-05-29 19:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-05-20 01:11:19 | 000,410,968 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-02-28 15:23:54 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- D:\HiPatchService.exe -- (HiPatchService)
SRV - [2014-02-25 19:38:48 | 000,105,448 | ---- | M] (Razer Inc.) [Auto | Running] -- E:\Razer Game Booster\RzKLService.exe -- (RzKLService)
SRV - [2014-01-04 00:12:24 | 000,518,656 | ---- | M] () [Auto | Running] -- E:\Acrylic DNS Proxy\AcrylicService.exe -- (AcrylicController)
SRV - [2013-12-21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-10-23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-05-27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-05-12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-04-01 22:13:29 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013-03-04 09:24:22 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-03-12 12:53:46 | 000,254,036 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ef7356bc77a65e9e\stacsv.exe -- (STacSV)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\xhunter1.sys -- (xhunter1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\vtany.sys -- (vtany)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Browser Tab Search by Ask\SafetyNut\configmgrc1.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A91196222)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\EVEREST Home Edition\kerneld.wnt -- (EverestDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Pat\AppData\Local\Temp\cpuz.sys -- (cpuz126)
DRV - [2014-05-30 01:22:51 | 000,019,232 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2014-05-20 04:39:05 | 010,533,152 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2014-03-31 18:42:44 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013-12-03 20:19:56 | 000,022,560 | ---- | M] (REALiX) [Kernel | System | Running] -- C:\Windows\System32\drivers\HWiNFO32.SYS -- (HWiNFO32)
DRV - [2013-11-28 15:38:19 | 000,162,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013-07-16 20:31:24 | 000,278,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2013-07-16 20:29:46 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2013-04-02 13:39:41 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013-03-14 14:36:22 | 000,016,648 | ---- | M] (XFire) [File_System | On_Demand | Stopped] -- C:\Program Files\Xfire2\XFDriver.sys -- (XFDriver)
DRV - [2013-02-14 12:21:04 | 000,171,680 | ---- | M] (ESET) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2013-02-14 12:21:04 | 000,047,568 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2013-01-31 11:50:58 | 000,022,656 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2013-01-10 09:25:22 | 000,150,080 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2013-01-10 09:25:20 | 000,122,240 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013-01-10 09:25:20 | 000,046,056 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2012-12-29 22:59:38 | 000,024,184 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2012-10-11 05:08:10 | 000,034,432 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2012-08-23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012-08-23 16:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012-08-23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 23:29:20 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2010-11-20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010-11-20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 02:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009-07-14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009-07-14 00:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-03-12 12:53:46 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.sweet-page.com/web/?type=ds&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=210&systemid=488&v=a12834-376&apn_uid=3581253102204675&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{59364527-A60C-4D68-A602-70084259E712}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=210&systemid=488&v=a12834-376&apn_uid=3581253102204675&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
IE - HKCU\..\SearchScopes\{E6A5F6C6-FE67-4BC8-801C-05CB20FD0230}: "URL" = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "sweet-page"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "sweet-page"
FF - prefs.js..browser.startup.homepage: "http://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S"
FF - prefs.js..extensions.enabledAddons: daplinkchecker%40speedbit.com:1.0.1.8
FF - prefs.js..extensions.enabledAddons: %7B9edd0ea8-2819-47c2-8320-b007d5996f8a%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=210&systemid=488&v=a12834-376&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=3581253102204675&o=APN11459&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: E:\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Pat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Pat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Pat\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pat\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pat\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Pat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DAP\daplinkchecker [2013-05-20 22:03:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\extensions\[email protected] [2014-06-18 11:46:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: E:\components [2014-07-05 11:34:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: E:\plugins [2014-07-05 11:34:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: E:\mozilla\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: E:\mozilla\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-04-01 13:00:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2013-05-20 22:03:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: E:\mozilla\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: E:\mozilla\plugins

[2013-04-01 21:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pat\AppData\Roaming\mozilla\Extensions
[2014-07-16 18:19:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pat\AppData\Roaming\mozilla\Firefox\Profiles\25mvuetz.default\extensions
[2014-06-18 11:46:14 | 000,000,000 | ---D | M] ("Quick Start") -- C:\Users\Pat\AppData\Roaming\mozilla\Firefox\Profiles\25mvuetz.default\extensions\[email protected]
[2014-05-21 13:05:00 | 000,008,893 | ---- | M] () (No name found) -- C:\Users\Pat\AppData\Roaming\mozilla\firefox\profiles\25mvuetz.default\extensions\{9edd0ea8-2819-47c2-8320-b007d5996f8a}.xpi
[2014-07-14 15:09:33 | 000,019,697 | ---- | M] () (No name found) -- C:\Users\Pat\AppData\Roaming\mozilla\firefox\profiles\25mvuetz.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2013-08-02 12:19:19 | 000,224,035 | ---- | M] () (No name found) -- C:\Users\Pat\AppData\Roaming\mozilla\firefox\profiles\25mvuetz.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2014-06-06 13:41:55 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Pat\AppData\Roaming\mozilla\firefox\profiles\25mvuetz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-07-16 18:19:50 | 000,293,614 | ---- | M] () (No name found) -- C:\Users\Pat\AppData\Roaming\mozilla\firefox\profiles\25mvuetz.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2014-06-12 16:48:41 | 000,002,664 | ---- | M] () -- C:\Users\Pat\AppData\Roaming\mozilla\firefox\profiles\25mvuetz.default\searchplugins\Ask.xml
[2013-05-24 16:40:01 | 000,002,402 | ---- | M] () -- C:\Users\Pat\AppData\Roaming\mozilla\firefox\profiles\25mvuetz.default\searchplugins\bingp.xml
[2013-05-20 22:03:27 | 000,000,000 | ---D | M] (DAP Link Checker) -- C:\PROGRAM FILES\DAP\DAPLINKCHECKER
[2010-12-13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://start.facemoods.com/?a=ddr
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: Facebook App for Google Chrome™ = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainkhhbgcdbenmmbaoacambbhjfgnmmm\2.2.0.3_0\
CHR - Extension: Dokumenty Google = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Dysk Google = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Battlefield Heroes = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: Adblock Plus = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Szukaj w Google = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Easy Video Downloader Express = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbcpmdpjjlhppmhfkcgbeanaanipdjbk\7.22_0\
CHR - Extension: Tampermonkey = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.8_0\
CHR - Extension: Pogoda = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad\0.9.0.6_0\
CHR - Extension: Zapisz na Dysku Google = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.1.1_0\
CHR - Extension: Pixlr Express = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid\1.4_0\
CHR - Extension: KodyRabatowe.pl = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\kafpjghdfockenndmdalblagbonhemkf\3.2.0_0\
CHR - Extension: Auto HD For YouTube™ = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\6.3.2_0\
CHR - Extension: Google Hangouts = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.710.434.3_0\
CHR - Extension: Google Wallet = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Battlefield Play4Free = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\
CHR - Extension: Gmail = C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [bCSSync] E:\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [iTunesHelper] E:\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] E:\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [shadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [switchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [uv4wt2o] C:\Windows\System32\bhib19yc\7z72uuox.exe (B***h & B***h)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_3761880807D2FC22AB5D1BC4CC332465] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\RunOnce: [12447a36ada5478cb8afad669575aeb3] C:\Users\Pat\AppData\Local\Temp\fmfpwcg3.cwk.vbs ()
O4 - HKCU..\RunOnce: [1b52a99da94c48b0b9fd46ba7f1971d6] C:\Users\Pat\AppData\Local\Temp\pjdectjj.x1l.vbs ()
O4 - HKCU..\RunOnce: [ced2b728243042c881f33f92d3f0e2aa] C:\Users\Pat\AppData\Local\Temp\5fgol0py.ojx.vbs ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - E:\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.65.2)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.65.2)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.60 62.179.1.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{33D726B4-AAAE-435A-AD2E-4EFAD0D7505F}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56D34014-B1DB-43FA-BFCE-36414C91CFD5}: DhcpNameServer = 62.179.1.60 62.179.1.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B482BD16-A8F9-4CE4-9426-C4FC7ED515C1}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0456428-A75F-4E7B-A41F-51B1F8FA468C}: DhcpNameServer = 62.179.1.60 62.179.1.61
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0456428-A75F-4E7B-A41F-51B1F8FA468C}: NameServer = 127.0.0.1,192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Program Files\SupTab\SEARCH~1.DLL) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\bhib19yc\7z72uuox.exe) - C:\Windows\System32\bhib19yc\7z72uuox.exe (B***h & B***h)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\msconfig.exe: Debugger - dgdpx150.2d2 File not found
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\reg.exe: Debugger - 2qouk4mp.xoy File not found
O27 - HKLM IFEO\regedit.exe: Debugger - y0avmxt0.oam File not found
O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\taskkill.exe: Debugger - i2s2gkww.gjf File not found
O27 - HKLM IFEO\tasklist.exe: Debugger - 1v4wjpnf.qde File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - yshnpnld.feh File not found
O27 - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012-12-09 23:28:10 | 000,003,033 | ---- | M] () - D:\autocam.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-07-16 20:57:14 | 000,000,000 | ---D | C] -- C:\FRST
[2014-07-16 20:56:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pat\Desktop\OTL.exe
[2014-07-16 20:56:48 | 001,077,248 | ---- | C] (Farbar) -- C:\Users\Pat\Desktop\FRST.exe
[2014-07-16 20:00:01 | 000,000,000 | ---D | C] -- C:\Users\Pat\Doctor Web
[2014-07-16 19:30:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\bhib19yc
[2014-07-16 19:21:03 | 000,000,000 | -H-D | C] -- C:\Windows\System32\bhib19yc
[2014-07-16 19:15:40 | 000,000,000 | ---D | C] -- C:\Users\Pat\Desktop\BoL Studio (2)
[2014-07-16 18:31:45 | 000,000,000 | ---D | C] -- C:\Users\Pat\Desktop\bolfree
[2014-07-16 18:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy
[2014-07-16 17:53:02 | 000,000,000 | ---D | C] -- C:\Users\Pat\AppData\Roaming\cloudrop
[2014-07-16 15:02:51 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014-07-16 15:02:44 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014-07-16 15:02:44 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014-07-16 15:02:44 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014-07-16 12:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Riot Games
[2014-07-15 23:08:38 | 000,000,000 | ---D | C] -- C:\Users\Pat\Documents\MKJogo
[2014-07-13 05:00:37 | 000,000,000 | ---D | C] -- C:\Users\Pat\Desktop\Scripts by SeleX
[2014-07-12 15:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014-07-12 15:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014-07-12 15:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014-07-09 13:49:26 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014-07-09 13:49:26 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014-07-09 13:49:26 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014-07-09 13:49:26 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-07-09 13:49:26 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014-07-09 13:49:25 | 000,240,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-07-09 13:49:24 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-07-09 13:49:24 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-07-09 13:49:24 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-07-09 13:49:24 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014-07-09 13:49:24 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-07-09 13:49:24 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-07-09 13:49:23 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-07-09 13:49:23 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-07-09 13:49:23 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-07-09 13:49:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-07-09 13:49:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014-07-09 13:49:21 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-07-09 13:49:21 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014-07-09 13:49:19 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014-07-09 13:49:18 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014-07-09 13:49:17 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014-07-09 13:49:15 | 004,254,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-07-09 13:49:15 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014-07-09 13:49:08 | 002,350,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014-07-09 13:49:08 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2014-07-09 13:49:00 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014-07-06 12:25:37 | 000,000,000 | ---D | C] -- C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
[2014-07-05 11:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014-07-05 11:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2014-07-04 20:56:17 | 000,000,000 | ---D | C] -- C:\Users\Pat\AppData\Roaming\MPC-HC
[2014-07-04 20:55:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
[2014-06-21 14:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
[2014-06-20 12:31:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2014-06-20 11:55:17 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014-06-19 14:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2014-06-19 10:03:42 | 000,000,000 | ---D | C] -- C:\Users\Pat\AppData\Local\Adobe
[2014-06-18 11:46:58 | 000,000,000 | ---D | C] -- C:\Users\Pat\AppData\Roaming\SupTab
[2014-06-18 11:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginServices
[2014-06-18 11:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsProtectManger
[2014-06-18 11:46:57 | 000,000,000 | ---D | C] -- C:\Program Files\SupTab
[2014-06-18 11:46:35 | 000,000,000 | ---D | C] -- C:\Users\Pat\AppData\Roaming\sweet-page
[2014-06-18 11:46:30 | 000,000,000 | ---D | C] -- C:\Users\Pat\Documents\My Cheat Tables
[2014-06-18 11:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
[2014-06-17 21:02:14 | 000,000,000 | ---D | C] -- C:\Users\Pat\AppData\Local\WarThunder
[2014-06-17 21:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder
[2014-06-17 21:01:37 | 000,000,000 | ---D | C] -- C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder

========== Files - Modified Within 30 Days ==========

[2014-07-16 20:57:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pat\Desktop\OTL.exe
[2014-07-16 20:56:56 | 001,077,248 | ---- | M] (Farbar) -- C:\Users\Pat\Desktop\FRST.exe
[2014-07-16 20:47:19 | 144,525,024 | ---- | M] () -- C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57 (1).exe
[2014-07-16 20:42:59 | 144,525,024 | ---- | M] () -- C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57.exe
[2014-07-16 20:18:13 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-07-16 20:17:10 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA.job
[2014-07-16 20:10:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-07-16 19:58:04 | 152,160,472 | ---- | M] () -- C:\Users\Pat\Desktop\0uiae71b.exe
[2014-07-16 19:53:19 | 000,021,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-07-16 19:53:19 | 000,021,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-07-16 19:46:28 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-07-16 19:46:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-07-16 19:46:00 | 2615,504,896 | -HS- | M] () -- C:\hiberfil.sys
[2014-07-16 19:34:02 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA.job
[2014-07-16 19:15:10 | 010,339,653 | ---- | M] () -- C:\Users\Pat\Desktop\BoL Studio (2).rar
[2014-07-16 18:59:09 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014-07-16 18:57:28 | 014,064,606 | ---- | M] () -- C:\Users\Pat\Desktop\BOL.rar
[2014-07-16 13:22:40 | 000,304,851 | ---- | M] () -- C:\Users\Pat\Desktop\mvhnc8.jpg
[2014-07-16 12:52:42 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core.job
[2014-07-16 02:53:28 | 000,073,551 | ---- | M] () -- C:\Users\Pat\Desktop\1147895_577102685669001_2005805126_n.jpg
[2014-07-15 23:29:32 | 000,054,918 | ---- | M] () -- C:\Users\Pat\Desktop\10543298_676446199095339_505759025_n.jpg
[2014-07-15 23:08:38 | 000,000,052 | ---- | M] () -- C:\Windows\JQHApp.dat
[2014-07-15 23:08:25 | 000,001,079 | ---- | M] () -- C:\Users\Pat\Desktop\MK LOL.lnk
[2014-07-15 22:34:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core.job
[2014-07-15 01:50:29 | 000,946,415 | ---- | M] () -- C:\Users\Pat\Desktop\l-21395.jpg
[2014-07-14 18:45:38 | 000,067,657 | ---- | M] () -- C:\Users\Pat\Desktop\10551768_736045156441419_145997398_n.jpg
[2014-07-13 04:57:28 | 000,103,326 | ---- | M] () -- C:\Users\Pat\Desktop\Scripts by SeleX.rar
[2014-07-13 00:42:37 | 000,048,997 | ---- | M] () -- C:\Users\Pat\Desktop\954380_592993390746597_1068315877_n.jpg
[2014-07-13 00:39:16 | 000,058,132 | ---- | M] () -- C:\Users\Pat\Desktop\1063603_555312631181340_1662734342_n.jpg
[2014-07-12 17:02:51 | 000,023,431 | ---- | M] () -- C:\Users\Pat\Desktop\adi.png
[2014-07-12 17:02:09 | 000,150,930 | ---- | M] () -- C:\Users\Pat\Desktop\943201_392527924202025_1123738754_n.jpg
[2014-07-12 15:14:55 | 000,001,361 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014-07-12 13:09:29 | 000,083,402 | ---- | M] () -- C:\Users\Pat\Desktop\Screenshot_2014-04-01-11-46-39.png
[2014-07-11 23:39:28 | 002,130,820 | ---- | M] () -- C:\Users\Pat\Desktop\skiny.png
[2014-07-11 21:25:43 | 000,090,322 | ---- | M] () -- C:\Users\Pat\Desktop\10537715_734803429898925_1646928433_n.jpg
[2014-07-11 20:00:01 | 000,101,691 | ---- | M] () -- C:\Users\Pat\Desktop\file.jpg
[2014-07-11 03:02:10 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014-07-11 02:56:08 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014-07-11 02:56:01 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014-07-11 02:55:32 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014-07-10 19:50:59 | 000,282,296 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2014-07-10 19:47:18 | 000,139,648 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2014-07-10 19:47:11 | 000,282,296 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2014-07-09 23:25:28 | 003,787,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014-07-09 12:09:05 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014-07-09 12:09:05 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014-07-08 19:21:45 | 000,020,290 | ---- | M] () -- C:\Users\Pat\Desktop\addmefast youtube subscriber.rms
[2014-07-08 17:12:10 | 000,112,204 | ---- | M] () -- C:\Users\Pat\Desktop\10487569_733180596727875_3332696752779974883_n-crop.jpg
[2014-07-08 17:09:57 | 000,021,405 | ---- | M] () -- C:\Users\Pat\Desktop\10487569_733180596727875_3332696752779974883_n.jpg
[2014-07-06 12:25:37 | 000,000,570 | ---- | M] () -- C:\Users\Pat\Desktop\XBMC.lnk
[2014-07-05 11:33:32 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014-07-04 20:55:11 | 000,000,600 | ---- | M] () -- C:\Users\Pat\Desktop\MPC-HC.lnk
[2014-07-03 22:39:29 | 000,740,422 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2014-07-03 22:39:29 | 000,654,254 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014-07-03 22:39:29 | 000,155,996 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2014-07-03 22:39:29 | 000,122,126 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014-06-28 10:38:03 | 000,000,539 | ---- | M] () -- C:\Users\Public\Desktop\Smite.lnk
[2014-06-26 01:31:46 | 006,762,889 | ---- | M] () -- C:\Users\Pat\Desktop\miniTrainer.zip
[2014-06-20 21:39:54 | 000,240,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014-06-20 12:31:28 | 000,001,251 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2014-06-19 01:56:37 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014-06-19 01:56:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2014-06-19 01:37:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014-06-19 01:36:35 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2014-06-19 01:35:55 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2014-06-19 01:28:45 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014-06-19 01:28:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014-06-19 01:25:38 | 000,442,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014-06-19 01:23:27 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014-06-19 01:23:24 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2014-06-19 01:22:40 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2014-06-19 01:16:33 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2014-06-19 01:12:01 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014-06-19 01:06:10 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2014-06-19 01:01:50 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014-06-19 00:58:08 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014-06-19 00:52:58 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014-06-19 00:52:18 | 004,254,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014-06-19 00:49:52 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014-06-19 00:46:23 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2014-06-19 00:45:59 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014-06-19 00:07:42 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014-06-18 11:46:23 | 000,000,606 | ---- | M] () -- C:\Users\Pat\Desktop\Cheat Engine.lnk
[2014-06-18 03:51:32 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2014-06-18 02:52:00 | 002,350,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014-06-17 21:01:37 | 000,000,603 | ---- | M] () -- C:\Users\Public\Desktop\WarThunder.lnk

========== Files Created - No Company Name ==========

[2014-07-16 20:44:51 | 144,525,024 | ---- | C] () -- C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57 (1).exe
[2014-07-16 20:40:23 | 144,525,024 | ---- | C] () -- C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57.exe
[2014-07-16 19:54:59 | 152,160,472 | ---- | C] () -- C:\Users\Pat\Desktop\0uiae71b.exe
[2014-07-16 19:14:33 | 010,339,653 | ---- | C] () -- C:\Users\Pat\Desktop\BoL Studio (2).rar
[2014-07-16 18:56:16 | 014,064,606 | ---- | C] () -- C:\Users\Pat\Desktop\BOL.rar
[2014-07-16 13:22:39 | 000,304,851 | ---- | C] () -- C:\Users\Pat\Desktop\mvhnc8.jpg
[2014-07-16 02:53:27 | 000,073,551 | ---- | C] () -- C:\Users\Pat\Desktop\1147895_577102685669001_2005805126_n.jpg
[2014-07-15 23:29:31 | 000,054,918 | ---- | C] () -- C:\Users\Pat\Desktop\10543298_676446199095339_505759025_n.jpg
[2014-07-15 23:06:20 | 000,001,079 | ---- | C] () -- C:\Users\Pat\Desktop\MK LOL.lnk
[2014-07-15 01:50:28 | 000,946,415 | ---- | C] () -- C:\Users\Pat\Desktop\l-21395.jpg
[2014-07-14 18:45:36 | 000,067,657 | ---- | C] () -- C:\Users\Pat\Desktop\10551768_736045156441419_145997398_n.jpg
[2014-07-13 04:57:27 | 000,103,326 | ---- | C] () -- C:\Users\Pat\Desktop\Scripts by SeleX.rar
[2014-07-13 00:42:36 | 000,048,997 | ---- | C] () -- C:\Users\Pat\Desktop\954380_592993390746597_1068315877_n.jpg
[2014-07-13 00:39:16 | 000,058,132 | ---- | C] () -- C:\Users\Pat\Desktop\1063603_555312631181340_1662734342_n.jpg
[2014-07-12 17:02:51 | 000,023,431 | ---- | C] () -- C:\Users\Pat\Desktop\adi.png
[2014-07-12 17:02:08 | 000,150,930 | ---- | C] () -- C:\Users\Pat\Desktop\943201_392527924202025_1123738754_n.jpg
[2014-07-12 13:08:39 | 000,083,402 | ---- | C] () -- C:\Users\Pat\Desktop\Screenshot_2014-04-01-11-46-39.png
[2014-07-11 23:39:25 | 002,130,820 | ---- | C] () -- C:\Users\Pat\Desktop\skiny.png
[2014-07-11 21:25:42 | 000,090,322 | ---- | C] () -- C:\Users\Pat\Desktop\10537715_734803429898925_1646928433_n.jpg
[2014-07-11 19:59:59 | 000,101,691 | ---- | C] () -- C:\Users\Pat\Desktop\file.jpg
[2014-07-08 19:21:45 | 000,020,290 | ---- | C] () -- C:\Users\Pat\Desktop\addmefast youtube subscriber.rms
[2014-07-08 17:12:10 | 000,112,204 | ---- | C] () -- C:\Users\Pat\Desktop\10487569_733180596727875_3332696752779974883_n-crop.jpg
[2014-07-08 17:09:56 | 000,021,405 | ---- | C] () -- C:\Users\Pat\Desktop\10487569_733180596727875_3332696752779974883_n.jpg
[2014-07-08 02:29:18 | 000,000,570 | ---- | C] () -- C:\Users\Pat\Desktop\XBMC.lnk
[2014-07-04 20:55:11 | 000,000,600 | ---- | C] () -- C:\Users\Pat\Desktop\MPC-HC.lnk
[2014-06-28 10:38:03 | 000,000,539 | ---- | C] () -- C:\Users\Public\Desktop\Smite.lnk
[2014-06-26 01:31:20 | 006,762,889 | ---- | C] () -- C:\Users\Pat\Desktop\miniTrainer.zip
[2014-06-20 11:57:32 | 000,001,361 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014-06-18 11:46:23 | 000,000,606 | ---- | C] () -- C:\Users\Pat\Desktop\Cheat Engine.lnk
[2014-06-17 21:01:37 | 000,000,603 | ---- | C] () -- C:\Users\Public\Desktop\WarThunder.lnk
[2014-03-18 20:44:49 | 000,000,163 | ---- | C] () -- C:\Users\Pat\AppData\Roaming\AhriVersion.ini
[2014-02-20 02:36:32 | 003,774,821 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2013-11-23 18:57:21 | 000,000,052 | ---- | C] () -- C:\Windows\JQHApp.dat
[2013-09-30 21:02:02 | 000,049,152 | ---- | C] () -- C:\Windows\System32\HPM1210SMs.dll
[2013-09-30 21:02:00 | 001,167,360 | ---- | C] () -- C:\Windows\System32\HPM1210SM.exe
[2013-09-30 21:02:00 | 000,284,672 | ---- | C] () -- C:\Windows\System32\mvhlewsi.DLL
[2013-09-30 21:02:00 | 000,167,936 | ---- | C] () -- C:\Windows\System32\HPM1210LM.DLL
[2013-09-30 21:00:17 | 000,049,152 | R--- | C] () -- C:\Windows\System32\drivers\HPM1210SMs.dll
[2013-07-16 20:29:46 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2013-07-16 20:29:46 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2013-07-12 23:34:00 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI
[2013-06-23 19:57:55 | 000,000,066 | ---- | C] () -- C:\Windows\#1 Video Converter.INI
[2013-06-11 23:53:30 | 000,139,648 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2013-06-11 23:53:24 | 000,138,056 | ---- | C] () -- C:\Users\Pat\AppData\Roaming\PnkBstrK.sys
[2013-06-11 23:52:54 | 000,282,296 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2013-06-11 23:52:53 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2013-05-06 16:37:34 | 000,109,696 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
[2013-05-06 16:37:32 | 000,091,264 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2013-04-12 23:38:31 | 000,007,605 | ---- | C] () -- C:\Users\Pat\AppData\Local\Resmon.ResmonCfg
[2013-04-04 18:58:07 | 000,000,132 | ---- | C] () -- C:\Users\Pat\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2013-04-01 13:15:48 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012-12-28 23:04:22 | 000,036,352 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2012-10-11 13:23:21 | 000,007,318 | ---- | C] () -- C:\Windows\cadx2.ini
[2012-09-28 21:45:16 | 000,246,272 | ---- | C] () -- C:\Windows\System32\rtvcvfw64.dll
[2012-09-28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll

========== ZeroAccess Check ==========

[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014-07-03 22:05:44 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\.minecraft
[2014-03-04 18:40:18 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\.minecraftzyczu
[2014-04-19 15:11:42 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\3909
[2013-09-29 15:34:10 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\7 Sticky Notes
[2013-10-20 10:16:41 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Audacity
[2014-02-08 18:35:28 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Avnex
[2013-06-21 16:50:43 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Awesomium
[2013-04-04 06:00:43 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\BANDISOFT
[2013-10-29 12:48:07 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Battle.net
[2014-07-16 19:12:46 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\BoL
[2014-01-25 21:48:28 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\CamTrack
[2014-07-16 17:56:06 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\cloudrop
[2014-05-10 10:57:42 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Curse
[2014-05-12 18:23:31 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Curse Client
[2014-06-22 16:12:30 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\DAEMON Tools Lite
[2014-04-12 20:57:20 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Dwarfs
[2013-05-27 14:46:40 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\EQATEC Analytics
[2013-04-01 13:01:20 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\ESET
[2014-06-25 12:47:06 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\GG
[2013-04-02 17:36:47 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\LolClient
[2013-06-22 21:06:21 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Mirillis
[2013-06-03 19:41:18 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Mount&Blade
[2013-05-02 17:47:54 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Mount&Blade Warband
[2014-07-04 20:56:17 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\MPC-HC
[2013-06-12 10:25:09 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Notepad++
[2014-02-18 21:02:09 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Opera Software
[2014-02-15 22:19:51 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Origin
[2013-07-08 13:40:21 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\PhotoScape
[2014-04-30 14:01:57 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Riot Games
[2013-07-15 12:33:33 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Sony
[2013-07-15 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Sony Creative Software Inc
[2014-03-06 13:55:03 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Spore
[2013-04-15 21:03:21 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014-02-27 15:31:03 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\steamvr
[2014-06-18 11:46:58 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\SupTab
[2014-06-18 11:46:35 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\sweet-page
[2013-04-01 17:01:36 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\TechSmith
[2014-03-03 22:05:39 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\TunkDesign
[2013-07-21 03:47:00 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Ubisoft
[2014-02-27 23:13:17 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\Unity
[2014-07-16 18:59:47 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\uTorrent
[2014-03-05 22:03:42 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\ViberPC
[2014-04-16 15:15:23 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\WNR
[2013-04-14 16:48:16 | 000,000,000 | -HSD | M] -- C:\Users\Pat\AppData\Roaming\wyUpdate AU
[2014-07-09 13:18:51 | 000,000,000 | ---D | M] -- C:\Users\Pat\AppData\Roaming\XBMC

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:56E2E879

< End of report >

 

 

 

OTL Extras logfile created on: 2014-07-16 20:58:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pat\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 49,26% Memory free
7,25 Gb Paging File | 5,01 Gb Available in Paging File | 69,09% Paging File free
Paging file location(s): C:\pagefile.sys 4096 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 59,53 Gb Total Space | 7,49 Gb Free Space | 12,59% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 237,88 Gb Free Space | 51,07% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 277,81 Gb Free Space | 93,20% Space Free | Partition Type: NTFS
Drive I: | 232,88 Gb Total Space | 155,35 Gb Free Space | 66,71% Space Free | Partition Type: NTFS

Computer Name: PAT-KOMPUTER | User Name: Pat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "E:\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1"
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [bridge] -- I:\Photoshop\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "E:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "E:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "E:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000C5AF4-C8A4-4385-902F-1337687DDA5D}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{01702122-E94F-4BE5-9F04-6462BF580066}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{01FA6A75-58A4-4191-9E09-6277DDC55628}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{0270361A-FDCF-49CB-9941-63C358741E72}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{031849F6-D51B-4594-8765-E668F934FAA4}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0386B3B1-E88E-4AAC-8175-62A4844183E9}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{07576C08-155C-4687-B382-C1138B170502}" = lport=137 | protocol=17 | dir=in | app=system |
"{07FA62EC-5B43-4F2B-99B0-0A095DF77C17}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{109952E4-D101-47FE-8157-22C0E504172B}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{12859429-1EB6-4A3D-942F-C7FC34AEEA51}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{17638DFD-D13B-4AD2-9A76-C68A306CD24E}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{18CBDC59-9428-408D-8E27-D869CC1DEFAD}" = lport=57588 | protocol=6 | dir=in | name=pando media booster |
"{1BB787B4-2187-4B87-B4A9-4AD444790DB6}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1C087B51-F867-4CE0-BD39-C4A1CE57FB79}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{1D9236F9-FFFD-44CE-8702-58E2DCAE2618}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{22684DA6-B4C3-4F19-82D5-56E6B7E8A52B}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{23B500FE-7F1B-4DA9-9BF0-37E2A8B809DD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2867C272-4341-46F1-9FB4-848A43BCF452}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{29AED400-6DB2-4913-83C8-939D207FC80A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files\dll-files.com fixer\dllfixer.exe |
"{2A062147-82E6-4131-947B-84F72A972B47}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2EAA5E2D-8C0F-4CA2-8AB5-D9557C247802}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{30EEB55C-9BC1-4582-805F-AC11004E1FCA}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{30EF70E6-80D2-44EC-AFAB-7BDFE71721A1}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{326AD11E-A8E5-4164-8AF1-92307AF7B9FD}" = lport=57150 | protocol=6 | dir=in | name=pando media booster |
"{33927FF4-15FF-46B0-BE19-A5E3BBC0C8B3}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{33BB8D45-D23F-425A-B7CF-0E5F10165FFF}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{349A6941-61B6-46B1-83E6-42A67838552E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3685C738-B6E6-4AF9-B911-634FED59BC97}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{39F7F314-D114-4362-A87E-663A5112C609}" = lport=57607 | protocol=17 | dir=in | name=pando media booster |
"{3A947904-CCED-40D9-BEB4-EA1C2A13AC30}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{3D7D50C5-B53C-4A24-972F-BCC24211F3D2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3E52306A-80CD-42FF-9D4D-7721F91C457F}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{413C8E8C-E619-46CA-BCEE-20140E710A0F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4700430C-4B3E-4B0E-BEE6-5CB75C2A8F79}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48276C6F-7AB4-4545-9D1D-80C81370220B}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{483AB70C-FECE-4F48-A23B-600073278193}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{4A0284D2-EB86-47C7-BAA7-F6DD0CA34FBC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{4F61E2F9-D24E-4909-961C-CEAFF73D74D9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{51A25D83-6FEB-4816-AFA6-3630A05E3592}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{56CA1A71-39C2-4B0B-90F6-4B45EE1AFC3E}" = lport=138 | protocol=17 | dir=in | app=system |
"{56FB69C0-2CDC-4818-BC40-9B29E020247A}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{58DEEF90-2E03-4EAF-965F-FEDE44BB1B14}" = rport=2869 | protocol=6 | dir=out | app=system |
"{5A8D8829-5E72-42C8-90B2-BD19F761A42D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5CAC03CB-11ED-49F9-BC63-4C4782376B7A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{62188FD5-82F4-4F3E-9A4B-1D532A5934BB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{65D1EF36-476C-4802-A474-24C8280902DC}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{65F8E955-0A2B-41B2-96DC-BA529013C76C}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{68E90D1E-9192-4B92-8CB1-B27E06A9EBD0}" = lport=57607 | protocol=6 | dir=in | name=pando media booster |
"{6A86D780-61CF-4512-BD78-2DD48EFFC31C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6B3FB666-5321-40CB-BC57-AC5839D2FCA3}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{6B90B6C4-2174-4F7B-AFD4-FF72239F98A8}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{6D2CCE4A-95F2-4CE7-9B6B-CD8B986DE6DF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7091EB89-B8D9-4A30-956C-2E7B73F57C6B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{71C1DB78-4778-4331-8D8F-E7BFCF216299}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{71DA2C48-68E0-4F9F-BEA0-91687EB82D97}" = lport=10243 | protocol=6 | dir=in | app=system |
"{785FB306-4F1C-47C1-89D8-441C520B3E21}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7B3FEE13-A8CB-4160-BBB9-50EE0687EA08}" = lport=57150 | protocol=6 | dir=in | name=pando media booster |
"{821F9350-8117-464E-B86F-69323765BE84}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{84261AA1-39AE-4C69-8B8A-1D0D485245D2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{862A7A39-A7F7-4A42-B9ED-A1E89288F314}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{884A4DB0-ACC0-47A1-A5B4-110643212EFC}" = lport=57607 | protocol=6 | dir=in | name=pando media booster |
"{891CC9C2-0613-4090-B5CA-E4B22F79D3FA}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{89502BD5-84EC-404A-BD58-F6881D387D0D}" = rport=138 | protocol=17 | dir=out | app=system |
"{8CA8BA70-F536-4565-9032-1286E2687A2E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8EDF793F-E71F-4245-9E45-E3399E32A6BB}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{8F290C20-91A7-4E9E-BBC9-234AC94D893C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9192CE4F-BB3D-47DF-BCCD-05565036E235}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{91A16D52-7FB4-4497-8919-657B74BEADBE}" = lport=57588 | protocol=17 | dir=in | name=pando media booster |
"{93916F6C-875C-47E0-89EF-4C449CA057B0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9649EF56-A3C2-45A5-952A-294E134682A3}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{980224EF-BB7D-492A-80DE-E01C66327DC8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{98641868-4CFC-455C-892A-8C03DE497C32}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{99223FC1-5EFD-4816-A163-72EB9CDF5FB9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9C1EDB66-9C21-4567-88A0-2D62FAE5FD9E}" = lport=139 | protocol=6 | dir=in | app=system |
"{A2D53AEB-9199-4610-89D1-BBD0B0FF66C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A3358465-8CE8-4B6A-87EF-C5E243B597DD}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A3BBA21A-7DF7-476A-BE5D-9AF4AC43D975}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A989EC99-A2C1-4C53-82DE-34FD13F27F24}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{AB77788D-009F-4418-AB8D-F1D4A6964095}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{B00549B5-CB42-40E1-A246-E4C9C9A6F31E}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{B220B8F6-E6B2-47F8-AB84-A4366B6C24F9}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{B42B6D2B-3EA0-411A-9CCC-F886F341939B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B91D5FC2-4D1D-4E1D-9537-33BF41539B37}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{BE110656-E277-4F25-AF65-B6134F6845EB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BF51F8FA-D9CC-4417-86B7-5B27D8B66FF4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C1F50371-7745-4B7F-8138-F7DAD51303EA}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{C28A33DB-420B-4C50-A332-EF1C3625D047}" = lport=57150 | protocol=17 | dir=in | name=pando media booster |
"{C5AF5EED-0847-454F-892C-68138D650BD1}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{C5C83D1E-AAF8-4B8E-82DD-05FA9F2A3476}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{C74A2ECF-A29C-4F6B-BB33-5BA1A193FE2C}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{C8F8C811-0895-4ABD-9F57-F77503F18C9E}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{CA397023-0CD0-4684-AF27-2F4F9C2B3FDE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CEBBED0E-0943-4022-B33B-ED596AF4B50E}" = lport=445 | protocol=6 | dir=in | app=system |
"{CF764D73-DE7A-47AE-8CA7-AD14AAE0DBE7}" = lport=57588 | protocol=6 | dir=in | name=pando media booster |
"{CF9B43B3-FBCE-48E3-AD86-CB16240C4355}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D52FE377-2307-4124-96BF-E914F153DDA7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D603CAC1-2F30-45C3-92FE-71364C6C9FC2}" = lport=57150 | protocol=17 | dir=in | name=pando media booster |
"{D787886D-2ACD-44FF-A898-7564249A03DC}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{D7BDFCC8-4097-4504-AAC9-047E38B89F60}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DB6076D5-7605-49CE-BECA-602B925D8B33}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DC92FF66-3F6E-4C6E-B942-DA27D12B6A8C}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{DE076B7E-75AF-421C-A527-87B95DC24A98}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DF20C60A-B7FE-43B9-A34E-2A0F8568C46E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E3698F15-9392-4DF5-8078-3C57983158A8}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E8CB1712-E894-4BA3-8E0B-EA13814F21FF}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E9EC5E6B-CD46-4EDC-87BC-25C9C1E59AA3}" = lport=57588 | protocol=17 | dir=in | name=pando media booster |
"{F47A443B-84F0-4C73-A950-C7907EB98342}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F66A47A0-2D5B-491A-AD57-2599BBEFEB71}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F867CB00-E624-40E9-A8D0-2D90639736E4}" = rport=445 | protocol=6 | dir=out | app=system |
"{F87F80A5-013B-4F50-B16D-8251BD8AE882}" = rport=139 | protocol=6 | dir=out | app=system |
"{FBA65E01-6509-4F8E-B31C-5E6F3B0CCB19}" = rport=137 | protocol=17 | dir=out | app=system |
"{FEBDAB27-006E-4F6E-88EC-70B19A388965}" = lport=57607 | protocol=17 | dir=in | name=pando media booster |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F139BA-82AD-4907-8707-8324D4D8065B}" = protocol=6 | dir=in | app=d:\origin games\peggle deluxe\peggle.exe |
"{018B36DA-0D0C-47DE-9CD9-A678C3F63FF1}" = protocol=6 | dir=in | app=d:\warthunder\launcher.exe |
"{029EF666-8E32-4D08-90DA-8D474AE67518}" = protocol=6 | dir=in | app=e:\proxy switcher standard\proxyswitcher.exe |
"{03CF01A6-FEB6-439C-BD27-5A9E28AB00D7}" = protocol=6 | dir=out | app=system |
"{04158990-883F-40FD-8922-FDADC3AF76CB}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{04E72E51-5B18-4774-80CF-5185030CF947}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{09CF63FC-CFCA-4BA3-9F30-7FD4053F7837}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\aceofspades\aos.exe |
"{0BE044F9-8147-452F-BB0B-0859684E9938}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\team fortress 2\hl2.exe |
"{0FBCE7FF-BB8D-4D77-9DA8-CE781EEE611D}" = protocol=58 | dir=in | app=system |
"{10B34D1E-B974-4057-9ABF-7B4F7B61EE30}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{11BB88F3-FA6F-40BD-A8BF-4CAE195BBDBB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dwarfs - f2p\dwarfs.exe |
"{12541596-4F75-4D96-AD60-C93B0F54F9BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{13CB3A6F-171C-4614-8726-037E3F314596}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{16B73705-A2A8-4783-A92B-EA26672B91E1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe |
"{1797BC51-EAB6-4F80-B582-D976995B4AC4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1CA9C5A7-A945-424A-AE70-B7EC2167D3D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E7F37F3-D499-4E16-A9DE-3767D0244363}" = protocol=17 | dir=in | app=c:\users\pat\appdata\roaming\utorrent\utorrent.exe |
"{1F48C44C-7395-490C-92FB-3D14E0826CD5}" = protocol=6 | dir=in | app=c:\users\pat\appdata\roaming\utorrent\utorrent.exe |
"{1F8FD130-D48C-42E5-A8A7-73C3E6837721}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2753\agent.exe |
"{236B93B3-9A81-420A-8C70-407049F498BC}" = protocol=1 | dir=in | [email protected],-28543 |
"{244808DE-D50A-478F-B738-E8625D68C020}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{253EB6D4-053C-4C2E-8C5B-479A1894421B}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{258F5B66-E252-4FB9-A1EF-FFA2FD071AD7}" = protocol=17 | dir=in | app=c:\users\pat\appdata\roaming\utorrent\utorrent.exe |
"{25DCEB1A-9860-404D-AB8E-B6D8F6990D43}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{26A31285-FCB0-4E38-9099-AB339B55EAD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26E47AD0-D190-4A16-99BE-007703A5501F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\isaac.exe |
"{29073481-9808-4F5D-9275-72AD7762DEA5}" = protocol=6 | dir=in | app=d:\heartstone\battle.net\battle.net.exe |
"{2933B1E7-B203-46F2-9AA4-54548EE0F47F}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the binding of isaac\isaac.exe |
"{2938462A-2B53-4858-84C8-57FEA174C221}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{2B0782D1-CCE9-4FE7-B103-2F575C1E42B4}" = dir=in | app=d:\7daystodie-alpha\7daystodie.exe |
"{2C434857-AB28-4826-8C5C-087B61F143FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2D366838-850A-4848-8709-C6084D8EBE8B}" = protocol=6 | dir=in | app=c:\users\pat\appdata\roaming\utorrent\utorrent.exe |
"{2FDC09DC-6080-463A-9FDD-B3C22DC8835A}" = protocol=17 | dir=in | app=d:\origin games\need for speed most wanted\nfs13.exe |
"{30A90020-8004-4139-915F-ADB5CC4E8CD6}" = protocol=6 | dir=in | app=d:\origin games\dead space\dead space.exe |
"{328B97A6-D3EA-4279-849A-5D977EB8DCA1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{32A2E8C7-C7A6-48DE-82C5-2C0B1A004874}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{32B56911-1C1B-4E5A-ADEB-7BE99ACE2ED6}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{3EDDD1D6-EB45-4208-A2C1-F563D27B4A17}" = protocol=58 | dir=out | [email protected],-28546 |
"{45CCBBB8-6C39-447C-8756-6913FFD2F4B4}" = protocol=17 | dir=in | app=d:\origin games\battlefield 3\bf3.exe |
"{46FED09E-1F68-469D-AF8E-6C3710A3C3B1}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{4846AFF3-9235-44EF-A49E-A8FDEEA911C0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dwarfs - f2p\dwarfs.exe |
"{4BAA8571-0A52-4618-90E7-816380DEF22A}" = protocol=6 | dir=in | app=d:\origin games\fifa world\fifaworld.exe |
"{4D032E6F-AEB4-47EC-9534-C9ECB51FBA39}" = protocol=17 | dir=in | app=d:\origin games\peggle deluxe\peggle.exe |
"{4F672E52-F6CF-4CF3-BD2E-3BBA0D882CD7}" = protocol=17 | dir=in | app=d:\heartstone\battle.net\battle.net.exe |
"{5185DE39-ADE4-4C50-BD44-E4E01F557346}" = protocol=6 | dir=in | app=d:\warthunder\launcher.exe |
"{578CE2D2-B7D1-4CE3-8BD6-98EDD0A99C7C}" = protocol=58 | dir=out | [email protected],-503 |
"{58847C70-AA8F-4A5E-96F9-297724BB514E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2753\agent.exe |
"{5ECACCD3-9B9F-407E-8A18-78602543BF57}" = protocol=17 | dir=in | app=d:\warthunder\launcher.exe |
"{612CDA2E-6CAC-408A-9055-0FE4A25783EC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2753\agent.exe |
"{65080C08-C60E-4500-9E5C-28045202C1D3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6687A488-8D53-45B9-9163-EC1CAC8E31CD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{6FFD26FE-D8CE-4BD8-9567-0025AA21CAB6}" = dir=in | app=c:\users\pat\appdata\local\viber\viber.exe |
"{711930A9-B477-45C2-BB7B-935319F8B96C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe |
"{7246CDAA-D887-4EC5-995E-4FE498E455F1}" = protocol=6 | dir=in | app=d:\stronghold 2\stronghold2.exe |
"{7468FE78-A3E6-4F99-98F9-1E3D51C6F27A}" = protocol=58 | dir=in | [email protected],-148 |
"{779905D7-A839-44A8-9E1A-7CA21A7E53C7}" = protocol=17 | dir=in | app=d:\origin games\fifa world\fifaworld.exe |
"{77B63BD4-666B-4A47-8B84-8491E6643E60}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
"{7A36F82B-D931-4E2A-BF4A-A7705BF05E88}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7B955FF0-C615-4608-A705-07037782BA2D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{7CF577C1-39D9-44CA-BB75-2FAB4B20720F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{7ECFE4EE-8D5E-462A-9C9C-BD50F126DC67}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{7FE781C4-6910-41F3-BA5F-3937C2512929}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{823DC12C-0B24-4813-A560-55963EA72326}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{8704039E-0A81-4386-9D6A-180DD1E0A999}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{87755D23-7184-4301-830D-4034E8F78E75}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{881B6372-4D86-4FA6-AA91-DA50762639F4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{88B96610-FF79-4066-A6FB-DB4BAA3F77E5}" = protocol=17 | dir=in | app=d:\origin games\fifa 14 demo\game\fifa14_demo.exe |
"{88C112E1-3784-467A-A5BA-53F6CCB81DB7}" = protocol=17 | dir=in | app=d:\origin games\dead space\dead space.exe |
"{8ADB708D-9325-4CDD-8D85-5168BBADFEBD}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8B63A861-194C-4B59-951B-4743C86AB194}" = protocol=6 | dir=in | app=d:\origin games\fifa 14 demo\game\fifa14_demo.exe |
"{8B79F2B2-5A6B-4AA2-AC78-24C1511F201B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8B8F3A0E-9587-4F41-9862-6941E73E4011}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8BD81E76-2947-4119-896D-2E9C008BBB0C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{8DCA5FBF-C895-4A37-8E6C-E9A4CFBC39E6}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\dota 2 beta\dota.exe |
"{9075A969-EFE6-420F-9D1A-0C6F8D534B84}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{927A0BE8-F1C7-4C64-9C9E-2714C9D03E95}" = protocol=17 | dir=in | app=e:\proxy switcher standard\proxyswitcher.exe |
"{93263A20-7B1F-453B-BFAE-682159CBD1A0}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{94B9C43E-9930-4A41-AAB7-6FD429B68132}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\half-life\hl.exe |
"{94F1DD74-FBE6-4F38-BCFF-F2C076E63240}" = protocol=17 | dir=in | app=d:\origin games\fifa world\fifaworld.exe |
"{96C9EAAE-841E-49F1-91A2-C792368D36B1}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{99396FD4-09AB-41FB-AF3C-8170690346E0}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\team fortress 2\hl2.exe |
"{994AB5B2-ABC5-4BDC-AA48-D99E77A245B2}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\half-life\hl.exe |
"{9B5FFC60-7AA0-4977-806A-14B22004E54E}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{9E4B76FB-B422-4BAA-BA75-FE1CB0314392}" = protocol=6 | dir=in | app=d:\origin games\need for speed most wanted\nfs13.exe |
"{A162F004-8C1F-4A97-BB42-562CB9A2A83E}" = protocol=17 | dir=in | app=d:\origin games\fifa 13\game\fifa13.exe |
"{A2EF4E49-67FF-47DB-99A8-BF5AE660F7C1}" = protocol=6 | dir=in | app=d:\origin games\battlefield 3\bf3.exe |
"{A6B503E3-A474-4265-8139-2A80D4A35F74}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2753\agent.exe |
"{AA347C33-2A23-40CF-85E0-0205E9930B16}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{AB1C6F06-085A-4B7A-8C4D-7C55939E6EDD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\aceofspades\aos.exe |
"{ABB61FCE-A8EA-4998-A61C-5C1B741F1CB6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe |
"{AC69F724-EAFC-4CEC-B1DB-AC285C385D3B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B274E0E6-5A3E-4C61-8DB5-1DE0A417A05C}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{B354902B-CF1D-4CAB-9C94-DA585F2DDAA5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B5D4D23E-53D6-4618-83CB-DC84BA042F63}" = dir=out | app=d:\7daystodie-alpha\7daystodie.exe |
"{B69849AF-628A-426E-92FA-71E41F94939C}" = protocol=58 | dir=in | [email protected],-28545 |
"{B911AA30-BBC0-4C2D-84D0-93C7AF3C0829}" = protocol=17 | dir=in | app=d:\warthunder\launcher.exe |
"{BAED4104-9E00-4116-A996-FBFE9862CEC8}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BC59468E-6ED9-41C6-8770-681228CE4A45}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{C276E0D4-578D-4E13-94C6-ABF09F1968DA}" = protocol=6 | dir=in | app=e:\winamp\winamp.exe |
"{C67F5BA0-3B7E-467E-90C8-188885B4FBAF}" = protocol=17 | dir=in | app=d:\stronghold 2\stronghold2.exe |
"{C7FBFE88-726A-4B43-9B05-D4EC56DF1C8B}" = protocol=6 | dir=in | app=d:\origin games\fifa 13\game\fifa13.exe |
"{CB4FFB67-AB92-48C4-A2C4-65B649E411E1}" = protocol=6 | dir=in | app=c:\program files\hearthstone\hearthstone.exe |
"{CD5487DB-CAC0-4D33-8EB1-6B353902CC82}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{CECB80F6-119D-49CC-AE73-4C137EE0E6C6}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D11798AB-95F2-44F8-ABFF-0C0E7241A470}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{D669C0F5-5108-4670-89EE-E38CB21FC6C8}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe |
"{D85BFEC6-F6DF-418D-A6B5-BACC3CDDD5C8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\dead island\deadislandgame.exe |
"{D874A266-01E6-4268-AF9B-A0CE6745E9F4}" = protocol=6 | dir=in | app=d:\origin games\fifa world\fifaworld.exe |
"{D8E75C0F-06D9-4BAC-A2CC-47775761F902}" = protocol=1 | dir=out | [email protected],-28544 |
"{DB757D33-7E4E-473D-A476-BBF5A754FAD6}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{DC93E345-BC87-48F5-9D80-F3E6440F5C0A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\path of exile\pathofexilesteam.exe |
"{DF0F4953-86FC-4E3D-99E9-3DF1BE2F2EAF}" = protocol=17 | dir=in | app=c:\program files\hearthstone\hearthstone.exe |
"{E54C0886-FE55-47DE-8760-83FB66CDED8E}" = dir=in | app=c:\users\pat\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{E7C59AC1-64BC-4BE0-B68C-C763341AA775}" = protocol=17 | dir=in | app=e:\winamp\winamp.exe |
"{EAF1296A-08D0-461B-9D7D-3BBADECD9470}" = dir=in | app=e:\itunes.exe |
"{EDF89D59-70F8-4AAC-9A5E-4FC771110E7C}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EE23DA08-548A-4D21-ADAD-C949FBBF479D}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{F0EDCC37-69B3-413B-9330-2C8E31588259}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\aceofspades\aos.exe |
"{F852535E-0001-49C2-AE17-C263306EF4CD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
"{FAF41CAC-30B5-45E3-8B14-F1E40516D2D1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\aceofspades\aos.exe |
"{FD7A72A1-CA22-4611-A53A-731EFB52A790}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{FE5F425A-B4CD-48C5-B79F-4D37D48AC8C0}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FFCFCAE0-5F28-4CB3-BAA3-ED8AD4B5C167}" = dir=in | app=c:\program files\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A61104-74B5-4056-AD00-4397EF4FB141}" = iCloud
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A37EE62-9A58-420D-90CC-4E52153112EE}" = iTunes
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0FAB8FFC-69DD-4625-A2D4-7785F9B78DD1}" = ESET Smart Security
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1" = Terraria version 1.2.4.1
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.8.2
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}" = Obsługa programów Apple
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D FurMark 1.12.0
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.7.5
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 65
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34D9106C-A947-47ED-B4AB-764736350769}" = Minecraft
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0
"{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1" = Xfire 2.0
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1" = EXPERTool v8.6
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5C92C8DB-B920-438F-94D8-37492BB8C0A5}_is1" = ModooMarble (Remove only)
"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}" = Battlefield 3™
"{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}" = Dead Space
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{715AD72D-887A-459E-988B-D4F3E87FA24B}" = Peggle
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75939021-3B68-419D-8DC1-E9823BFF9658}" = Google Drive
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7A6577E7-F341-430F-9173-91E14E2DE270}" = FIFA 14 Demo
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}" = EA Sports FIFA World
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.1 (Polski)
"{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}" = Apple Mobile Device Support
"{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1" = ROCCAT Power-Grid version 0.459
"{967E55B4-6DDD-4A2F-BFC7-07F1E327971E}_is1" = 7 Days to Die - Alpha version 4
"{97A19679-4C07-4B34-8ACB-D5565C3440FC}" = Stronghold
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6AC699F-8315-40CA-8F70-E917494978AB}" = VirtualDJ Home FREE
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{ACC75323-DB4A-4F7F-9AF3-1D1DEFF2D1B5}" = Heroes of Might and Magic V - Tribes of the East
"{ACC75323-DB4A-4f7f-9AF3-1D1DEFF2D1B5}_is1" = Heroes of Might and Magic V - Dzikie Hordy
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 14.6.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 14.6.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{B54E3B7E-9D42-484A-BC16-56D49719A84A}" = LogMeIn Hamachi
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{C83B8B35-C2C4-3302-9A6E-C2AF1A59E8D6}" = Microsoft .NET Framework 4.5.1 (PLK)
"{DB93E2C2-851F-44B2-B09C-351D2C624AE1}" = Camtasia Studio 8
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}" = Curse
"{DF55FE2E-3448-46ac-80E4-91FAB4059598}_is1" = DiceVenture (Remove only)
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.361
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Afterburner" = MSI Afterburner 2.3.1
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Audacity_is1" = Audacity 2.0.3
"Battle.net" = Battle.net
"Battlelog Web Plugins" = Battlelog Web Plugins
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.3_is1" = Cheat Engine 6.3
"Clownfish" = Clownfish for Skype
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Counter-Strike 1.6" = Counter-Strike 1.6 v48
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.67.1
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"DAEMON Tools Lite" = DAEMON Tools Lite
"Debian-Installer Loader" = Program ładujący instalator Debiana
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"FormatFactory" = FormatFactory 3.1.1
"Fraps" = Fraps (remove only)
"Game Dev Tycoon v1.3.21.3.2" = Game Dev Tycoon v1.3.2
"GameSpy Arcade" = GameSpy Arcade
"GhostMouse_is1" = GhostMouse
"GOGPACKPAPERSPLEASE_is1" = Papers, Please
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"Hearthstone" = Hearthstone
"KM Wakeup" = KM Wakeup 1.4 MUI
"League of Legends 3.0.1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"Mario Forever 5.01" = Mario Forever 5.01
"Metin2_is1" = Metin2
"Mirillis Action!" = Action!
"MMDoC-PDCLive" = Duel of Champions
"Mount&Blade" = Mount&Blade
"Mozilla Firefox 21.0 (x86 pl)" = Mozilla Firefox 21.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Origin" = Origin
"PhotoScape" = PhotoScape
"Program Plemiona_is1" = Program Plemiona v. bud. 9852
"ProxySwitcher Standard_is1" = ProxySwitcher Standard
"PunkBusterSvc" = PunkBuster Services
"Razer Game Booster_is1" = Razer Game Booster
"RTSS" = RivaTuner Statistics Server 5.2.0
"screenSHU" = screenSHU - the fastest screen capture ever.
"SpeedFan" = SpeedFan (remove only)
"SpeedUpMyComputer" = SpeedUpMyComputer
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 113200" = The Binding of Isaac
"Steam App 213650" = Dwarfs F2P
"Steam App 224540" = Ace of Spades
"Steam App 238960" = Path of Exile
"Steam App 440" = Team Fortress 2
"Steam App 570" = Dota 2
"Steam App 63380" = Sniper Elite V2
"Steam App 91310" = Dead Island
"sweet-page uninstaller" = sweet-page uninstaller
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1" = NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst
"U2FpbnRzUm93SVY=_is1" = Saints Row IV
"Warcraft III" = Warcraft III
"webget" = webget
"Winamp" = Winamp
"WindowsProtectManger" = WindowsProtectManger20.0.0.401
"WinRAR archiver" = WinRAR 4.20 (32-bitowy)
"XfireCodec" = Xfire Codec (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"GG" = GG
"MK LOL" = MK LOL
"MKLOL" = MKLOL
"Mozilla Firefox 29.0.1 (x86 pl)" = Mozilla Firefox 29.0.1 (x86 pl)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"Viber" = Viber
"Winamp Detect" = Detektor Winampa
"XBMC" = XBMC

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2014-07-16 12:13:00 | Computer Name = Pat-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2014-07-16 12:40:06 | Computer Name = Pat-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2014-07-16 12:44:50 | Computer Name = Pat-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2014-07-16 12:53:07 | Computer Name = Pat-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2014-07-16 13:23:18 | Computer Name = Pat-Komputer | Source = NvStreamSvc | ID = 131073
Description =

Error - 2014-07-16 13:23:19 | Computer Name = Pat-Komputer | Source = NvStreamSvc | ID = 131073
Description =

Error - 2014-07-16 13:23:19 | Computer Name = Pat-Komputer | Source = NvStreamSvc | ID = 131073
Description =

Error - 2014-07-16 13:23:21 | Computer Name = Pat-Komputer | Source = ESENT | ID = 455
Description = taskhost (2308) WebCacheLocal: Wystąpił błąd -1811 podczas otwierania
pliku dziennika C:\Users\Pat\AppData\Local\Microsoft\Windows\WebCache\V010021D.log.

Error - 2014-07-16 13:24:57 | Computer Name = Pat-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2014-07-16 13:31:15 | Computer Name = Pat-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2014-07-16 13:47:52 | Computer Name = Pat-Komputer | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 2013-10-04 08:23:36 | Computer Name = Pat-Komputer | Source = MCUpdate | ID = 0
Description = 14:23:31 - Błąd podczas nawiązywania połączenia z Internetem. 14:23:31
- Nie można skontaktować się z serwerem..

Error - 2013-10-09 01:45:24 | Computer Name = Pat-Komputer | Source = MCUpdate | ID = 0
Description = 07:45:22 - Błąd podczas nawiązywania połączenia z Internetem. 07:45:22
- Nie można skontaktować się z serwerem..

Error - 2013-11-11 09:38:51 | Computer Name = Pat-Komputer | Source = MCUpdate | ID = 0
Description = 14:38:50 - Nie można pobrać pakietu Directory (Błąd: Nie można połączyć
się z serwerem zdalnym)

Error - 2013-11-11 09:39:26 | Computer Name = Pat-Komputer | Source = MCUpdate | ID = 0
Description = 14:39:23 - Błąd podczas nawiązywania połączenia z Internetem. 14:39:23
- Nie można skontaktować się z serwerem..

Error - 2013-11-12 10:43:07 | Computer Name = Pat-Komputer | Source = MCUpdate | ID = 0
Description = 15:43:07 - Błąd podczas nawiązywania połączenia z Internetem. 15:43:07
- Nie można skontaktować się z serwerem..

Error - 2013-11-12 10:43:39 | Computer Name = Pat-Komputer | Source = MCUpdate | ID = 0
Description = 15:43:36 - Błąd podczas nawiązywania połączenia z Internetem. 15:43:36
- Nie można skontaktować się z serwerem..

Error - 2013-11-26 10:41:01 | Computer Name = Pat-Komputer | Source = MCUpdate | ID = 0
Description = 15:41:01 - Błąd podczas nawiązywania połączenia z Internetem. 15:41:01
- Nie można skontaktować się z serwerem..

Error - 2013-11-26 10:41:34 | Computer Name = Pat-Komputer | Source = MCUpdate | ID = 0
Description = 15:41:30 - Błąd podczas nawiązywania połączenia z Internetem. 15:41:30
- Nie można skontaktować się z serwerem..

Error - 2013-11-26 11:44:23 | Computer Name = Pat-Komputer | Source = MCUpdate | ID = 0
Description = 16:44:23 - Nie można pobrać pakietu Directory (Błąd: Nie można połączyć
się z serwerem zdalnym)

Error - 2013-11-26 11:45:05 | Computer Name = Pat-Komputer | Source = MCUpdate | ID = 0
Description = 16:45:01 - Błąd podczas nawiązywania połączenia z Internetem. 16:45:01
- Nie można skontaktować się z serwerem..

[ System Events ]
Error - 2014-07-16 14:43:39 | Computer Name = Pat-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error - 2014-07-16 14:43:39 | Computer Name = Pat-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error - 2014-07-16 14:43:39 | Computer Name = Pat-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error - 2014-07-16 14:43:39 | Computer Name = Pat-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error - 2014-07-16 14:43:39 | Computer Name = Pat-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error - 2014-07-16 14:43:39 | Computer Name = Pat-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error - 2014-07-16 14:43:39 | Computer Name = Pat-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error - 2014-07-16 14:43:39 | Computer Name = Pat-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error - 2014-07-16 14:43:39 | Computer Name = Pat-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error - 2014-07-16 14:43:39 | Computer Name = Pat-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.


< End of report >

 

[Gość]

Ponownie przekazuje od DnaloPub
Jest tutaj jakaś infekcja, ostatnio widziałem ją na forum. Charakteryzuje się dziwnym plikiem w prcoesach, startuje z program data (albo system32)
C:\ProgramData\bhib19yc\7z72uuox.exe
dodatkowo dziwne pliki w autostarcie które startują z folderu temp

C:\Users\Pat\AppData\Local\Temp\5fgol0py.ojx.vbs

również stwierdzam uszkodzony dysk
Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/16/2014 08:43:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

tylko teraz nie wiem czy to jest dysk główny czy jakiś dodatkowy (harddisk1)



Tak więc, odinstaluj SpeedUpMyComputer, sweet-page uninstaller, webget, suptab (o ile będzie)


Stwórz plik tekstowy o nazwie fixlist, wklej do niego:

(B***h & B***h) C:\ProgramData\bhib19yc\7z72uuox.exe
HKLM\...\Run: [uv4wt2o] => C:\Windows\system32\bhib19yc\7z72uuox.exe [142848 2014-07-15] (B***h & B***h)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Windows\system32\bhib19yc\7z72uuox.exe
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\RunOnce: [1b52a99da94c48b0b9fd46ba7f1971d6] - C:\Users\Pat\AppData\Local\Temp\pjdectjj.x1l.vbs [675 2014-07-16] ()
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\RunOnce: [12447a36ada5478cb8afad669575aeb3] - C:\Users\Pat\AppData\Local\Temp\fmfpwcg3.cwk.vbs [675 2014-07-16] ()
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\RunOnce: [ced2b728243042c881f33f92d3f0e2aa] - C:\Users\Pat\AppData\Local\Temp\5fgol0py.ojx.vbs [675 2014-07-16] ()
AppInit_DLLs: C:\Program Files\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SEARCH~1.DLL File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\msconfig.exe: [Debugger] dgdpx150.2d2
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\reg.exe: [Debugger] 2qouk4mp.xoy
IFEO\regedit.exe: [Debugger] y0avmxt0.oam
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\taskkill.exe: [Debugger] i2s2gkww.gjf
IFEO\tasklist.exe: [Debugger] 1v4wjpnf.qde
IFEO\taskmgr.exe: [Debugger] yshnpnld.feh
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-pag...K8SXXXX9VM1BK8S
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-pag...K8SXXXX9VM1BK8S
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-pag...K8SXXXX9VM1BK8S
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-pag...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-pag...K8SXXXX9VM1BK8S
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKCU - {E6A5F6C6-FE67-4BC8-801C-05CB20FD0230} URL = http://start.facemoo...earchTerms}&f=4
FF DefaultSearchEngine: sweet-page
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.3: Bing
CHR HomePage: hxxp://start.facemoods.com/?a=ddr
FF Extension: webget - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{9edd0ea8-2819-47c2-8320-b007d5996f8a}.xpi [2014-05-21]
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 SafetyNutManager; C:\Program Files\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe [X]
S2 Update webget; "C:\Program Files\webget\updatewebget.exe" [X]
S2 Util webget; "C:\Program Files\webget\bin\utilwebget.exe" [X]
S2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe -service [X]
S3 cpuz126; \??\C:\Users\Pat\AppData\Local\Temp\cpuz.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 EverestDriver; \??\E:\EVEREST Home Edition\kerneld.wnt [X]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files\Browser Tab Search by Ask\SafetyNut\configmgrc1.cfg [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2014-06-18 11:46 - 2014-07-16 20:50 - 00000000 ____D () C:\Program Files\SupTab

2014-06-18 11:46 - 2014-06-20 11:42 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-18 11:46 - 2014-06-18 22:17 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\sweet-page
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\SupTab
2014-07-16 19:47 - 2014-07-16 19:21 - 00000000 ___HD () C:\Windows\system32\bhib19yc

zapisz, umieść obok FRST i kliknij FIX. Wstaw fixlog który zostanie wyswietlony po wykonaniu skryptu oraz nowy log FRST (zaznacz opcję addition w FRST jeśli będzie odznaczona!)

[pat531]

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:15-07-2014 01
Ran by Pat at 2014-07-16 22:04:31 Run:1
Running from C:\Users\Pat\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
(B***h & B***h) C:\ProgramData\bhib19yc\7z72uuox.exe
HKLM\...\Run: [uv4wt2o] => C:\Windows\system32\bhib19yc\7z72uuox.exe [142848 2014-07-15] (B***h & B***h)
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,C:\Windows\system32\bhib19yc\7z72uuox.exe
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\RunOnce: [1b52a99da94c48b0b9fd46ba7f1971d6] - C:\Users\Pat\AppData\Local\Temp\pjdectjj.x1l.vbs [675 2014-07-16] ()
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\RunOnce: [12447a36ada5478cb8afad669575aeb3] - C:\Users\Pat\AppData\Local\Temp\fmfpwcg3.cwk.vbs [675 2014-07-16] ()
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\RunOnce: [ced2b728243042c881f33f92d3f0e2aa] - C:\Users\Pat\AppData\Local\Temp\5fgol0py.ojx.vbs [675 2014-07-16] ()
AppInit_DLLs: C:\Program Files\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SEARCH~1.DLL File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\msconfig.exe: [Debugger] dgdpx150.2d2
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\reg.exe: [Debugger] 2qouk4mp.xoy
IFEO\regedit.exe: [Debugger] y0avmxt0.oam
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\taskkill.exe: [Debugger] i2s2gkww.gjf
IFEO\tasklist.exe: [Debugger] 1v4wjpnf.qde
IFEO\taskmgr.exe: [Debugger] yshnpnld.feh
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-pag...K8SXXXX9VM1BK8S
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-pag...K8SXXXX9VM1BK8S
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-pag...K8SXXXX9VM1BK8S
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-pag...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-pag...K8SXXXX9VM1BK8S
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKCU - {E6A5F6C6-FE67-4BC8-801C-05CB20FD0230} URL = http://start.facemoo...earchTerms}&f=4
FF DefaultSearchEngine: sweet-page
FF SearchEngineOrder.1: Ask.com
FF SearchEngineOrder.3: Bing
CHR HomePage: hxxp://start.facemoods.com/?a=ddr
FF Extension: webget - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{9edd0ea8-2819-47c2-8320-b007d5996f8a}.xpi [2014-05-21]
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 SafetyNutManager; C:\Program Files\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe [X]
S2 Update webget; "C:\Program Files\webget\updatewebget.exe" [X]
S2 Util webget; "C:\Program Files\webget\bin\utilwebget.exe" [X]
S2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe -service [X]
S3 cpuz126; \??\C:\Users\Pat\AppData\Local\Temp\cpuz.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 EverestDriver; \??\E:\EVEREST Home Edition\kerneld.wnt [X]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files\Browser Tab Search by Ask\SafetyNut\configmgrc1.cfg [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2014-06-18 11:46 - 2014-07-16 20:50 - 00000000 ____D () C:\Program Files\SupTab

2014-06-18 11:46 - 2014-06-20 11:42 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-18 11:46 - 2014-06-18 22:17 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\sweet-page
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\SupTab
2014-07-16 19:47 - 2014-07-16 19:21 - 00000000 ___HD () C:\Windows\system32\bhib19yc
*****************

[4200] C:\ProgramData\bhib19yc\7z72uuox.exe => Process closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\uv4wt2o => value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully.
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\1b52a99da94c48b0b9fd46ba7f1971d6 => Value not found.
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\12447a36ada5478cb8afad669575aeb3 => Value not found.
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ced2b728243042c881f33f92d3f0e2aa => Value not found.
"C:\Program Files\SupTab\SEARCH~1.DLL" => Value Data removed successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe' => Key deleted successfully.

 

 

Jak próbuje kliknąc ppm to zachowuje się jak lpm.

 

a i dodam, że często mam, że MPCForum mi nie działa i jest napisane, że google chrome nie może wczytać tej strony 

[pat531]

@ref

[Janusz.]

Wybacz, miałem ostatnio problemy z kontem i @arl4s6 musiał mi pomagać.

 

Dostarcz nowy log FRST wraz z addition.txt

[pat531]

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-07-2014 01
Ran by Pat (administrator) on PAT-KOMPUTER on 18-07-2014 13:38:43
Running from C:\Users\Pat\Desktop
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ef7356bc77a65e9e\stacsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() E:\Acrylic DNS Proxy\AcrylicService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Hi-Rez Studios) D:\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Razer Inc.) E:\Razer Game Booster\RzKLService.exe
(LogMeIn Inc.) E:\hamachi-2.exe
(LogMeIn, Inc.) E:\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Apple Inc.) E:\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() D:\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
() D:\League of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\LoLLauncher.exe
() D:\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.100\deploy\LolClient.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() D:\MKJogo\MK IM\Bin\MKIM.exe
() D:\League of Legends\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.48\deploy\League of Legends.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5078504 2013-03-04] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [switchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [bCSSync] => E:\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap.dll [1122312 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483422 2009-03-12] (IDT, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => E:\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Run: [LogMeIn Hamachi Ui] => E:\hamachi-2-ui.exe [3816272 2014-07-15] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [NoViewContextMenu] 1
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\Run: [Google Update] => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-04-01] (Google Inc.)
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\Run: [GoogleChromeAutoLaunch_3761880807D2FC22AB5D1BC4CC332465] => C:\Program Files\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\Run: [Facebook Update] => C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-12] (Facebook Inc.)
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\Run: [PSwitch] => E:\Proxy Switcher Standard\ProxySwitcher.exe [5535288 2014-02-11] (Proxy Switcher)
HKU\S-1-5-21-1225398398-1239517190-565687342-1000\...\Policies\Explorer: [NoViewContextMenu] 1
Startup: C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_31272097.lnk
ShortcutTarget: _uninst_31272097.lnk -> C:\Users\Pat\AppData\Local\Temp\_uninst_31272097.bat ()
HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 62.179.1.60 62.179.1.61
Tcpip\..\Interfaces\{D0456428-A75F-4E7B-A41F-51B1F8FA468C}: [NameServer]127.0.0.1,192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: sweet-page
FF SelectedSearchEngine: sweet-page
FF Homepage: hxxp://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=210&systemid=488&v=a12834-376&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=3581253102204675&o=APN11459&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - E:\Mozilla Plugins\npitunes.dll ()
FF Plugin: @esn.me/esnsonar,version=0.70.4 - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin: @esn/npbattlelog,version=2.3.2 - C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.4.0 - C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - E:\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - E:\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 - E:\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Pat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Pat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Pat\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Pat\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Pat\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Pat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\Pat\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Pat\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF Extension: Quick Start - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\[email protected] [2014-06-18]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2013-04-01]
FF Extension: Easy YouTube Video Downloader - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013-04-01]
FF Extension: Adblock Plus - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-06]
FF Extension: Greasemonkey - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-09-12]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DAP\daplinkchecker
FF Extension: DAP Link Checker - C:\Program Files\DAP\daplinkchecker [2013-05-20]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\25mvuetz.default\extensions\[email protected]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-04-01]
FF HKCU\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox
FF Extension: Download Accelerator Plus (DAP) extension - C:\Program Files\DAP\DAPFireFox [2013-05-20]
FF StartMenuInternet: FIREFOX.EXE - E:\mozilla\firefox.exe

Chrome:
=======
CHR HomePage: hxxp://start.facemoods.com/?a=ddr
CHR StartupUrls: "hxxp://msn.gazeta.pl/msn/0,0.html?pc=UP21&ocid=UP21DHP&dt=052413", "hxxp://www.search.ask.com/?o=APN11459&gct=hp&d=488-210&v=a12834-376&t=4", "hxxp://www.sweet-page.com/?type=hp&ts=1403084770&from=smt&uid=ST3500418AS_9VM1BK8SXXXX9VM1BK8S"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (Facebook App for Google Chrome™) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainkhhbgcdbenmmbaoacambbhjfgnmmm [2013-04-01]
CHR Extension: (Dokumenty Google) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-01]
CHR Extension: (Dysk Google) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-01]
CHR Extension: (YouTube) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-01]
CHR Extension: (Battlefield Heroes) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-03-26]
CHR Extension: (Adblock Plus) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-04-01]
CHR Extension: (Szukaj w Google) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-01]
CHR Extension: (Easy Video Downloader Express) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbcpmdpjjlhppmhfkcgbeanaanipdjbk [2014-02-17]
CHR Extension: (Tampermonkey) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-12-15]
CHR Extension: (Weather) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad [2013-07-02]
CHR Extension: (Zapisz na Dysku Google) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2013-04-01]
CHR Extension: (Pixlr Express) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2013-07-02]
CHR Extension: (KodyRabatowe.pl) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\kafpjghdfockenndmdalblagbonhemkf [2013-04-09]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2013-07-02]
CHR Extension: (Google Hangouts) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-03-01]
CHR Extension: (Google Wallet) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Battlefield Play4Free) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2013-09-07]
CHR Extension: (Gmail) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-01]
CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files\DAP\DAPChrome\DAPChrome6.crx [2013-05-20]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-18]

========================== Services (Whitelisted) =================

R2 AcrylicController; E:\Acrylic DNS Proxy\AcrylicService.exe [518656 2014-01-04] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1341664 2013-03-04] (ESET)
R2 Hamachi2Svc; E:\hamachi-2.exe [1903952 2014-07-15] (LogMeIn Inc.)
R2 HiPatchService; D:\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19742664 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-03-26] ()
R2 RzKLService; E:\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ef7356bc77a65e9e\STacSV.exe [254036 2009-03-12] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

R0 10796329; C:\Windows\System32\DRIVERS\10796329.sys [135776 2014-07-16] (Kaspersky Lab ZAO)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278728 2013-07-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-04-02] (DT Soft Ltd)
R3 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171680 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [150080 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [46056 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [47568 2013-02-14] (ESET)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22560 2013-12-03] (REALiX)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2013-07-16] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [34432 2012-10-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv.sys [22656 2013-01-31] (ManyCam LLC)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 XFDriver; C:\Program Files\Xfire2\XFDriver.sys [16648 2013-03-14] (XFire)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-17 14:45 - 2014-07-17 14:46 - 00000000 ____D () C:\Program Files\Safari
2014-07-17 13:53 - 2014-07-17 13:53 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-17 13:52 - 2014-07-16 19:56 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\10796329.sys
2014-07-17 13:28 - 2014-07-17 13:28 - 00000000 ____D () C:\Users\Pat\Desktop\BOL by wiezaawieza
2014-07-17 13:25 - 2014-07-17 13:28 - 12116510 _____ () C:\Users\Pat\Desktop\BOL by wiezaawieza.rar
2014-07-17 13:24 - 2014-07-17 13:50 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Bol
2014-07-17 01:50 - 2014-07-17 14:41 - 00000840 _____ () C:\Windows\setupact.log
2014-07-17 01:50 - 2014-07-17 13:43 - 00119246 _____ () C:\Windows\PFRO.log
2014-07-17 01:50 - 2014-07-17 01:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 23:46 - 2014-07-16 23:46 - 00000000 __SHD () C:\Users\Pat\AppData\Local\EmieUserList
2014-07-16 23:46 - 2014-07-16 23:46 - 00000000 __SHD () C:\Users\Pat\AppData\Local\EmieSiteList
2014-07-16 22:07 - 2014-07-17 14:20 - 00000000 ___HD () C:\Windows\system32\bhib19yc
2014-07-16 21:13 - 2014-07-16 21:13 - 00103634 _____ () C:\Users\Pat\Desktop\Extras.Txt
2014-07-16 21:08 - 2014-07-16 21:08 - 00140058 _____ () C:\Users\Pat\Desktop\OTL.Txt
2014-07-16 21:02 - 2014-07-16 21:02 - 00087685 _____ () C:\Users\Pat\Desktop\Shortcut.txt
2014-07-16 20:58 - 2014-07-16 22:02 - 00059180 _____ () C:\Users\Pat\Desktop\Addition.txt
2014-07-16 20:57 - 2014-07-18 13:40 - 00022693 _____ () C:\Users\Pat\Desktop\FRST.txt
2014-07-16 20:57 - 2014-07-18 13:39 - 00000000 ____D () C:\FRST
2014-07-16 20:56 - 2014-07-16 20:57 - 00602112 _____ (OldTimer Tools) C:\Users\Pat\Desktop\OTL.exe
2014-07-16 20:56 - 2014-07-16 20:56 - 01077248 _____ (Farbar) C:\Users\Pat\Desktop\FRST.exe
2014-07-16 20:44 - 2014-07-16 20:47 - 144525024 _____ () C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57 (1).exe
2014-07-16 20:40 - 2014-07-16 20:42 - 144525024 _____ () C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57.exe
2014-07-16 20:00 - 2014-07-16 20:00 - 00000000 ____D () C:\Users\Pat\Doctor Web
2014-07-16 19:54 - 2014-07-16 19:58 - 152160472 _____ () C:\Users\Pat\Desktop\0uiae71b.exe
2014-07-16 19:15 - 2014-07-17 13:06 - 00000000 ____D () C:\Users\Pat\Desktop\BoL Studio (2)
2014-07-16 19:14 - 2014-07-16 19:15 - 10339653 _____ () C:\Users\Pat\Desktop\BoL Studio (2).rar
2014-07-16 18:56 - 2014-07-16 18:57 - 14064606 _____ () C:\Users\Pat\Desktop\BOL.rar
2014-07-16 18:31 - 2014-07-16 18:32 - 00000000 ____D () C:\Users\Pat\Desktop\bolfree
2014-07-16 18:01 - 2014-07-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy
2014-07-16 17:53 - 2014-07-16 17:56 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\cloudrop
2014-07-16 15:02 - 2014-07-11 03:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-16 15:02 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-16 15:02 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-16 15:02 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-16 12:39 - 2014-07-16 12:39 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-15 23:08 - 2014-07-15 23:08 - 00000000 ____D () C:\Users\Pat\Documents\MKJogo
2014-07-15 23:06 - 2014-07-18 12:48 - 00000679 _____ () C:\Users\Pat\Desktop\MK LOL.lnk
2014-07-13 05:00 - 2014-07-13 05:00 - 00000000 ____D () C:\Users\Pat\Desktop\Scripts by SeleX
2014-07-13 04:57 - 2014-07-13 04:57 - 00103326 _____ () C:\Users\Pat\Desktop\Scripts by SeleX.rar
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\Program Files\iPod
2014-07-09 13:49 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 13:49 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 13:49 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 13:49 - 2014-06-19 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 13:49 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 13:49 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 13:49 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 13:49 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 13:49 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 13:49 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 13:49 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 13:49 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 13:49 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 13:49 - 2014-06-19 01:23 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 13:49 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 13:49 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 13:49 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 13:49 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 13:49 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 13:49 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 13:49 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 13:49 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 13:49 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 13:49 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 13:49 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 13:49 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 13:49 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 13:49 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 13:49 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 13:49 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 13:49 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 13:49 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 13:49 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 13:49 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 13:49 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 13:49 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-08 19:21 - 2014-07-08 19:21 - 00020290 _____ () C:\Users\Pat\Desktop\addmefast youtube subscriber.rms
2014-07-08 02:29 - 2014-07-06 12:25 - 00000570 _____ () C:\Users\Pat\Desktop\XBMC.lnk
2014-07-06 12:25 - 2014-07-06 12:25 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2014-07-05 11:33 - 2014-07-05 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-05 11:32 - 2014-07-05 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-04 20:56 - 2014-07-04 20:56 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\MPC-HC
2014-07-04 20:55 - 2014-07-04 20:55 - 00000600 _____ () C:\Users\Pat\Desktop\MPC-HC.lnk
2014-07-04 20:55 - 2014-07-04 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-06-28 10:38 - 2014-06-28 10:38 - 00000539 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-06-26 01:31 - 2014-06-26 01:31 - 06762889 _____ () C:\Users\Pat\Desktop\miniTrainer.zip
2014-06-21 14:54 - 2014-06-21 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-06-20 12:31 - 2014-06-20 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-06-20 11:57 - 2014-07-12 15:14 - 00001361 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-20 11:55 - 2014-06-20 11:55 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-19 14:55 - 2014-06-19 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
2014-06-19 10:03 - 2014-06-22 22:55 - 00000000 ____D () C:\Users\Pat\AppData\Local\Adobe
2014-06-18 11:46 - 2014-06-18 11:46 - 00000606 _____ () C:\Users\Pat\Desktop\Cheat Engine.lnk
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\Documents\My Cheat Tables
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3

==================== One Month Modified Files and Folders =======

2014-07-18 13:40 - 2014-07-16 20:57 - 00022693 _____ () C:\Users\Pat\Desktop\FRST.txt
2014-07-18 13:40 - 2013-04-01 15:29 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Skype
2014-07-18 13:39 - 2014-07-16 20:57 - 00000000 ____D () C:\FRST
2014-07-18 13:34 - 2013-05-08 20:55 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA.job
2014-07-18 13:18 - 2013-04-01 15:20 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-18 13:17 - 2013-04-02 11:35 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA.job
2014-07-18 13:09 - 2013-04-01 21:37 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-18 12:48 - 2014-07-15 23:06 - 00000679 _____ () C:\Users\Pat\Desktop\MK LOL.lnk
2014-07-18 10:17 - 2013-04-02 11:35 - 00000998 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core.job
2014-07-18 05:59 - 2013-03-31 21:49 - 01288940 _____ () C:\Windows\WindowsUpdate.log
2014-07-18 03:18 - 2014-01-27 17:50 - 00027419 _____ () C:\Users\Pat\Desktop\ask.fm liker.rms
2014-07-18 02:17 - 2013-11-29 13:58 - 00000000 ____D () C:\Users\Pat\AppData\Local\screenSHU
2014-07-17 22:34 - 2013-05-08 20:55 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core.job
2014-07-17 19:28 - 2013-04-01 15:20 - 00001028 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-17 14:48 - 2009-07-14 06:34 - 00021504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-17 14:48 - 2009-07-14 06:34 - 00021504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-17 14:46 - 2014-07-17 14:45 - 00000000 ____D () C:\Program Files\Safari
2014-07-17 14:46 - 2013-10-18 19:49 - 00002491 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2014-07-17 14:46 - 2013-10-18 19:49 - 00002479 _____ () C:\Users\Public\Desktop\Safari.lnk
2014-07-17 14:42 - 2014-06-15 13:44 - 00000000 ____D () C:\Users\Pat\AppData\Local\LogMeIn Hamachi
2014-07-17 14:41 - 2014-07-17 01:50 - 00000840 _____ () C:\Windows\setupact.log
2014-07-17 14:40 - 2014-02-20 02:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-17 14:40 - 2013-07-03 14:37 - 00000440 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-17 14:40 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-17 14:20 - 2014-07-16 22:07 - 00000000 ___HD () C:\Windows\system32\bhib19yc
2014-07-17 13:53 - 2014-07-17 13:53 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-17 13:50 - 2014-07-17 13:24 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Bol
2014-07-17 13:43 - 2014-07-17 01:50 - 00119246 _____ () C:\Windows\PFRO.log
2014-07-17 13:28 - 2014-07-17 13:28 - 00000000 ____D () C:\Users\Pat\Desktop\BOL by wiezaawieza
2014-07-17 13:28 - 2014-07-17 13:25 - 12116510 _____ () C:\Users\Pat\Desktop\BOL by wiezaawieza.rar
2014-07-17 13:06 - 2014-07-16 19:15 - 00000000 ____D () C:\Users\Pat\Desktop\BoL Studio (2)
2014-07-17 01:57 - 2014-05-10 13:52 - 00000000 ____D () C:\Program Files\SmartTweak
2014-07-17 01:56 - 2014-04-19 15:11 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\3909
2014-07-17 01:56 - 2014-01-04 03:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-07-17 01:50 - 2014-07-17 01:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-17 01:49 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-17 01:49 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-07-16 23:46 - 2014-07-16 23:46 - 00000000 __SHD () C:\Users\Pat\AppData\Local\EmieUserList
2014-07-16 23:46 - 2014-07-16 23:46 - 00000000 __SHD () C:\Users\Pat\AppData\Local\EmieSiteList
2014-07-16 22:02 - 2014-07-16 20:58 - 00059180 _____ () C:\Users\Pat\Desktop\Addition.txt
2014-07-16 21:13 - 2014-07-16 21:13 - 00103634 _____ () C:\Users\Pat\Desktop\Extras.Txt
2014-07-16 21:08 - 2014-07-16 21:08 - 00140058 _____ () C:\Users\Pat\Desktop\OTL.Txt
2014-07-16 21:02 - 2014-07-16 21:02 - 00087685 _____ () C:\Users\Pat\Desktop\Shortcut.txt
2014-07-16 20:57 - 2014-07-16 20:56 - 00602112 _____ (OldTimer Tools) C:\Users\Pat\Desktop\OTL.exe
2014-07-16 20:56 - 2014-07-16 20:56 - 01077248 _____ (Farbar) C:\Users\Pat\Desktop\FRST.exe
2014-07-16 20:50 - 2014-06-13 08:10 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-07-16 20:50 - 2014-05-21 16:11 - 00000000 ____D () C:\Program Files\webget
2014-07-16 20:47 - 2014-07-16 20:44 - 144525024 _____ () C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57 (1).exe
2014-07-16 20:42 - 2014-07-16 20:40 - 144525024 _____ () C:\Users\Pat\Desktop\setup_11.0.3.7.x01_2014_07_16_19_57.exe
2014-07-16 20:00 - 2014-07-16 20:00 - 00000000 ____D () C:\Users\Pat\Doctor Web
2014-07-16 20:00 - 2013-03-31 21:47 - 00000000 ____D () C:\Users\Pat
2014-07-16 19:58 - 2014-07-16 19:54 - 152160472 _____ () C:\Users\Pat\Desktop\0uiae71b.exe
2014-07-16 19:56 - 2014-07-17 13:52 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\10796329.sys
2014-07-16 19:15 - 2014-07-16 19:14 - 10339653 _____ () C:\Users\Pat\Desktop\BoL Studio (2).rar
2014-07-16 18:59 - 2014-02-02 15:47 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-16 18:59 - 2014-02-02 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-16 18:59 - 2014-02-02 15:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-16 18:59 - 2013-04-01 17:49 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\uTorrent
2014-07-16 18:57 - 2014-07-16 18:56 - 14064606 _____ () C:\Users\Pat\Desktop\BOL.rar
2014-07-16 18:32 - 2014-07-16 18:31 - 00000000 ____D () C:\Users\Pat\Desktop\bolfree
2014-07-16 18:07 - 2013-04-01 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-16 18:01 - 2014-07-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrylic DNS Proxy
2014-07-16 17:56 - 2014-07-16 17:53 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\cloudrop
2014-07-16 15:02 - 2013-10-20 23:31 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-16 15:02 - 2013-04-01 17:25 - 00000000 ____D () C:\Program Files\Java
2014-07-16 12:39 - 2014-07-16 12:39 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-15 23:08 - 2014-07-15 23:08 - 00000000 ____D () C:\Users\Pat\Documents\MKJogo
2014-07-15 23:08 - 2013-11-23 18:57 - 00000052 _____ () C:\Windows\JQHApp.dat
2014-07-13 05:25 - 2014-05-07 22:05 - 00000000 ____D () C:\Users\Pat\Desktop\Scripts
2014-07-13 05:00 - 2014-07-13 05:00 - 00000000 ____D () C:\Users\Pat\Desktop\Scripts by SeleX
2014-07-13 04:57 - 2014-07-13 04:57 - 00103326 _____ () C:\Users\Pat\Desktop\Scripts by SeleX.rar
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-12 15:14 - 2014-07-12 15:14 - 00000000 ____D () C:\Program Files\iPod
2014-07-12 15:14 - 2014-06-20 11:57 - 00001361 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-12 15:14 - 2013-10-19 10:25 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-11 18:29 - 2013-05-18 17:49 - 00000000 ____D () C:\ProgramData\Origin
2014-07-11 18:28 - 2013-05-18 19:08 - 00000000 ____D () C:\Users\Pat\Documents\FIFA 13
2014-07-11 03:02 - 2014-07-16 15:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-11 02:56 - 2014-07-16 15:02 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-11 02:56 - 2014-07-16 15:02 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-11 02:55 - 2014-07-16 15:02 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-10 19:50 - 2013-08-10 01:13 - 00282296 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-07-10 19:50 - 2013-06-11 23:52 - 00282296 _____ () C:\Windows\system32\PnkBstrB.exe
2014-07-10 19:47 - 2013-06-11 23:53 - 00139648 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-07-10 19:47 - 2013-06-11 23:52 - 00282296 _____ () C:\Windows\system32\PnkBstrB.ex0
2014-07-09 23:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-07-09 23:25 - 2009-07-14 06:33 - 03787184 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 23:24 - 2010-11-21 02:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 23:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-07-09 15:44 - 2013-04-11 14:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 15:42 - 2013-07-20 22:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 15:39 - 2013-04-03 15:13 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 13:18 - 2013-05-18 17:43 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\XBMC
2014-07-09 12:09 - 2013-04-01 21:37 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 12:09 - 2013-04-01 21:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 03:20 - 2013-04-01 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-08 19:21 - 2014-07-08 19:21 - 00020290 _____ () C:\Users\Pat\Desktop\addmefast youtube subscriber.rms
2014-07-08 15:08 - 2009-07-14 06:53 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-06 12:25 - 2014-07-08 02:29 - 00000570 _____ () C:\Users\Pat\Desktop\XBMC.lnk
2014-07-06 12:25 - 2014-07-06 12:25 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2014-07-05 11:33 - 2014-07-05 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-05 11:33 - 2013-10-19 10:25 - 00001819 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-05 11:33 - 2013-04-01 17:00 - 00000000 ____D () C:\Program Files\QuickTime
2014-07-05 11:32 - 2014-07-05 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-04 20:56 - 2014-07-04 20:56 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\MPC-HC
2014-07-04 20:55 - 2014-07-04 20:55 - 00000600 _____ () C:\Users\Pat\Desktop\MPC-HC.lnk
2014-07-04 20:55 - 2014-07-04 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-07-04 11:33 - 2013-11-26 01:23 - 00000000 ____D () C:\Users\Pat\Desktop\skrypty do bola
2014-07-03 22:39 - 2011-02-04 16:24 - 00740422 _____ () C:\Windows\system32\perfh015.dat
2014-07-03 22:39 - 2011-02-04 16:24 - 00155996 _____ () C:\Windows\system32\perfc015.dat
2014-07-03 22:39 - 2010-11-20 23:01 - 01670518 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-03 22:05 - 2013-12-18 17:58 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\.minecraft
2014-06-30 12:56 - 2013-04-05 20:13 - 00000000 ____D () C:\Users\Pat\Documents\Euro Truck Simulator 2
2014-06-30 12:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-28 10:38 - 2014-06-28 10:38 - 00000539 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-06-27 15:01 - 2014-03-30 18:12 - 00000000 ____D () C:\Users\Pat\Documents\FIFA World
2014-06-26 01:31 - 2014-06-26 01:31 - 06762889 _____ () C:\Users\Pat\Desktop\miniTrainer.zip
2014-06-25 12:47 - 2013-05-08 20:18 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\GG
2014-06-24 11:51 - 2013-07-16 19:01 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-06-22 22:55 - 2014-06-19 10:03 - 00000000 ____D () C:\Users\Pat\AppData\Local\Adobe
2014-06-22 16:12 - 2013-04-02 13:39 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\DAEMON Tools Lite
2014-06-21 14:54 - 2014-06-21 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-06-21 14:54 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-20 21:39 - 2014-07-09 13:49 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 12:31 - 2014-06-20 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-06-20 12:31 - 2014-06-13 08:10 - 00001251 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-06-20 11:58 - 2013-10-19 10:26 - 00000000 ____D () C:\Users\Pat\AppData\Roaming\Apple Computer
2014-06-20 11:57 - 2013-10-18 19:49 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-20 11:55 - 2014-06-20 11:55 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-20 11:54 - 2013-10-18 19:48 - 00000000 ____D () C:\ProgramData\Apple
2014-06-19 14:55 - 2014-06-19 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
2014-06-19 02:16 - 2014-07-09 13:49 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 01:56 - 2014-07-09 13:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 01:56 - 2014-07-09 13:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 01:38 - 2014-07-09 13:49 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 01:37 - 2014-07-09 13:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 01:36 - 2014-07-09 13:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 13:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 01:32 - 2014-07-09 13:49 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 01:28 - 2014-07-09 13:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 13:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 01:25 - 2014-07-09 13:49 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 01:23 - 2014-07-09 13:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 01:23 - 2014-07-09 13:49 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 01:22 - 2014-07-09 13:49 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 01:16 - 2014-07-09 13:49 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 01:12 - 2014-07-09 13:49 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 13:49 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 13:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 00:59 - 2014-07-09 13:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 13:49 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 13:49 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 00:52 - 2014-07-09 13:49 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 00:49 - 2014-07-09 13:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 13:49 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 13:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 13:49 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:13 - 2014-07-09 13:49 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:09 - 2014-07-09 13:49 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:07 - 2014-07-09 13:49 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-18 11:46 - 2014-06-18 11:46 - 00000606 _____ () C:\Users\Pat\Desktop\Cheat Engine.lnk
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\Users\Pat\Documents\My Cheat Tables
2014-06-18 11:46 - 2014-06-18 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
2014-06-18 10:59 - 2013-06-30 16:38 - 00000000 ____D () C:\Windows\system32\directx
2014-06-18 03:51 - 2014-07-09 13:49 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 02:52 - 2014-07-09 13:49 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Files to move or delete:
====================
E:\Proxy Switcher Standard\ProxySwitcher.exe


Some content of TEMP:
====================
C:\Users\Pat\AppData\Local\Temp\DAPREMOVE.EXE
C:\Users\Pat\AppData\Local\Temp\sfamcc00001.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 04:06

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:15-07-2014 01
Ran by Pat at 2014-07-18 13:41:51
Running from C:\Users\Pat\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Zapora osobista ESET (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
Ace of Spades (HKLM\...\Steam App 224540) (Version: - Jagex Limited)
Action! (HKLM\...\Mirillis Action!) (Version: 1.12.2 - Mirillis)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Aktualizacje NVIDIA 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM\...\{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Heroes (HKCU\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version: - EA Digital illusions)
Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM\...\{DB93E2C2-851F-44B2-B09C-351D2C624AE1}) (Version: 8.0.4.1060 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Clownfish for Skype (HKLM\...\Clownfish) (Version: - )
Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
Counter-Strike 1.6 v48 (HKLM\...\Counter-Strike 1.6) (Version: v48 - CSSetti.pl)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Curse (HKLM\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CWK (Czasowy Wyłącznik Komputera) (HKLM\...\CWK) (Version: 2.52.3.43 - Damian Pasternak)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dead Island (HKLM\...\Steam App 91310) (Version: - Techland)
Dead Space (HKLM\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Detektor Winampa (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
DiceVenture (Remove only) (HKLM\...\{DF55FE2E-3448-46ac-80E4-91FAB4059598}_is1) (Version: 1.0 - CJ Games Global)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Download Accelerator Plus (DAP) (HKLM\...\Download Accelerator Plus (DAP)) (Version: 10053 (Build 2558) - Speedbit Ltd.)
Duel of Champions (HKLM\...\MMDoC-PDCLive) (Version: - Ubisoft)
EA Sports FIFA World (HKLM\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 6.3.0.44917 - Electronic Arts, Inc.)
ESET Smart Security (HKLM\...\{0FAB8FFC-69DD-4625-A2D4-7785F9B78DD1}) (Version: 6.0.314.2 - ESET, spol s r. o.)
Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
EXPERTool v8.6 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.6.0.0 - Gainward Co. Ltd.)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.7.0.0 - Electronic Arts)
FIFA 14 Demo (HKLM\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
FormatFactory 3.1.1 (HKLM\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
Game Dev Tycoon v1.3.2 (HKLM\...\Game Dev Tycoon v1.3.21.3.2) (Version: 1.3.2 - Friends in War)
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version: - )
Geeks3D FurMark 1.12.0 (HKLM\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GG (HKCU\...\GG) (Version: 12 - GG Network S.A.)
GhostMouse (HKLM\...\GhostMouse_is1) (Version: Free V3.2.1 - ghost-mouse.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk Plugin (HKLM\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Might and Magic V - Dzikie Hordy (HKLM\...\{ACC75323-DB4A-4f7f-9AF3-1D1DEFF2D1B5}_is1) (Version: - Ubisoft)
Heroes of Might and Magic V - Tribes of the East (HKLM\...\{ACC75323-DB4A-4F7F-9AF3-1D1DEFF2D1B5}) (Version: - )
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.20001.0 - IDT)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KM Wakeup 1.4 MUI (HKLM\...\KM Wakeup) (Version: 1.4 MUI - Marcin Nowok)
League of Legends (HKLM\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.222 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.222 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM\...\LOLReplay) (Version: 0.8.5.1 - www.leaguereplays.com)
Mario Forever 5.01 (HKLM\...\Mario Forever 5.01) (Version: - )
Metin2 (HKLM\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Access MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Polish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM\...\{34D9106C-A947-47ED-B4AB-764736350769}) (Version: 1.6.1 - MINECRAFTinstall.net)
MK LOL (HKCU\...\MK LOL) (Version: - )
MKLOL (HKCU\...\MKLOL) (Version: - )
Mount&Blade (HKLM\...\Mount&Blade) (Version: - )
Mozilla Firefox 21.0 (x86 pl) (HKLM\...\Mozilla Firefox 21.0 (x86 pl)) (Version: 21.0 - Mozilla)
Mozilla Firefox 29.0.1 (x86 pl) (HKCU\...\Mozilla Firefox 29.0.1 (x86 pl)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 21.0 - Mozilla)
MPC-HC 1.7.5 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.5 - MPC-HC Team)
MSI Afterburner 2.3.1 (HKLM\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM\...\TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1) (Version: 1 - )
Need for Speed™ Most Wanted (HKLM\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (HKLM\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Sterownik 3D Vision 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Obsługa programów Apple (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Origin (HKLM\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Panel sterowania NVIDIA 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
Path of Exile (HKLM\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.0.1.29801 - Grinding Gear Games)
Path of Exile (HKLM\...\Steam App 238960) (Version: - Grinding Gear Games)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Program Plemiona v. bud. 9852 (HKLM\...\Program Plemiona_is1) (Version: 3 - Paweł Adamski [email protected])
ProxySwitcher Standard (HKLM\...\ProxySwitcher Standard_is1) (Version: 5.9.1 - V-Tech LLC)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
RivaTuner Statistics Server 5.2.0 (HKLM\...\RTSS) (Version: 5.2.0 - Unwinder)
ROCCAT Power-Grid version 0.459 (HKLM\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.459 - ROCCAT GmbH)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
screenSHU - the fastest screen capture ever. (HKLM\...\screenSHU) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smite (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2215.6 - Hi-Rez Studios)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version: - Rebellion)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
StarCraft II (HKLM\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM\...\{97A19679-4C07-4B34-8ACB-D5565C3440FC}) (Version: - )
Stronghold 2 Deluxe (HKLM\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.000 - Firefly Studios)
Stronghold Crusader (HKLM\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Terraria version 1.2.4.1 (HKLM\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 1.2.4.1 - )
The Binding of Isaac (HKLM\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.632 - Electronic Arts)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{70D90D6A-7373-40DD-BF09-9F0B9C55FA36}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{1B21CC3B-3FE0-4386-B29E-6EF68C45FD9E}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Vegas Movie Studio HD Platinum 10.0 (HKLM\...\{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}) (Version: 10.0.179 - Sony)
Viber (HKCU\...\Viber) (Version: 3.0.0.132799 - Viber Media Inc)
VirtualDJ Home FREE (HKLM\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
Warcraft III (HKLM\...\Warcraft III) (Version: - Blizzard Entertainment)
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WindowsProtectManger20.0.0.401 (HKLM\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION
WinRAR 4.20 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XBMC (HKCU\...\XBMC) (Version: - Team XBMC)
Xfire 2.0 (HKLM\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM\...\XfireCodec) (Version: - )
YTD Video Downloader 4.8.2 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.2 - GreenTree Applications SRL)

==================== Restore Points =========================

18-07-2014 02:13:16 Zaplanowany punkt kontrolny

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0E0A1B71-3D31-4AF3-B71B-45549BB66DAD} - System32\Tasks\{0713C7B3-FE8C-41B7-A936-E8AE0DA912FE} => D:\age of empires\empires2.exe [1927-03-20] (Microsoft Corporation)
Task: {41C61873-3868-4FC5-A9FE-3F90127D39C8} - System32\Tasks\{0379EE24-DCE3-4152-A1AB-EB18BEE52868} => D:\LeagueofLegends.exe
Task: {4F853A7E-DE5C-4288-8254-9908808BB700} - System32\Tasks\MSIAfterburner => E:\MSI Afterburner\MSIAfterburner.exe [2013-01-23] ()
Task: {521013BD-FD95-433D-A820-6C8E50F17348} - System32\Tasks\{395297F3-87A3-4B60-A26F-14DF196CE178} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.107/pl/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {61D7039E-ECF4-4AC4-9195-C04A0AF329F1} - System32\Tasks\EVGAPrecision => E:\EVGA Precision X\EVGAPrecision.exe
Task: {6FF2964E-A2D4-495F-9310-DFE4BFA95CD1} - System32\Tasks\AdobeAAMUpdater-1.0-Pat-Komputer-Pat => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {81EC2651-5117-45D4-9E8D-07999B8FA89C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {97146635-5F3B-4ADF-B214-09E8BF76DC62} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {9EB89911-3024-434B-9E84-91BDBD186C0E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {B2885F64-8588-4B50-ADBC-7FBF19EB0C18} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D2B12E46-7F80-4D61-8D5A-73ECCD832050} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {DB791E4B-16DF-4C29-96F1-89959C1BBBF2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {DF0E9296-A187-495E-BFFC-4D84D0CA10AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {EB2D7134-F899-474B-B41E-DF25326E2C18} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core => C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-12] (Facebook Inc.)
Task: {EC69B262-EB89-418E-A864-0F046232F049} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA => C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-12] (Facebook Inc.)
Task: {EED94C7E-6CB0-4718-9BDB-48D3B8F02E65} - \uv4wt2o No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core.job => C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA.job => C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000Core.job => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1225398398-1239517190-565687342-1000UA.job => C:\Users\Pat\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-20 02:36 - 2014-05-20 02:04 - 00106840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-30 21:02 - 2012-09-29 13:24 - 00167936 _____ () C:\Windows\System32\HPM1210LM.DLL
2013-09-30 21:02 - 2012-09-29 13:24 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HPM1210PP.dll
2013-09-30 21:02 - 2012-09-29 13:24 - 02396160 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\hpm1210su.dll
2013-09-30 21:02 - 2012-09-29 13:54 - 00794624 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\HPM1210GC.dll
2014-01-04 00:12 - 2014-01-04 00:12 - 00518656 _____ () E:\Acrylic DNS Proxy\AcrylicService.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-11 23:52 - 2014-03-26 15:45 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2014-06-13 13:19 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 13:19 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 13:19 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 13:19 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 13:19 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-05-11 13:12 - 2012-10-29 17:56 - 01300376 _____ () D:\League of Legends\League of Legends\RADS\system\rads_user_kernel.exe
2014-05-11 13:15 - 2014-07-16 12:39 - 05430776 _____ () D:\League of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\LoLLauncher.exe
2014-05-11 13:16 - 2014-07-16 12:39 - 01640440 _____ () D:\League of Legends\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\RiotLauncher.dll
2014-06-08 11:32 - 2014-06-19 18:00 - 00039624 _____ () D:\MKJogo\MK IM\LOL\LauncherTransit.dll
2014-07-16 12:41 - 2014-05-11 13:20 - 00074752 _____ () D:\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.100\deploy\LolClient.exe
2014-06-08 11:32 - 2014-06-19 18:00 - 00319176 _____ () D:\MKJogo\MK IM\LOL\AirTransit.dll
2014-06-08 11:32 - 2014-06-19 18:00 - 00904904 _____ () D:\MKJogo\MK IM\Bin\MKIM.exe
2014-06-08 11:32 - 2014-06-08 11:32 - 00799232 _____ () D:\MKJogo\MK IM\Bin\sqlite3.dll
2014-06-08 11:32 - 2014-06-08 11:32 - 01721856 _____ () D:\MKJogo\MK IM\Bin\RLib.dll
2014-06-08 11:32 - 2014-06-08 11:32 - 01191936 _____ () D:\MKJogo\MK IM\Bin\ACE.dll
2014-06-08 11:32 - 2014-06-08 11:32 - 01584640 _____ () D:\MKJogo\MK IM\Bin\Proxy.dll
2014-06-08 11:32 - 2014-06-08 11:32 - 00302080 _____ () D:\MKJogo\MK IM\Bin\NSlog.dll
2014-06-08 11:32 - 2014-06-19 18:00 - 00742600 _____ () D:\MKJogo\MK IM\LOL\AddonSkin-LOL.dll
2014-05-11 13:15 - 2014-07-16 12:46 - 16752120 _____ () D:\League of Legends\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.48\deploy\League of Legends.exe
2014-05-11 13:43 - 2014-07-16 12:46 - 01640440 _____ () D:\League of Legends\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.48\deploy\RiotLauncher.dll
2014-06-08 11:32 - 2014-06-19 18:00 - 01211592 _____ () D:\MKJogo\MK IM\LOL\GameTransit.dll
2014-06-08 11:32 - 2014-06-08 11:32 - 02534088 _____ () D:\MKJogo\MK IM\LOL\GameData.dll
2014-05-11 13:43 - 2014-07-16 12:39 - 01724920 _____ () D:\League of Legends\League of Legends\RADS\RiotRadsIO.dll
2014-07-10 19:55 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\Pat\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\AppInfo => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\AppMgmt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Base => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Boot Bus Extender => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Boot file system => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\CryptSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\DcomLaunch => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\EFS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\EventLog => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\File system => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Filter => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\HelpSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\KeyIso => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Netlogon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\NTDS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\PCI Configuration => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\PlugPlay => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\PNP Filter => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Power => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\Primary disk => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\ProfSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\RpcEptMapper => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\RpcSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\sacsvr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\SCSI Class => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\sermouse.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\SWPRV => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\System Bus Extender => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\TabletInputService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\TBS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\TrustedInstaller => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\VDS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\vga.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\vgasave.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\vmms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\volmgr.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\volmgrx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\WinDefend => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\WinMgmt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\WudfPf => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\WudfRd => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\WudfSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{36FC9E60-C465-11CF-8056-444553540000} => ""="Universal Serial Bus controllers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E965-E325-11CE-BFC1-08002BE10318} => ""="CD-ROM Drive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E967-E325-11CE-BFC1-08002BE10318} => ""="DiskDrive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E969-E325-11CE-BFC1-08002BE10318} => ""="Standard floppy disk controller"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E96A-E325-11CE-BFC1-08002BE10318} => ""="Hdc"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E96B-E325-11CE-BFC1-08002BE10318} => ""="Keyboard"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E96F-E325-11CE-BFC1-08002BE10318} => ""="Mouse"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E977-E325-11CE-BFC1-08002BE10318} => ""="PCMCIA Adapters"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E97B-E325-11CE-BFC1-08002BE10318} => ""="SCSIAdapter"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E97D-E325-11CE-BFC1-08002BE10318} => ""="System"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{4D36E980-E325-11CE-BFC1-08002BE10318} => ""="Floppy disk drive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{533C5B84-EC70-11D2-9505-00C04F79DEAF} => ""="Volume shadow copy"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} => ""="IEEE 1394 Bus host controllers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{71A27CDD-812A-11D0-BEC7-08002BE2092F} => ""="Volume"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} => ""="Human Interface Devices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{D48179BE-EC20-11D1-B6B8-00C04FA372A7} => ""="SBP2 IEEE 1394 Devices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal.BackUp\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} => ""="SecurityDevices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\AFD => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\AppInfo => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\AppMgmt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Base => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Boot Bus Extender => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Boot file system => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\bowser => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Browser => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\CryptSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\DcomLaunch => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\dfsc => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Dhcp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\DnsCache => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Dot3Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Eaphost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\EFS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\EventLog => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\File system => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Filter => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\HelpSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\IKEEXT => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\ipnat.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\KeyIso => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\LanmanServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\LanmanWorkstation => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\LmHosts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Messenger => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\MPSDrv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\MPSSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\mrxsmb => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\mrxsmb10 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\mrxsmb20 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NativeWifiP => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NDIS => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NDIS Wrapper => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\ndiscap => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Ndisuio => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetBIOS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetBIOSGroup => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetBT => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetDDEGroup => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Netlogon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetMan => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\netprofm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Network => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NetworkProvider => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NlaSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Nsi => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\nsiproxy.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\NTDS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\PCI Configuration => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\PlugPlay => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\PNP Filter => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\PNP_TDI => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\PolicyAgent => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Power => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Primary disk => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\ProfSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\rdbss => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\rdpencdd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\rdsessmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\RpcEptMapper => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\RpcSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\sacsvr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\SCardSvr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\SCSI Class => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\sermouse.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Streams Drivers => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\SWPRV => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\System Bus Extender => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\TabletInputService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\TBS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Tcpip => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\TDI => ""="Driver Group"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\TrustedInstaller => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\VaultSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\VDS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\vga.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\vgasave.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\vmms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\volmgr.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\volmgrx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WinDefend => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WinMgmt => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\Wlansvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WudfPf => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WudfRd => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WudfSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\WudfUsbccidDriver => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{36FC9E60-C465-11CF-8056-444553540000} => ""="Universal Serial Bus controllers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E965-E325-11CE-BFC1-08002BE10318} => ""="CD-ROM Drive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E967-E325-11CE-BFC1-08002BE10318} => ""="DiskDrive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E969-E325-11CE-BFC1-08002BE10318} => ""="Standard floppy disk controller"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E96A-E325-11CE-BFC1-08002BE10318} => ""="Hdc"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E96B-E325-11CE-BFC1-08002BE10318} => ""="Keyboard"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E96F-E325-11CE-BFC1-08002BE10318} => ""="Mouse"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E972-E325-11CE-BFC1-08002BE10318} => ""="Net"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E973-E325-11CE-BFC1-08002BE10318} => ""="NetClient"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E974-E325-11CE-BFC1-08002BE10318} => ""="NetService"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E975-E325-11CE-BFC1-08002BE10318} => ""="NetTrans"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E977-E325-11CE-BFC1-08002BE10318} => ""="PCMCIA Adapters"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E97B-E325-11CE-BFC1-08002BE10318} => ""="SCSIAdapter"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E97D-E325-11CE-BFC1-08002BE10318} => ""="System"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{4D36E980-E325-11CE-BFC1-08002BE10318} => ""="Floppy disk drive"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{50DD5230-BA8A-11D1-BF5D-0000F805F530} => ""="Smart card readers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{533C5B84-EC70-11D2-9505-00C04F79DEAF} => ""="Volume shadow copy"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} => ""="IEEE 1394 Bus host controllers"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{71A27CDD-812A-11D0-BEC7-08002BE2092F} => ""="Volume"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} => ""="Human Interface Devices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{D48179BE-EC20-11D1-B6B8-00C04FA372A7} => ""="SBP2 IEEE 1394 Devices"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network.BackUp\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} => ""="SecurityDevices"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^Users^Pat^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pat^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ChicaPasswordManager => "C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe" /autorunned
MSCONFIG\startupreg: ChomikBox => C:\Program Files\ChomikBox\ChomikBox.exe
MSCONFIG\startupreg: Clownfish => "C:\Program Files\Clownfish\Clownfish.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DownloadAccelerator => "C:\Program Files\DAP\DAP.EXE" /STARTUP
MSCONFIG\startupreg: EADM => "E:\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Pat\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GG => "C:\Users\Pat\AppData\Local\GG\Application\gghub.exe"
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: googletalk => C:\Users\Pat\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: iTunesHelper => "E:\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "E:\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: ManyCam => "C:\Program Files\ManyCam\Bin\ManyCam.exe" /silent
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Pando Media Booster => "C:\Program Files\Pando Networks\Media Booster\PMB.exe"
MSCONFIG\startupreg: PSwitch => E:\Proxy Switcher Standard\ProxySwitcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RazerGameBooster => E:\Razer Game Booster\RazerGameBooster.exe -autorun
MSCONFIG\startupreg: RocketDock => "E:\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: screenSHU => "E:\screenSHU\screenSHU.exe" --hidden
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
MSCONFIG\startupreg: Steam => "D:\steam\Steam.exe" -silent
MSCONFIG\startupreg: TBPanel => "C:\Program Files\EXPERTool\TBPanel.exe" /A
MSCONFIG\startupreg: uTorrent => "C:\Users\Pat\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: Viber => "C:\Users\Pat\AppData\Local\Viber\Viber.exe" StartMinimized

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Kontroler PCI Simple Communications
Description: Kontroler PCI Simple Communications
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2014 04:13:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddLegacyDriverFiles: Unable to back up image of binary 6106260drv.

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (07/18/2014 04:07:37 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "assemblyIdentity1". Błąd w pliku manifestu lub w pliku zasad "assemblyIdentity2" w wierszu assemblyIdentity3.
Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa.

Error: (07/17/2014 02:42:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 02:23:36 PM) (Source: MsiInstaller) (EventID: 11719) (User: Pat-Komputer)
Description: Produkt: Safari -- Błąd 1719. Nie można uzyskać dostępu do usługi Instalatora Windows. Może się to zdarzyć, jeśli system Windows działa w trybie awaryjnym lub jeśli Instalator Windows nie jest poprawnie zainstalowany. Skontaktuj się z personelem pomocy technicznej.

Error: (07/17/2014 01:44:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 01:52:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 01:24:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddWin32ServiceFiles: Unable to back up image of service WindowsProtectManger Service since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (07/17/2014 01:24:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddWin32ServiceFiles: Unable to back up image of service Util webget since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (07/17/2014 01:24:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddWin32ServiceFiles: Unable to back up image of service Update webget since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (07/17/2014 01:24:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddWin32ServiceFiles: Unable to back up image of service SafetyNut Manager since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.
.


System errors:
=============
Error: (07/17/2014 09:26:51 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/17/2014 09:26:51 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/17/2014 09:26:51 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/17/2014 09:26:51 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/17/2014 09:26:51 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/17/2014 09:26:51 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/17/2014 09:26:03 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/17/2014 09:26:03 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/17/2014 09:00:43 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.

Error: (07/17/2014 09:00:43 PM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok.


Microsoft Office Sessions:
=========================
Error: (07/18/2014 04:13:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary 6106260drv.

System Error:
Nie można odnaleźć określonego pliku.

Error: (07/18/2014 04:07:37 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/17/2014 02:42:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 02:23:36 PM) (Source: MsiInstaller) (EventID: 11719) (User: Pat-Komputer)
Description: Produkt: Safari -- Błąd 1719. Nie można uzyskać dostępu do usługi Instalatora Windows. Może się to zdarzyć, jeśli system Windows działa w trybie awaryjnym lub jeśli Instalator Windows nie jest poprawnie zainstalowany. Skontaktuj się z personelem pomocy technicznej.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/17/2014 01:44:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 01:52:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 01:24:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service WindowsProtectManger Service since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.

Error: (07/17/2014 01:24:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Util webget since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.

Error: (07/17/2014 01:24:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Update webget since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.

Error: (07/17/2014 01:24:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service SafetyNut Manager since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.


==================== Memory info ===========================

Percentage of memory in use: 73%
Total physical RAM: 3325.79 MB
Available physical RAM: 878 MB
Total Pagefile: 7420.08 MB
Available Pagefile: 3253.16 MB
Total Virtual: 2799.88 MB
Available Virtual: 2661.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:59.53 GB) (Free:6.84 GB) NTFS
Drive d: (gry) (Fixed) (Total:465.76 GB) (Free:256.12 GB) NTFS
Drive e: (programy) (Fixed) (Total:298.09 GB) (Free:277.81 GB) NTFS
Drive i: (zdjęcia,muzyka,filmy) (Fixed) (Total:232.88 GB) (Free:155.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 0CFF9EF4)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: 00070423)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 3EBF3EBE)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 233 GB) (Disk ID: 100F59DC)
Partition 1: (Not Active) - (Size=233 GB) - (Type=OF Extended)

==================== End Of Log ============================

 

[Janusz.]

Wirusa już raczej nie ma.

[pat531]

a jak mój ppm nie otwiera menu kontekstowego ? to co może się dziać? 

[Janusz.]

Tylko w przeglądarce się tak dzieje czy w całym systemie?

[pat531]

w przeglądarce działa, nie działa na pulpicie, w folderach itp. tak samo jak chce coś wypakować też nie mogę więc muszę wchodzić w plik i kliknąć przycisk wypakuj do zamiast otworzyc tego okna 

[Janusz.]

w logu nic nie widzę. przeskanuj dr web'em, może on coś znajdzie http://www.freedrweb.com/cureit/?lng=pl

 

ew. jak nadal nie będzie działać to stwórz plik tekstowy, wklej do niego

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoViewContextMenu"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoViewContextMenu"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoSetTaskbar"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoSaveSettings"=dword:00000000

 

plik zapisz pod nazwą FIX.REG i uruchom

[pat531]

dr.web nic nie zrobił. a z tym Fix.reg jest napisane " nie można zaimportować c:\user\desktop\fix.reg: określony plik nie jest skryptem rejestru. Można importować tylko binarne pliki rejestru z wewnątrz edytora rejestru. 

[Janusz.]

w takim razie otwórz regedit i znajdź każdy z tych kluczy i edytuj je.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
Wartość "NoViewContextMenu"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
Wartość "NoViewContextMenu"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
Wartość"NoSetTaskbar"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
 

Wartość "NoSaveSettings"=dword:00000000

[pat531]

nie pomogło, zrobiłem formata całego dysku C i od nowa postawiłem system. dzięki za wszelką pomóc pokłony w Twoją stronę. można zamknąć