Jak usunąć reklamy GoSave?

pijawka 3000 · 10 Listopada 2014

Witam, od jakiegoś czasu podczas ogladania fb lub innych stron wyswietla mi się masakryczna ilość reklam a pod nimi podpis "ads by GoSave". Zauważyłem, że komputer chodzi wolniej. Chciałbym usunąć tego wirusa ale nie wiem jak. Czytałem na necie o tych wirusach i w panelu sterowania powinna byc GoSave, ja tego nie mam. W rozszerzeniach na Google Chrome mam GoSave 2.0 i jak klikne usuń to usuwa się, lecz po ponownym odpaleniu przeglądarki ten wirus znow tam jest.

Nezvik · 10 Listopada 2014

Wykonaj logi FRST. Poradnik znajdziesz w przypiętym temacie w tym dziale.

kolomyja007 · 16 Listopada 2014

Mój plik FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-11-2014 01

Ran by Ola (administrator) on OLA-KOMPUTER on 16-11-2014 18:29:12

Running from D:\

Loaded Profile: Ola (Available profiles: Ola)

Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polski (Polska)

Internet Explorer Version 8

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgrsx.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgcsrvx.exe

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe

(AMD) E:\Windows\System32\atiesrxx.exe

(AMD) E:\Windows\System32\atieclxx.exe

(Advanced Micro Devices, Inc.) E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgfws.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgwdsvc.exe

(BlueStack Systems, Inc.) E:\Program Files\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) E:\Program Files\BlueStacks\HD-UpdaterService.exe

(Malwarebytes Corporation) E:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Realtek Semiconductor) E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

(Malwarebytes Corporation) E:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

(Advanced Micro Devices Inc.) E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Oracle Corporation) E:\Program Files\Common Files\Java\Java Update\jusched.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgui.exe

(Microsoft Corporation) E:\Program Files\Windows Sidebar\sidebar.exe

(GG Network S.A.) E:\Users\Ola\AppData\Local\GG\Application\gghub.exe

(Malwarebytes Corporation) E:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(DEVGURU Co., LTD.) E:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe

(ATI Technologies Inc.) E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgnsx.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgemcx.exe

(Microsoft Corporation) E:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

(GG Network S.A.) E:\Users\Ola\AppData\Local\GG\Application\ggapp.exe

(GG Network S.A.) E:\Users\Ola\AppData\Local\GG\Application\ggdrive\ggdrive.exe

(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

(Enigma Software Group USA, LLC.) E:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [bCSSync] => E:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)

HKLM\...\Run: [RtHDVCpl] => E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6711840 2009-01-20] (Realtek Semiconductor)

HKLM\...\Run: [skytel] => E:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-20] (Realtek Semiconductor Corp.)

HKLM\...\Run: [startCCC] => E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-29] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [AMD AVT] => E:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()

HKLM\...\Run: [Adobe ARM] => E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)

HKLM\...\Run: [sunJavaUpdateSched] => E:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)

HKLM\...\Run: [AVG_UI] => E:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)

HKU\S-1-5-21-2911396493-3772211904-1113179493-1000\...\Run: [GG] => E:\Users\Ola\AppData\Local\GG\Application\gghub.exe [4023360 2014-09-01] (GG Network S.A.)

HKU\S-1-5-21-2911396493-3772211904-1113179493-1000\...\Run: [DAEMON Tools Lite] => E:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)

ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => E:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => E:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => E:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => E:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki

URLSearchHook: HKCU - DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - E:\Windows\System32\dvmurl.dll (DeviceVM Inc.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-2911396493-3772211904-1113179493-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

SearchScopes: HKCU - {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} URL = http://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=en&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> E:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()

FF Plugin: @java.com/DTPlugin,version=10.71.2 -> E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> E:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader -> E:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:

=======

CHR dev: Chrome dev build detected! <======= ATTENTION

CHR Profile: E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Dokumenty Google) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-28]

CHR Extension: (Dysk Google) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-28]

CHR Extension: (YouTube) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-28]

CHR Extension: (Adblock Plus) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-28]

CHR Extension: (Google Wallet) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-28]

CHR Extension: (Gmail) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-28]

CHR Extension: (GoSave) - E:\ProgramData\omckhlmmgmmajfllegmckpkpdohmolgi\ [2014-09-28]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]

R2 avgfws; E:\Program Files\AVG\AVG2015\avgfws.exe [1459872 2014-09-05] (AVG Technologies CZ, s.r.o.)

R2 AVGIDSAgent; E:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)

R2 avgwd; E:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)

S2 BstHdAndroidSvc; E:\Program Files\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; E:\Program Files\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; E:\Program Files\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.)

S3 IDriverT; E:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]

R2 MBAMScheduler; E:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)

R2 MBAMService; E:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)

R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2013-05-07] (Enigma Software Group USA, LLC.)

R2 ss_conn_service; E:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 adiusbaw; E:\Windows\System32\DRIVERS\adiusbaw.sys [118552 2007-02-07] (Analog Devices Inc.)

R2 AODDriver4.1; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices)

R1 Avgdiskx; E:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgfwfd; E:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; E:\Windows\System32\DRIVERS\avgidsdriverx.sys [204056 2014-07-24] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHX; E:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSShim; E:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgldx86; E:\Windows\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.)

R0 Avglogx; E:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx86; E:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx86; E:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgtdix; E:\Windows\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.)

R2 BstHdDrv; E:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [113424 2014-06-23] (BlueStack Systems)

R1 dtsoftbus01; E:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2014-09-30] (DT Soft Ltd)

S2 ELOADER; E:\Windows\System32\Drivers\adildr.sys [56088 2007-02-07] (Analog Deivces)

R3 esgiguard; E:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13904 2011-05-06] ()

S3 EsgScanner; E:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()

S3 gdrv; E:\Windows\gdrv.sys [16608 2014-09-30] (Windows ® 2000 DDK provider)

R3 MBAMProtector; E:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)

R3 MBAMSwissArmy; E:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-16] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; E:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)

S3 pneteth; E:\Windows\System32\DRIVERS\pneteth.sys [13440 2011-11-24] (June Fabrics Technology Inc.)

S3 RTHDMIAzAudService; E:\Windows\System32\drivers\RtHDMIV.sys [155808 2008-12-25] (Realtek Semiconductor Corp.)

S3 ssudserd; E:\Windows\System32\DRIVERS\ssudserd.sys [184192 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr))

R3 usbrndis6; E:\Windows\System32\DRIVERS\usb80236.sys [15872 2009-07-14] (Microsoft Corporation)

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

S3 tsusbhub; system32\drivers\tsusbhub.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 18:14 - 2014-11-16 18:29 - 00000000 ____D () E:\FRST

2014-11-16 17:58 - 2014-11-16 17:58 - 00000000 _____ () E:\Users\Ola\Desktop\Nowy dokument tekstowy (2).txt

2014-11-16 15:50 - 2014-11-16 15:50 - 00001212 _____ () E:\Users\Ola\Desktop\SpyHunter4.lnk

2014-11-16 15:50 - 2014-11-16 15:50 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter4

2014-11-16 15:50 - 2014-11-16 15:50 - 00000000 ____D () E:\Program Files\Enigma Software Group

2014-11-16 15:50 - 2012-06-22 12:01 - 00019984 _____ () E:\Windows\system32\Drivers\EsgScanner.sys

2014-11-15 23:30 - 2014-11-16 18:01 - 00000000 ____D () E:\AdwCleaner

2014-11-14 12:06 - 2014-11-14 12:06 - 00003952 _____ () E:\Windows\windefendam.log

2014-11-14 09:47 - 2014-11-14 09:49 - 00114904 _____ (Malwarebytes Corporation) E:\Windows\system32\Drivers\2C044F26.sys

2014-11-14 09:46 - 2014-11-16 18:03 - 00008020 _____ () E:\Windows\PFRO.log

2014-11-14 02:14 - 2014-11-14 10:29 - 00000000 ____D () E:\Users\Ola\Documents\Bandicam

2014-11-14 02:09 - 2014-11-14 02:09 - 00000000 ____D () E:\Users\Ola\AppData\Local\DVDVideoSoft_Ltd

2014-11-14 01:49 - 2014-11-14 12:07 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis

2014-11-14 01:49 - 2014-11-14 12:06 - 00000020 _____ () E:\Windows\capsys184523.log

2014-11-14 01:49 - 2014-11-14 01:49 - 00000000 ____D () E:\Users\Ola\Documents\Action!

2014-11-14 01:49 - 2014-11-14 01:49 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\Mirillis

2014-11-14 01:49 - 2014-11-14 01:49 - 00000000 ____D () E:\Users\Ola\AppData\Local\Mirillis

2014-11-14 01:49 - 2014-11-14 01:49 - 00000000 ____D () E:\ProgramData\Mirillis

2014-11-14 01:48 - 2014-11-14 12:07 - 00000000 ____D () E:\Program Files\Mirillis

2014-11-13 16:47 - 2014-11-13 16:47 - 00000000 ____D () E:\ProgramData\omckhlmmgmmajfllegmckpkpdohmolgi

2014-11-11 17:06 - 2014-11-11 17:06 - 00000346 _____ () E:\Users\Ola\Desktop\Nowy dokument tekstowy.txt

2014-11-08 13:53 - 2014-11-16 18:03 - 00001568 _____ () E:\Windows\setupact.log

2014-11-08 13:53 - 2014-11-08 13:53 - 00000000 _____ () E:\Windows\setuperr.log

2014-11-08 01:43 - 2014-11-08 01:43 - 00000000 ____D () E:\Users\Ola\Documents\8floor

2014-11-08 01:42 - 2014-11-08 01:42 - 00000814 _____ () E:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jigsaw BOOM.lnk

2014-11-08 01:42 - 2014-11-08 01:42 - 00000000 ____D () E:\Program Files\Alawar.pl

2014-11-08 00:20 - 2014-11-08 00:20 - 00000774 _____ () E:\Users\Ola\Desktop\codsp — skrót.lnk

2014-11-02 15:52 - 2014-11-02 15:52 - 00000000 ____D () E:\Users\Ola\Documents\Hitman Blood Money

2014-11-02 15:46 - 2012-08-30 13:01 - 00348160 _____ (Microsoft Corporation) E:\Windows\system32\msvcr71.dll

2014-11-02 13:47 - 2014-11-03 13:47 - 00114904 _____ (Malwarebytes Corporation) E:\Windows\system32\Drivers\7B8F5DA6.sys

2014-11-01 13:56 - 2014-11-01 23:49 - 00196608 _____ () E:\Windows\system32\Ikeext.etl

2014-11-01 13:49 - 2014-11-16 18:06 - 00186840 _____ () E:\Windows\WindowsUpdate.log

2014-10-27 20:05 - 2014-10-25 20:56 - 70009865 ____N () E:\Users\Ola\Desktop\20141025_205400.mp4

2014-10-27 20:05 - 2014-10-25 20:52 - 30426303 ____N () E:\Users\Ola\Desktop\20141025_205108.mp4

2014-10-23 12:58 - 2014-10-23 12:58 - 00000000 ____D () E:\ProgramData\AVAST Software

2014-10-23 12:58 - 2014-10-23 12:58 - 00000000 ____D () E:\Program Files\AVAST Software

2014-10-21 20:45 - 2014-10-21 20:45 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\AVG2015

2014-10-21 20:44 - 2014-10-21 20:58 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-10-21 20:44 - 2014-10-21 20:44 - 00000969 _____ () E:\Users\Public\Desktop\AVG 2015.lnk

2014-10-21 20:41 - 2014-10-21 20:44 - 00000000 ____D () E:\ProgramData\AVG2015

2014-10-21 20:41 - 2014-10-21 20:41 - 00000000 ___HD () E:\$AVG

2014-10-21 20:34 - 2014-11-16 16:10 - 00000000 ____D () E:\Users\Ola\AppData\Local\Avg2015

2014-10-21 19:59 - 2014-10-02 14:53 - 00231568 ____N (Microsoft Corporation) E:\Windows\system32\MpSigStub.exe

2014-10-20 22:04 - 2014-10-20 22:04 - 00001769 _____ () E:\Users\Public\Desktop\Start BlueStacks.lnk

2014-10-20 22:04 - 2014-10-20 22:04 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2014-10-20 22:04 - 2014-10-20 22:04 - 00000000 ____D () E:\ProgramData\BlueStacks

2014-10-20 22:03 - 2014-10-20 22:04 - 00000000 ____D () E:\Program Files\BlueStacks

2014-10-20 22:02 - 2014-10-20 22:02 - 00000000 ____D () E:\Users\Ola\AppData\Local\Bluestacks

2014-10-18 02:36 - 2014-10-18 02:36 - 00000000 ____D () E:\ProgramData\GRETECH

2014-10-17 13:22 - 2014-10-17 13:22 - 00000000 ____D () E:\Program Files\Common Files\Java

2014-10-17 13:22 - 2014-10-17 13:21 - 00272808 _____ (Oracle Corporation) E:\Windows\system32\javaws.exe

2014-10-17 13:21 - 2014-10-17 13:21 - 00175528 _____ (Oracle Corporation) E:\Windows\system32\javaw.exe

2014-10-17 13:21 - 2014-10-17 13:21 - 00175528 _____ (Oracle Corporation) E:\Windows\system32\java.exe

2014-10-17 13:21 - 2014-10-17 13:21 - 00096680 _____ (Oracle Corporation) E:\Windows\system32\WindowsAccessBridge.dll

2014-10-17 13:21 - 2014-10-17 13:21 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-10-17 13:21 - 2014-10-17 13:21 - 00000000 ____D () E:\Program Files\Java

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 18:17 - 2014-10-08 17:31 - 00000930 _____ () E:\Windows\Tasks\Adobe Flash Player Updater.job

2014-11-16 18:16 - 2014-09-28 20:47 - 00000000 ____D () E:\ProgramData\MFAData

2014-11-16 18:11 - 2009-07-14 05:34 - 00010336 ____H () E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-11-16 18:11 - 2009-07-14 05:34 - 00010336 ____H () E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-11-16 18:04 - 2014-09-28 20:48 - 00114904 _____ (Malwarebytes Corporation) E:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-11-16 18:03 - 2014-09-28 21:22 - 00001032 _____ () E:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-11-16 18:03 - 2009-07-14 05:53 - 00000006 ____H () E:\Windows\Tasks\SA.DAT

2014-11-16 17:39 - 2014-09-28 21:22 - 00001036 _____ () E:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-11-16 14:31 - 2014-09-28 22:20 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\GG

2014-11-15 19:20 - 2014-10-04 19:59 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\Skype

2014-11-14 22:25 - 2009-07-14 03:37 - 00000000 ____D () E:\Windows\system32\LogFiles

2014-11-14 12:10 - 2014-09-28 20:50 - 01523412 _____ () E:\Windows\system32\PerfStringBackup.INI

2014-11-14 12:10 - 2009-07-14 09:07 - 00687590 _____ () E:\Windows\system32\perfh015.dat

2014-11-14 12:10 - 2009-07-14 09:07 - 00131176 _____ () E:\Windows\system32\perfc015.dat

2014-11-14 11:56 - 2009-07-14 05:53 - 00032590 _____ () E:\Windows\Tasks\SCHEDLGU.TXT

2014-11-13 22:19 - 2014-10-08 17:31 - 00701104 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerApp.exe

2014-11-13 22:19 - 2014-10-08 17:31 - 00071344 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerCPLApp.cpl

2014-11-07 23:29 - 2014-10-12 17:29 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-11-01 23:49 - 2009-07-14 03:37 - 00000000 ____D () E:\Windows\tracing

2014-11-01 13:27 - 2014-10-04 20:20 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\uTorrent

2014-11-01 13:27 - 2014-09-28 21:33 - 00000000 ____D () E:\Windows\Panther

2014-11-01 13:27 - 2009-07-14 03:37 - 00000000 ____D () E:\Windows\system32\Msdtc

2014-11-01 13:26 - 2014-10-04 19:58 - 00000000 ____D () E:\ProgramData\Skype

2014-11-01 13:26 - 2014-09-28 20:49 - 00000000 ____D () E:\Program Files\WinRAR

2014-10-28 16:37 - 2014-09-28 21:23 - 00002139 _____ () E:\Users\Public\Desktop\Google Chrome.lnk

2014-10-27 03:04 - 2014-09-28 22:01 - 00000000 ____D () E:\Windows\Minidump

2014-10-24 11:28 - 2014-09-28 20:47 - 00001068 _____ () E:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-10-24 11:28 - 2014-09-28 20:47 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-10-24 11:28 - 2014-09-28 20:47 - 00000000 ____D () E:\Program Files\Malwarebytes Anti-Malware

2014-10-21 20:39 - 2014-09-28 21:08 - 00000000 ____D () E:\Program Files\AVG

2014-10-21 19:02 - 2014-09-28 21:09 - 00000000 ____D () E:\ProgramData\AVG2013

2014-10-21 13:52 - 2009-07-14 03:37 - 00000000 ____D () E:\Windows\Microsoft.NET

2014-10-20 22:04 - 2009-07-14 03:37 - 00000000 __RHD () E:\Users\Public\Libraries

2014-10-17 13:22 - 2014-10-06 00:00 - 00000000 ____D () E:\ProgramData\Oracle

2014-10-17 13:18 - 2014-10-13 17:54 - 00002441 _____ () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

Some content of TEMP:

====================

E:\Users\Ola\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

E:\Windows\explorer.exe => File is digitally signed

E:\Windows\system32\winlogon.exe => File is digitally signed

E:\Windows\system32\wininit.exe => File is digitally signed

E:\Windows\system32\svchost.exe => File is digitally signed

E:\Windows\system32\services.exe => File is digitally signed

E:\Windows\system32\User32.dll => File is digitally signed

E:\Windows\system32\userinit.exe => File is digitally signed

E:\Windows\system32\rpcss.dll => File is digitally signed

E:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-15 00:29

==================== End Of Log ============================

MatrixXHardcore · 10 Listopada 2014

Podaj logi z FRST (Miałem tego wirusa i raz mi nie pomogły logi dlatego użyłem ComboFixa)

pijawka 3000 · 10 Listopada 2014

plik FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Patryk (administrator) on PATRYK-PC on 10-11-2014 19:17:16
Running from D:\Pobieranie- Google Chrome
Loaded Profiles: Patryk & Ulka (Available profiles: Patryk & Ulka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\OptionalFeatures.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-11-03] (LogMeIn Inc.)
HKU\S-1-5-21-2516315510-2763186107-4186572167-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2516315510-2763186107-4186572167-1000\...\Run: [GG] => C:\Users\Patryk\AppData\Local\GG\Application\gghub.exe [4023360 2014-09-29] (GG Network S.A.)
HKU\S-1-5-21-2516315510-2763186107-4186572167-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-2516315510-2763186107-4186572167-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2516315510-2763186107-4186572167-1000\...\MountPoints2: {de16f321-666f-11e4-aa2c-001d7da36eec} - F:\Install.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=181&d=20141008
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=181&d=20141008
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1411198207&from=smt&uid=395049983_266035_30092E32&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=181&d=20141008
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1411198207&from=smt&uid=395049983_266035_30092E32&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Website Blocker (Beta)) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-10-22]
CHR Extension: (GoSave) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jddjpgciacllcflehbemdlhhfciohhnj [2014-10-16]
CHR Extension: (No Name) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiiinfdmlcgiomclcpgjhkcjfmjjjdjm [2014-10-16]
CHR Extension: (Google Wallet) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-13]
CHR Extension: (Adblock Pro) - C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2014-09-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-10-21] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S2 4d349a54; "C:\Windows\system32\rundll32.exe" "c:\progra~2\gs_boo~1\AssistantSvc.dll",service

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-07] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 {dbe9acb7-ca74-4c18-ad13-f0270d74c42d}Gw64; C:\Windows\System32\drivers\{dbe9acb7-ca74-4c18-ad13-f0270d74c42d}Gw64.sys [48784 2014-11-09] (StdLib)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 19:16 - 2014-11-10 19:17 - 00000000 ____D () C:\FRST
2014-11-10 16:19 - 2014-11-10 16:19 - 00000020 _____ () C:\Users\Patryk\Desktop\GTA San Andreas.rar
2014-11-10 00:53 - 2014-11-10 00:53 - 01196845 _____ () C:\Windows\unins000.exe
2014-11-10 00:53 - 2014-11-10 00:53 - 00008711 _____ () C:\Windows\unins000.dat
2014-11-10 00:51 - 2014-11-10 00:51 - 00006488 _____ () C:\Users\Patryk\Desktop\Toggleable SimpleCbug.rar
2014-11-10 00:50 - 2014-11-10 00:50 - 00000000 ____D () C:\Users\Patryk\Documents\CLEO_SDK
2014-11-09 21:20 - 2014-11-09 21:20 - 00964454 _____ () C:\Users\Patryk\Desktop\masz ss.rar
2014-11-09 18:22 - 2014-11-09 05:26 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{dbe9acb7-ca74-4c18-ad13-f0270d74c42d}Gw64.sys
2014-11-09 18:01 - 2014-11-09 18:08 - 3260656848 _____ () C:\Users\Patryk\Desktop\do geja kumkola.zip
2014-11-09 17:49 - 2014-11-09 17:49 - 00000000 ____D () C:\Program Files (x86)\GTA Parking SA 1.0
2014-11-09 17:48 - 2014-11-09 17:48 - 01492782 _____ () C:\Users\Patryk\Downloads\gta_parking_1.zip
2014-11-09 17:46 - 2012-09-03 20:53 - 00000000 ____D () C:\Users\Patryk\Desktop\Kawasaki KLX 250S
2014-11-09 17:45 - 2014-11-09 17:46 - 19381230 _____ () C:\Users\Patryk\Desktop\GTASA_sound_mod_v11_by_Robciante.rar
2014-11-09 17:44 - 2014-11-09 17:44 - 00653455 _____ () C:\Users\Patryk\Desktop\1347326375_KawasakiKLX250S.rar
2014-11-09 17:06 - 2014-11-09 17:14 - 00000356 _____ () C:\Users\Patryk\Desktop\Nowy dokument tekstowy.txt
2014-11-09 15:10 - 2014-11-09 15:10 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-11-09 15:10 - 2014-11-09 15:10 - 00000000 _____ () C:\autoexec.bat
2014-11-09 15:08 - 2014-11-10 16:10 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-11-08 01:07 - 2014-11-08 01:09 - 1773142016 _____ () C:\Users\Patryk\Desktop\Gta San Andreas.iso
2014-11-08 01:00 - 2005-06-11 16:19 - 4216946688 _____ () C:\Users\Patryk\Desktop\[PC GAME ITA] - GTA_SAN_ANDREAS.mdf
2014-11-07 20:27 - 2014-11-07 20:27 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-11-07 20:26 - 2014-11-07 20:26 - 00001209 _____ () C:\Users\Patryk\Desktop\samp — skrót.lnk
2014-11-07 20:25 - 2014-11-07 20:32 - 00000000 ____D () C:\Users\Patryk\Documents\GTA San Andreas User Files
2014-11-07 20:25 - 2014-11-07 20:25 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-11-07 20:25 - 2014-11-07 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-11-07 20:11 - 2014-11-07 20:11 - 00001914 _____ () C:\Users\Public\Desktop\GTA San Andreas.lnk
2014-11-07 20:11 - 2014-11-07 20:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-07 20:11 - 2014-11-07 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-11-07 20:11 - 2014-11-07 20:11 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-11-07 20:01 - 2014-11-07 20:01 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-11-07 20:00 - 2014-11-07 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-11-07 19:59 - 2014-11-07 20:10 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\DAEMON Tools Lite
2014-11-07 19:59 - 2014-11-07 19:59 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-11-07 19:59 - 2014-11-07 19:59 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-11-07 19:53 - 2014-11-07 20:11 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-11-07 19:49 - 2005-06-11 16:25 - 05868922 _____ () C:\Users\Patryk\Desktop\Crack No-CD (By Squall89).zip
2014-11-07 19:47 - 2014-11-10 16:18 - 00000000 ____D () C:\Users\Patryk\Desktop\Nowy folder
2014-11-07 18:04 - 2014-11-07 20:24 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\BitCometLite
2014-11-07 14:18 - 2014-11-07 14:18 - 00000198 _____ () C:\Users\Patryk\Desktop\Counter-Strike.url
2014-11-04 13:33 - 2014-11-04 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-11-04 13:33 - 2014-11-04 13:33 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-11-02 20:44 - 2014-11-02 20:44 - 01671810 _____ () C:\Users\Patryk\Desktop\dsd.zip
2014-11-02 20:42 - 2014-11-02 20:42 - 01657268 _____ () C:\Users\Patryk\Desktop\Gotowiec.rar
2014-11-02 19:23 - 2014-11-10 02:35 - 00000000 ____D () C:\ProgramData\7bb6df21-8ca8-4eec-965d-8cd2261544c7
2014-11-02 17:52 - 2014-11-02 17:57 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Notepad++
2014-11-02 17:52 - 2014-11-02 17:52 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-11-02 17:52 - 2014-11-02 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-11-02 17:52 - 2014-11-02 17:52 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-11-02 17:51 - 2014-11-02 17:51 - 07945210 _____ () C:\Users\Patryk\Downloads\npp.6.6.9.Installer.exe
2014-11-01 19:49 - 2014-11-01 19:48 - 03399374 _____ () C:\Users\Patryk\Desktop\zyczu-mc.jar
2014-11-01 19:48 - 2014-11-02 14:08 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\.minecraftzyczu
2014-11-01 16:51 - 2014-11-02 22:24 - 00000000 ____D () C:\Users\Patryk\Desktop\byle co
2014-10-31 21:31 - 2014-10-31 21:31 - 00046080 ___SH () C:\Users\Patryk\AppData\Thumbs.db
2014-10-31 21:31 - 2014-10-31 21:31 - 00001285 _____ () C:\Users\Patryk\Desktop\Roaming — skrót.lnk
2014-10-31 21:31 - 2014-10-31 21:31 - 00000000 ____D () C:\Users\Patryk\Desktop\Kopia [1.7.2]
2014-10-31 12:53 - 2014-11-08 12:53 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\.minecraft
2014-10-31 11:35 - 2014-10-31 11:35 - 00000000 ____D () C:\Users\Patryk\Documents\DNKu @ 50k
2014-10-25 19:07 - 2014-10-25 19:07 - 02936397 _____ () C:\Users\Patryk\Downloads\forge-1.7.2-10.12.2.1147-installer.jar
2014-10-25 18:48 - 2014-10-31 13:01 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\AIMP3
2014-10-25 18:48 - 2014-10-25 18:48 - 00000909 _____ () C:\Users\Public\Desktop\AIMP3.lnk
2014-10-25 18:48 - 2014-10-25 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2014-10-25 18:47 - 2014-10-25 18:48 - 00000000 ____D () C:\Program Files (x86)\AIMP3
2014-10-25 11:53 - 2014-10-25 11:53 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\java
2014-10-24 20:33 - 2014-11-02 12:11 - 00000000 ____D () C:\Users\Patryk\Desktop\muzyka ts3
2014-10-24 20:10 - 2014-10-24 20:11 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-10-24 20:10 - 2014-10-24 20:10 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-10-24 20:10 - 2014-10-24 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-10-24 20:09 - 2014-10-24 20:09 - 00000983 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-10-24 20:09 - 2014-10-24 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-10-24 20:08 - 2014-10-24 22:15 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Winamp
2014-10-24 20:08 - 2014-10-24 20:10 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-10-24 20:08 - 2010-03-11 22:26 - 00000000 ____D () C:\Users\Patryk\Documents\Virtual Audio Cable 4.10 - vac410full
2014-10-20 21:47 - 2009-03-18 17:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-10-18 20:13 - 2014-10-18 20:14 - 16521761 _____ () C:\Users\Patryk\Documents\1 (01).flv
2014-10-18 20:12 - 2014-10-18 20:13 - 10069991 _____ () C:\Users\Patryk\Documents\1.flv
2014-10-18 15:37 - 2014-10-18 15:39 - 00000000 ____D () C:\Users\Patryk\AppData\Local\PAYDAY 2
2014-10-18 15:37 - 2014-10-18 15:37 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-18 14:27 - 2014-10-18 14:27 - 00000202 _____ () C:\Users\Patryk\Desktop\PAYDAY 2.url
2014-10-18 12:47 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-18 12:47 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-18 12:47 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-18 12:47 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-18 12:47 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-18 12:47 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-18 12:47 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-18 12:47 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-18 12:47 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-18 12:47 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-18 12:47 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-18 12:47 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-18 12:47 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-18 12:47 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-18 12:47 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-18 12:47 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-18 12:47 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-18 12:47 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-18 12:47 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-18 12:47 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-18 12:47 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-18 12:47 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-18 12:47 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-18 12:47 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-18 12:47 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-18 12:47 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-18 12:47 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-18 12:47 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-18 12:47 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-18 12:47 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-18 12:47 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-18 12:47 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-18 12:47 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-18 12:46 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-18 12:46 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-18 12:46 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-18 12:46 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-18 12:46 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-18 12:46 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-18 12:46 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-18 12:46 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-18 12:46 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-18 12:46 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-18 12:46 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-18 12:46 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-18 12:46 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-18 12:46 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-18 12:46 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-18 12:46 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-18 12:46 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-18 12:46 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-18 12:46 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-18 12:46 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-18 12:46 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-18 12:46 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-18 12:46 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-18 12:22 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 12:22 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 12:22 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 12:22 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 12:22 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 12:22 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 12:22 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 12:21 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-18 12:21 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-18 12:21 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-18 12:21 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-18 12:21 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-18 12:21 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-18 12:21 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-18 12:21 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-18 12:21 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-18 12:21 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-18 12:21 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-18 12:21 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-18 12:20 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-18 12:20 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-18 12:20 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-17 09:19 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-17 09:19 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-17 09:18 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-17 09:18 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-17 09:17 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-17 09:17 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-17 09:17 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-17 09:17 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-17 09:17 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-17 09:17 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-17 09:17 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-17 09:17 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-17 09:17 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-17 09:17 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-17 09:17 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-17 09:17 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-17 09:17 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-17 09:17 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-17 09:17 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-17 09:17 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-17 09:16 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 09:16 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 19:34 - 2014-10-16 19:58 - 136511153 ____H () C:\Users\Patryk\Desktop\BIT4DF3.tmp
2014-10-16 19:34 - 2007-12-31 23:04 - 00000000 ____D () C:\Program Files (x86)\Driver Pro
2014-10-16 18:31 - 2014-10-16 18:31 - 00000000 ____D () C:\Users\Patryk\Documents\Optimizer Pro
2014-10-16 18:30 - 2014-10-16 18:30 - 01055936 _____ (Adobe) C:\Users\Patryk\Downloads\install_flashplayer15x32_chrd_dn_aaa_aih.exe
2014-10-16 18:15 - 2014-10-18 11:46 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-10-16 18:15 - 2007-12-31 23:05 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-10-16 18:11 - 2014-10-16 19:33 - 00000266 __RSH () C:\ProgramData\ntuser.pol
2014-10-16 18:11 - 2014-10-16 19:33 - 00000000 ____D () C:\ProgramData\936f2f00945e89b
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Ulka\AppData\Local\Torch
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Ulka\AppData\Local\Comodo
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Ulka\AppData\Local\Chromatic Browser
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Patryk\AppData\Local\Torch
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Patryk\AppData\Local\Comodo
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Patryk\AppData\Local\Chromatic Browser
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Guest
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-10-16 18:11 - 2014-10-16 18:11 - 00000000 ____D () C:\Users\Administrator
2014-10-16 11:20 - 2014-10-16 11:20 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-16 11:20 - 2014-10-16 11:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-16 11:20 - 2014-10-16 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-16 11:20 - 2014-10-16 11:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-15 12:13 - 2014-10-15 12:13 - 00291576 _____ () C:\Windows\Minidump\101514-19484-01.dmp
2014-10-14 15:53 - 2014-10-14 15:53 - 00000528 _____ () C:\Users\Patryk\Desktop\Amarena — skrót.lnk
2014-10-13 13:20 - 2014-10-13 13:20 - 00000522 _____ () C:\Users\Public\Desktop\Sizer.lnk
2014-10-13 13:20 - 2014-10-13 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sizer
2014-10-13 13:18 - 2014-10-13 13:18 - 00188416 _____ () C:\Users\Patryk\Downloads\sizer334.msi
2014-10-13 12:34 - 2014-10-18 20:14 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\OBS
2014-10-13 12:34 - 2014-10-13 12:34 - 00000939 _____ () C:\Users\Patryk\Desktop\Open Broadcaster Software.lnk
2014-10-13 12:34 - 2014-10-13 12:34 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-10-13 12:34 - 2014-10-13 12:34 - 00000000 ____D () C:\Program Files\OBS
2014-10-13 12:34 - 2014-10-13 12:34 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-10-12 12:27 - 2014-10-12 12:27 - 01055936 _____ (Adobe) C:\Users\Patryk\Downloads\install_flashplayer15x32_chra_dy_aaa_aih.exe
2014-10-11 21:56 - 2014-10-11 21:56 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\SFBot
2014-10-11 20:42 - 2014-10-11 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-11 20:41 - 2014-10-11 20:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-11 20:41 - 2014-10-11 20:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-11 18:49 - 2014-10-11 18:49 - 04690512 _____ () C:\Users\Patryk\Downloads\9abe1341002164fb540cb2c3.mp4
2014-10-11 07:32 - 2014-11-10 16:14 - 465595450 _____ () C:\Windows\MEMORY.DMP
2014-10-11 07:32 - 2014-11-10 16:14 - 00000000 ____D () C:\Windows\Minidump
2014-10-11 07:32 - 2014-10-11 07:32 - 00291640 _____ () C:\Windows\Minidump\101114-15578-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 19:16 - 2014-09-13 22:31 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Skype
2014-11-10 19:11 - 2014-09-13 22:06 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-10 18:25 - 2014-09-27 18:44 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 16:31 - 2014-09-13 21:52 - 01082796 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 16:27 - 2014-10-08 19:24 - 00000448 _____ () C:\Users\Patryk\AppData\Roaming\burnaware.ini
2014-11-10 16:22 - 2009-07-14 05:45 - 00030960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 16:22 - 2009-07-14 05:45 - 00030960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 16:17 - 2014-10-08 19:34 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\GG
2014-11-10 16:17 - 2014-09-20 20:24 - 00000000 ____D () C:\Users\Patryk\AppData\Local\LogMeIn Hamachi
2014-11-10 16:15 - 2009-07-14 05:51 - 00052590 _____ () C:\Windows\setupact.log
2014-11-10 16:14 - 2014-09-14 17:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-10 16:14 - 2014-09-13 22:06 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-10 16:14 - 2010-11-21 04:47 - 00359080 _____ () C:\Windows\PFRO.log
2014-11-10 16:14 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 18:22 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini
2014-11-09 17:49 - 2014-09-13 21:57 - 00000000 ____D () C:\Users\Patryk\AppData\Local\VirtualStore
2014-11-09 15:47 - 2014-09-21 12:54 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-09 15:47 - 2014-09-21 12:54 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-09 15:47 - 2014-09-21 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-09 15:47 - 2014-09-21 12:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-08 20:45 - 2014-09-22 07:16 - 00000000 ____D () C:\Users\Ulka\AppData\Local\LogMeIn Hamachi
2014-11-07 20:04 - 2014-09-13 22:40 - 00740422 _____ () C:\Windows\system32\perfh015.dat
2014-11-07 20:04 - 2014-09-13 22:40 - 00155996 _____ () C:\Windows\system32\perfc015.dat
2014-11-07 20:04 - 2009-07-14 06:13 - 01670518 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 14:18 - 2014-09-13 22:39 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-02 18:16 - 2011-04-12 09:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-02 10:12 - 2014-10-05 20:09 - 00000000 ____D () C:\Users\Patryk\AppData\Roaming\TS3Client
2014-10-30 14:25 - 2014-10-08 19:23 - 00003874 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1412792585
2014-10-30 14:25 - 2014-10-08 19:23 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-24 20:28 - 2014-09-20 20:28 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-24 20:27 - 2014-09-20 20:27 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-20 07:58 - 2009-07-14 06:08 - 00032606 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-19 10:24 - 2009-07-14 05:45 - 00267360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-19 10:22 - 2014-09-15 06:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-18 21:06 - 2014-09-14 13:12 - 00000000 ____D () C:\Users\Patryk\Documents\Euro Truck Simulator 2
2014-10-18 15:37 - 2014-09-14 17:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-18 15:36 - 2014-09-13 23:13 - 00027560 _____ () C:\Windows\DirectX.log
2014-10-18 15:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-18 11:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2014-10-16 18:11 - 2014-09-14 13:27 - 00000000 ____D () C:\Users\Ulka\AppData\Local\Google
2014-10-16 18:11 - 2014-09-13 22:06 - 00000000 ____D () C:\Users\Patryk\AppData\Local\Google
2014-10-16 18:11 - 2014-09-13 22:06 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-16 18:11 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-16 18:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-14 09:48 - 2014-09-13 22:31 - 00000000 ____D () C:\ProgramData\Skype
2014-10-12 10:46 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-11 16:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\L2Schemas

Some content of TEMP:
====================
C:\Users\Patryk\AppData\Local\Temp\drvprosetup.exe
C:\Users\Patryk\AppData\Local\Temp\optprosetup.exe
C:\Users\Patryk\AppData\Local\Temp\SHSetup.exe
C:\Users\Patryk\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Patryk\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-09 16:43

==================== End Of Log ============================

plik addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014 01
Ran by Patryk at 2014-11-10 19:18:42
Running from D:\Pobieranie- Google Chrome
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
Aktualizacje NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
BurnAware Free 7.4 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
GG (HKU\S-1-5-21-2516315510-2763186107-4186572167-1000\...\GG) (Version: 12 - GG Network S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.266 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.266 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenFM (HKU\S-1-5-21-2516315510-2763186107-4186572167-1000\...\OpenFM) (Version: 2 - GG Network S.A.)
Opera Stable 25.0.1614.68 (HKLM-x32\...\Opera 25.0.1614.68) (Version: 25.0.1614.68 - Opera Software ASA)
Panel sterowania NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2516315510-2763186107-4186572167-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Patryk\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Restore Points  =========================

03-11-2014 08:08:16 Windows Update
06-11-2014 18:57:20 Windows Update
07-11-2014 18:59:44 Instalacja pakietu sterownika urządzenia: DT Soft Ltd Urządzenia systemowe
07-11-2014 19:11:50 Installed GTA San Andreas
09-11-2014 14:09:25 Installed SpyHunter
09-11-2014 16:13:03 Removed SpyHunter
10-11-2014 15:09:08 Removed SpyHunter
10-11-2014 15:30:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00444128-C773-4CFF-A210-83A717E7F190} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {1E3853DC-F2F4-4DD5-B001-6841C246A8E1} - System32\Tasks\Opera scheduled Autoupdate 1412792585 => C:\Program Files (x86)\Opera\launcher.exe [2014-10-29] (Opera Software)
Task: {676707E8-4A5C-4121-82BF-42DDBC6CF190} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-27] (Adobe Systems Incorporated)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {B4115F68-0126-4C22-B890-4AC518CB225C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {CB6AC056-FE17-4F42-8FE5-B2A812BF7CC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-14 17:38 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-07 21:34 - 2014-10-01 06:54 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libglesv2.dll
2014-10-07 21:34 - 2014-10-01 06:54 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libegl.dll
2014-10-07 21:34 - 2014-10-01 06:54 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\pdf.dll
2014-10-07 21:34 - 2014-10-01 06:54 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2516315510-2763186107-4186572167-500 - Administrator - Disabled)
Guest (S-1-5-21-2516315510-2763186107-4186572167-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2516315510-2763186107-4186572167-1002 - Limited - Enabled)
Patryk (S-1-5-21-2516315510-2763186107-4186572167-1000 - Administrator - Enabled) => C:\Users\Patryk
Ulka (S-1-5-21-2516315510-2763186107-4186572167-1003 - Administrator - Enabled) => C:\Users\Ulka

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2014 04:16:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 04:05:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 02:35:51 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan't create NSS process. [0]

Error: (11/10/2014 02:35:51 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan't create token for Network Service account [1352]

Error: (11/09/2014 08:30:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4270f18a
Nazwa modułu powodującego błąd: samp.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x52fc75eb
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x03ef643d
Identyfikator procesu powodującego błąd: 0xeac
Godzina uruchomienia aplikacji powodującej błąd: 0xgta_sa.exe0
Ścieżka aplikacji powodującej błąd: gta_sa.exe1
Ścieżka modułu powodującego błąd: gta_sa.exe2
Identyfikator raportu: gta_sa.exe3

Error: (11/09/2014 05:13:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddWin32ServiceFiles: Unable to back up image of service Util EnterDigital since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (11/09/2014 05:13:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddWin32ServiceFiles: Unable to back up image of service Update EnterDigital since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (11/09/2014 05:13:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddWin32ServiceFiles: Unable to back up image of service MaintainerSvc6.37.565328 since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (11/09/2014 05:13:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddLegacyDriverFiles: Unable to back up image of binary {f1d7e225-e39d-4bcb-8a90-eaa4181b222b}Gw64.

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (11/09/2014 05:13:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddLegacyDriverFiles: Unable to back up image of binary {9015bae7-cdbb-4473-a5d0-ecfa559b2ca5}Gw64.

System Error:
Nie można odnaleźć określonego pliku.
.


System errors:
=============
Error: (11/10/2014 04:15:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą GS_Sustainer.

Error: (11/10/2014 04:14:36 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000003b (0x00000000c0000005, 0xfffff80002c921a4, 0xfffff88007cdaf30, 0x0000000000000000)C:\Windows\MEMORY.DMP

Error: (11/10/2014 04:14:36 PM) (Source: BugCheck) (EventID: 1005) (User: )
Description: 

Error: (11/10/2014 04:14:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 16:12:15 na ‎2014-‎11-‎10 było nieoczekiwane.

Error: (11/10/2014 04:04:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą GS_Sustainer.

Error: (11/10/2014 02:35:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Serwer zakończyła działanie; wystąpił następujący błąd: 
%%1062

Error: (11/10/2014 02:35:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Usługa listy sieci z powodu następującego błędu: 
%%1069

Error: (11/10/2014 02:35:51 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Usługa netprofm nie może zalogować się jako NT AUTHORITY\LocalService za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: 
%%50

Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

Error: (11/10/2014 02:35:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Usługa listy sieci z powodu następującego błędu: 
%%1069

Error: (11/10/2014 02:35:51 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Usługa netprofm nie może zalogować się jako NT AUTHORITY\LocalService za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: 
%%50

Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (11/10/2014 04:16:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 04:05:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 02:35:51 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan't create NSS process. [0]

Error: (11/10/2014 02:35:51 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcCan't create token for Network Service account [1352]

Error: (11/09/2014 08:30:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: gta_sa.exe0.0.0.04270f18asamp.dll_unloaded0.0.0.052fc75ebc000000503ef643deac01cffc539a783138C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exesamp.dlldb40e858-6846-11e4-b5a5-001d7da36eec

Error: (11/09/2014 05:13:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Util EnterDigital since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.

Error: (11/09/2014 05:13:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Update EnterDigital since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.

Error: (11/09/2014 05:13:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service MaintainerSvc6.37.565328 since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.

Error: (11/09/2014 05:13:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary {f1d7e225-e39d-4bcb-8a90-eaa4181b222b}Gw64.

System Error:
Nie można odnaleźć określonego pliku.

Error: (11/09/2014 05:13:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary {9015bae7-cdbb-4473-a5d0-ecfa559b2ca5}Gw64.

System Error:
Nie można odnaleźć określonego pliku.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+
Percentage of memory in use: 48%
Total physical RAM: 4095.55 MB
Available physical RAM: 2126.17 MB
Total Pagefile: 8189.29 MB
Available Pagefile: 5999.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:89.14 GB) NTFS
Drive d: (Pierdoły) (Fixed) (Total:297.99 GB) (Free:248.19 GB) NTFS
Drive f: (GTA_SAN_ANDREAS) (CDROM) (Total:3.93 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8760B548)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 8760B557)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================

plik shortcut.txt

Users shortcut scan result (x64) Version: 09-11-2014 01
Ran by Patryk at 2014-11-10 19:19:57
Running from D:\Pobieranie- Google Chrome
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Co nowego.lnk -> C:\Program Files (x86)\Winamp\whatsnew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Odinstaluj Winampa.lnk -> C:\Program Files (x86)\Winamp\UninstWA.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Audio Repeater (KS).lnk -> C:\Program Files\Virtual Audio Cable\audiorepeater_ks.exe (Eugene V. Muzychenko)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Audio Repeater (MME).lnk -> C:\Program Files\Virtual Audio Cable\audiorepeater.exe (Eugene V. Muzychenko)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Control panel.lnk -> C:\Program Files\Virtual Audio Cable\vcctlpan.exe (Eugene V. Muzychenko)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Homepage.lnk -> C:\Program Files\Virtual Audio Cable\homepage.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Readme.lnk -> C:\Program Files\Virtual Audio Cable\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\User manual.lnk -> C:\Program Files\Virtual Audio Cable\vac.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sizer\Sizer.lnk -> D:\sizer\sizer.exe (Brian Apps Products)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer\San Andreas Multiplayer.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer\Uninstall.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\SAMPUninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Play GTA San Andreas.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\README.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\ReadMe\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Deinstalacja programu Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> D:\League of Legends\lol.launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk -> D:\fraps\fraps.exe (Beepa P/L)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk -> D:\fraps\uninstall.exe (Beepa Pty Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DTGadget.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DT.gadget ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\SPTD Setup.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\SPTDinst-x64.exe (Duplex Secure Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (32-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-i386.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine help.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine tutorial.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Reset settings.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Uninstall Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Kernel stuff\Unload kernel module.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\BurnAware Free.lnk -> D:\BurnAware Free\BurnAware.exe (Burnaware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\Deinstalacja programu BurnAware Free.lnk -> D:\BurnAware Free\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\Help.lnk -> D:\BurnAware Free\burnaware.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\AutoIt Help File.lnk -> D:\AutoIt3\AutoIt.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\AutoIt Window Info (x64).lnk -> D:\AutoIt3\Au3Info_x64.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\AutoIt Window Info (x86).lnk -> D:\AutoIt3\Au3Info.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Compile Script to .exe (x64).lnk -> D:\AutoIt3\Aut2Exe\Aut2exe_x64.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Compile Script to .exe (x86).lnk -> D:\AutoIt3\Aut2Exe\Aut2exe.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Examples.lnk -> D:\AutoIt3\Examples ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Run Script (x64).lnk -> D:\AutoIt3\AutoIt3_x64.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Run Script (x86).lnk -> D:\AutoIt3\AutoIt3.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\SciTE Script Editor.lnk -> D:\AutoIt3\SciTE\SciTE.exe (Neil Hodgson [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\AutoIt v3 Website.lnk -> D:\AutoIt3\AutoIt v3 Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\Browse Extras.lnk -> D:\AutoIt3\Extras ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\AutoItX\AutoItX Help File.lnk -> D:\AutoIt3\AutoItX\AutoItX.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\AutoItX\VBScript Examples.lnk -> D:\AutoIt3\AutoItX\ActiveX\VBScript (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat\AppsHat.lnk -> C:\Users\Patryk\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk -> C:\Users\Patryk\AppData\Local\WebPlayer\Uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Advanced Tag Editor.lnk -> C:\Program Files (x86)\AIMP3\AIMP3ate.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Audio Converter.lnk -> C:\Program Files (x86)\AIMP3\AIMP3ac.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Audio Library.lnk -> C:\Program Files (x86)\AIMP3\AIMP3lib.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Home Page.lnk -> C:\Program Files (x86)\AIMP3\AIMP3.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3.lnk -> C:\Program Files (x86)\AIMP3\AIMP3.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\History.lnk -> C:\Program Files (x86)\AIMP3\history.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\License.lnk -> C:\Program Files (x86)\AIMP3\license.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\Uninstall.lnk -> C:\Program Files (x86)\AIMP3\Uninstall.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Patryk\Links\Desktop.lnk -> C:\Users\Patryk\Desktop ()
Shortcut: C:\Users\Patryk\Links\Downloads.lnk -> C:\Users\Patryk\Downloads ()
Shortcut: C:\Users\Patryk\Links\GG dysk.lnk -> C:\Users\Patryk\GG dysk ()
Shortcut: C:\Users\Patryk\Favorites\GG dysk.lnk -> C:\Users\Patryk\GG dysk ()
Shortcut: C:\Users\Patryk\Documents\GG dysk.lnk -> C:\Users\Patryk\GG dysk ()
Shortcut: C:\Users\Patryk\Documents\Euro Truck Simulator 2\readme.rtf.lnk -> D:\Steam\steamapps\common\Euro Truck Simulator 2\readme.rtf ()
Shortcut: C:\Users\Patryk\Desktop\Amarena — skrót.lnk -> D:\Amarena\Amarena.exe ()
Shortcut: C:\Users\Patryk\Desktop\Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe ()
Shortcut: C:\Users\Patryk\Desktop\DiamondMT3 — skrót.lnk -> D:\DiamondMT3\DiamondMT3.exe ()
Shortcut: C:\Users\Patryk\Desktop\Dreikon — skrót.lnk -> D:\Dreikonv2\Dreikon.exe (Dreikon.pl)
Shortcut: C:\Users\Patryk\Desktop\GG.lnk -> C:\Users\Patryk\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Patryk\Desktop\Open Broadcaster Software.lnk -> C:\Program Files (x86)\OBS\OBS.exe ()
Shortcut: C:\Users\Patryk\Desktop\OpenFM.lnk -> C:\Users\Patryk\AppData\Local\OpenFM\Application\openfm.exe ()
Shortcut: C:\Users\Patryk\Desktop\Roaming — skrót.lnk -> C:\Users\Patryk\AppData\Roaming ()
Shortcut: C:\Users\Patryk\Desktop\samp — skrót.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe ()
Shortcut: C:\Users\Patryk\Desktop\starter — skrót.lnk -> D:\Eloth_Final_10_01_2014\starter.exe ()
Shortcut: C:\Users\Patryk\Desktop\XenoxMT2 Launcher — skrót.lnk -> D:\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe (Katherina Walensky)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Patryk\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Patryk\AppData\Local\OpenFM\Application\openfm.exe ()
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (32bit).lnk -> C:\Program Files (x86)\OBS\OBS.exe ()
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (64bit).lnk -> C:\Program Files\OBS\OBS.exe ()
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Uninstall.lnk -> C:\Program Files (x86)\OBS\uninstall.exe ()
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Patryk\AppData\Local\OpenFM\Application\openfm.lnk -> C:\Users\Patryk\AppData\Local\OpenFM\Application\openfm.exe ()
Shortcut: C:\Users\Patryk\AppData\Local\Microsoft\Windows\GameExplorer\{A346DF97-4DC8-4C9F-94D6-E8F72E2EB604}\PlayTasks\0\Zagraj.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe ()
Shortcut: C:\Users\Patryk\AppData\Local\GG\Application\gg.lnk -> C:\Users\Patryk\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Public\Desktop\AIMP3.lnk -> C:\Program Files (x86)\AIMP3\AIMP3.exe (AIMP DevTeam)
Shortcut: C:\Users\Public\Desktop\BurnAware Free.lnk -> D:\BurnAware Free\BurnAware.exe (Burnaware)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\Public\Desktop\Fraps.lnk -> D:\fraps\fraps.exe (Beepa P/L)
Shortcut: C:\Users\Public\Desktop\GTA San Andreas.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe ()
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Public\Desktop\Play League of Legends.lnk -> D:\League of Legends\lol.launcher.exe ()
Shortcut: C:\Users\Public\Desktop\Sizer.lnk -> D:\sizer\sizer.exe (Brian Apps Products)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> D:\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Public\Desktop\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Ulka\Links\Desktop.lnk -> C:\Users\Patryk\Desktop ()
Shortcut: C:\Users\Ulka\Links\Downloads.lnk -> C:\Users\Patryk\Downloads ()
Shortcut: C:\Users\Ulka\Desktop\AppsHat.lnk -> C:\Users\Patryk\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe (No File)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ulka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartsurf.com/?type=sc&ts=1411198207&from=smt&uid=395049983_266035_30092E32
ShortcutWithArgument: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.istartsurf.com/?type=sc&ts=1411198207&from=smt&uid=395049983_266035_30092E32
ShortcutWithArgument: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.istartsurf.com/?type=sc&ts=1411198207&from=smt&uid=395049983_266035_30092E32
ShortcutWithArgument: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.istartsurf.com/?type=sc&ts=1411198207&from=smt&uid=395049983_266035_30092E32
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.istartsurf.com/?type=sc&ts=1411198207&from=smt&uid=395049983_266035_30092E32


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp (Tryb awaryjny).lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.) -> /SAFE=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Uninstall Virtual Audio Cable.lnk -> C:\Program Files\Virtual Audio Cable\setup64.exe (Eugene V. Muzychenko) -> -u
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sizer\Uninstall Sizer.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {DE43AA92-E8C0-4620-AFE2-FBD623C71643}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Uninstall GTA San Andreas.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {32CB6BDF-F465-4BE8-9B57-1422057B61B9} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\main.lua.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> C:\Program Files (x86)\Cheat Engine 6.4\main.lua
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Check For Updates.lnk -> D:\AutoIt3\AutoIt3.exe (AutoIt Team) -> "D:\AutoIt3\Extras\AutoUpdateIt\AutoUpdateIt.au3"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Public\Desktop\Wybór przeglądarki.lnk -> C:\Windows\System32\browserchoice.exe (Microsoft Corporation) -> /launch
ShortcutWithArgument: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Ulka\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Ulka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Register Online.url -> hxxp://www.rockstargames.com/register/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Rockstar Games.url -> hxxp://www.rockstargames.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Rockstar North Ltd.url -> hxxp://www.RockstarNorth.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\Strona WWW programu BurnAware Free.url -> hxxp://www.burnaware.com/
InternetURL: C:\Users\Patryk\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Patryk\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Patryk\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Patryk\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Patryk\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Patryk\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Patryk\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Patryk\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Patryk\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Patryk\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Patryk\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Patryk\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Patryk\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\Patryk\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\Patryk\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Patryk\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Patryk\Favorites\Links\Sugerowane witryny.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Patryk\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Patryk\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Patryk\Documents\Virtual Audio Cable 4.10 - vac410full\homepage.url -> hxxp://software.muzychenko.net/eng/vac.html
InternetURL: C:\Users\Patryk\Desktop\Counter-Strike Global Offensive.url -> steam://rungameid/730
InternetURL: C:\Users\Patryk\Desktop\Counter-Strike.url -> steam://rungameid/10
InternetURL: C:\Users\Patryk\Desktop\Euro Truck Simulator 2.url -> steam://rungameid/227300
InternetURL: C:\Users\Patryk\Desktop\PAYDAY 2.url -> steam://rungameid/218620
InternetURL: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> steam://rungameid/730
InternetURL: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike.url -> steam://rungameid/10
InternetURL: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Euro Truck Simulator 2.url -> steam://rungameid/227300
InternetURL: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\PAYDAY 2.url -> steam://rungameid/218620
InternetURL: C:\Users\Ulka\Favorites\Windows Live\Galeria gadżetów Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkID=70742
InternetURL: C:\Users\Ulka\Favorites\Windows Live\Poczta usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Ulka\Favorites\Windows Live\Programy usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Ulka\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Ulka\Favorites\MSN — witryny sieci Web\MSN Gospodarka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Ulka\Favorites\MSN — witryny sieci Web\MSN Rozrywka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Ulka\Favorites\MSN — witryny sieci Web\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Ulka\Favorites\MSN — witryny sieci Web\MSN Technologie.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Ulka\Favorites\MSN — witryny sieci Web\MSN Wideo.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Ulka\Favorites\MSN — witryny sieci Web\Portal MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\Centrum bezpieczeństwa Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkID=72887
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\Dodatki programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\Microsoft Office Online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72885
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\Microsoft Technet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72886
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\Microsoft w Polsce.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\Oryginalne oprogramowanie firmy Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72900
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\Strona główna programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\Strona główna systemu Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\Technologia RSS.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72889
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\W domu.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Ulka\Favorites\Microsoft — witryny sieci Web\W pracy.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72407
InternetURL: C:\Users\Ulka\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Ulka\Favorites\Links\Sugerowane witryny.url -> https://ieonline.microsoft.com/#ieslice

==================== End of log =============================

Nezvik · 10 Listopada 2014

Pobierz:
http://speedy.sh/NK4sB/fixlist.txt

Umieść w folderze z FRST, odpal FRST, kliknij FIX. Zrestartuj komputer, odinstaluj google chrome i zainstaluj powinno. No i napisz czy pomogło.

Janusz. · 16 Listopada 2014

Mój plik FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-11-2014 01

Ran by Ola (administrator) on OLA-KOMPUTER on 16-11-2014 18:29:12

Running from D:\

Loaded Profile: Ola (Available profiles: Ola)

Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Polski (Polska)

Internet Explorer Version 8

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgrsx.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgcsrvx.exe

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe

(AMD) E:\Windows\System32\atiesrxx.exe

(AMD) E:\Windows\System32\atieclxx.exe

(Advanced Micro Devices, Inc.) E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgfws.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgwdsvc.exe

(BlueStack Systems, Inc.) E:\Program Files\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) E:\Program Files\BlueStacks\HD-UpdaterService.exe

(Malwarebytes Corporation) E:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Realtek Semiconductor) E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

(Malwarebytes Corporation) E:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

(Advanced Micro Devices Inc.) E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Oracle Corporation) E:\Program Files\Common Files\Java\Java Update\jusched.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgui.exe

(Microsoft Corporation) E:\Program Files\Windows Sidebar\sidebar.exe

(GG Network S.A.) E:\Users\Ola\AppData\Local\GG\Application\gghub.exe

(Malwarebytes Corporation) E:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(DEVGURU Co., LTD.) E:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe

(ATI Technologies Inc.) E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgnsx.exe

(AVG Technologies CZ, s.r.o.) E:\Program Files\AVG\AVG2015\avgemcx.exe

(Microsoft Corporation) E:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

(GG Network S.A.) E:\Users\Ola\AppData\Local\GG\Application\ggapp.exe

(GG Network S.A.) E:\Users\Ola\AppData\Local\GG\Application\ggdrive\ggdrive.exe

(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

(Enigma Software Group USA, LLC.) E:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) E:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [bCSSync] => E:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)

HKLM\...\Run: [RtHDVCpl] => E:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6711840 2009-01-20] (Realtek Semiconductor)

HKLM\...\Run: [skytel] => E:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-20] (Realtek Semiconductor Corp.)

HKLM\...\Run: [startCCC] => E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-29] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [AMD AVT] => E:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()

HKLM\...\Run: [Adobe ARM] => E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)

HKLM\...\Run: [sunJavaUpdateSched] => E:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)

HKLM\...\Run: [AVG_UI] => E:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)

HKU\S-1-5-21-2911396493-3772211904-1113179493-1000\...\Run: [GG] => E:\Users\Ola\AppData\Local\GG\Application\gghub.exe [4023360 2014-09-01] (GG Network S.A.)

HKU\S-1-5-21-2911396493-3772211904-1113179493-1000\...\Run: [DAEMON Tools Lite] => E:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)

ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => E:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => E:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => E:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)

ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => E:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki

URLSearchHook: HKCU - DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - E:\Windows\System32\dvmurl.dll (DeviceVM Inc.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-2911396493-3772211904-1113179493-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

SearchScopes: HKCU - {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} URL = http://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=en&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> E:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()

FF Plugin: @java.com/DTPlugin,version=10.71.2 -> E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> E:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> E:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> E:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader -> E:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:

=======

CHR dev: Chrome dev build detected! <======= ATTENTION

CHR Profile: E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Dokumenty Google) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-28]

CHR Extension: (Dysk Google) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-28]

CHR Extension: (YouTube) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-28]

CHR Extension: (Adblock Plus) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-28]

CHR Extension: (Google Wallet) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-28]

CHR Extension: (Gmail) - E:\Users\Ola\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-28]

CHR Extension: (GoSave) - E:\ProgramData\omckhlmmgmmajfllegmckpkpdohmolgi\ [2014-09-28]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]

R2 avgfws; E:\Program Files\AVG\AVG2015\avgfws.exe [1459872 2014-09-05] (AVG Technologies CZ, s.r.o.)

R2 AVGIDSAgent; E:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)

R2 avgwd; E:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)

S2 BstHdAndroidSvc; E:\Program Files\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; E:\Program Files\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; E:\Program Files\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.)

S3 IDriverT; E:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]

R2 MBAMScheduler; E:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)

R2 MBAMService; E:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)

R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2013-05-07] (Enigma Software Group USA, LLC.)

R2 ss_conn_service; E:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 adiusbaw; E:\Windows\System32\DRIVERS\adiusbaw.sys [118552 2007-02-07] (Analog Devices Inc.)

R2 AODDriver4.1; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices)

R1 Avgdiskx; E:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgfwfd; E:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; E:\Windows\System32\DRIVERS\avgidsdriverx.sys [204056 2014-07-24] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHX; E:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSShim; E:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgldx86; E:\Windows\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.)

R0 Avglogx; E:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx86; E:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx86; E:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgtdix; E:\Windows\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.)

R2 BstHdDrv; E:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [113424 2014-06-23] (BlueStack Systems)

R1 dtsoftbus01; E:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2014-09-30] (DT Soft Ltd)

S2 ELOADER; E:\Windows\System32\Drivers\adildr.sys [56088 2007-02-07] (Analog Deivces)

R3 esgiguard; E:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13904 2011-05-06] ()

S3 EsgScanner; E:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()

S3 gdrv; E:\Windows\gdrv.sys [16608 2014-09-30] (Windows ® 2000 DDK provider)

R3 MBAMProtector; E:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)

R3 MBAMSwissArmy; E:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-16] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; E:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)

S3 pneteth; E:\Windows\System32\DRIVERS\pneteth.sys [13440 2011-11-24] (June Fabrics Technology Inc.)

S3 RTHDMIAzAudService; E:\Windows\System32\drivers\RtHDMIV.sys [155808 2008-12-25] (Realtek Semiconductor Corp.)

S3 ssudserd; E:\Windows\System32\DRIVERS\ssudserd.sys [184192 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr))

R3 usbrndis6; E:\Windows\System32\DRIVERS\usb80236.sys [15872 2009-07-14] (Microsoft Corporation)

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]

S3 tsusbhub; system32\drivers\tsusbhub.sys [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 18:14 - 2014-11-16 18:29 - 00000000 ____D () E:\FRST

2014-11-16 17:58 - 2014-11-16 17:58 - 00000000 _____ () E:\Users\Ola\Desktop\Nowy dokument tekstowy (2).txt

2014-11-16 15:50 - 2014-11-16 15:50 - 00001212 _____ () E:\Users\Ola\Desktop\SpyHunter4.lnk

2014-11-16 15:50 - 2014-11-16 15:50 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpyHunter4

2014-11-16 15:50 - 2014-11-16 15:50 - 00000000 ____D () E:\Program Files\Enigma Software Group

2014-11-16 15:50 - 2012-06-22 12:01 - 00019984 _____ () E:\Windows\system32\Drivers\EsgScanner.sys

2014-11-15 23:30 - 2014-11-16 18:01 - 00000000 ____D () E:\AdwCleaner

2014-11-14 12:06 - 2014-11-14 12:06 - 00003952 _____ () E:\Windows\windefendam.log

2014-11-14 09:47 - 2014-11-14 09:49 - 00114904 _____ (Malwarebytes Corporation) E:\Windows\system32\Drivers\2C044F26.sys

2014-11-14 09:46 - 2014-11-16 18:03 - 00008020 _____ () E:\Windows\PFRO.log

2014-11-14 02:14 - 2014-11-14 10:29 - 00000000 ____D () E:\Users\Ola\Documents\Bandicam

2014-11-14 02:09 - 2014-11-14 02:09 - 00000000 ____D () E:\Users\Ola\AppData\Local\DVDVideoSoft_Ltd

2014-11-14 01:49 - 2014-11-14 12:07 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis

2014-11-14 01:49 - 2014-11-14 12:06 - 00000020 _____ () E:\Windows\capsys184523.log

2014-11-14 01:49 - 2014-11-14 01:49 - 00000000 ____D () E:\Users\Ola\Documents\Action!

2014-11-14 01:49 - 2014-11-14 01:49 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\Mirillis

2014-11-14 01:49 - 2014-11-14 01:49 - 00000000 ____D () E:\Users\Ola\AppData\Local\Mirillis

2014-11-14 01:49 - 2014-11-14 01:49 - 00000000 ____D () E:\ProgramData\Mirillis

2014-11-14 01:48 - 2014-11-14 12:07 - 00000000 ____D () E:\Program Files\Mirillis

2014-11-13 16:47 - 2014-11-13 16:47 - 00000000 ____D () E:\ProgramData\omckhlmmgmmajfllegmckpkpdohmolgi

2014-11-11 17:06 - 2014-11-11 17:06 - 00000346 _____ () E:\Users\Ola\Desktop\Nowy dokument tekstowy.txt

2014-11-08 13:53 - 2014-11-16 18:03 - 00001568 _____ () E:\Windows\setupact.log

2014-11-08 13:53 - 2014-11-08 13:53 - 00000000 _____ () E:\Windows\setuperr.log

2014-11-08 01:43 - 2014-11-08 01:43 - 00000000 ____D () E:\Users\Ola\Documents\8floor

2014-11-08 01:42 - 2014-11-08 01:42 - 00000814 _____ () E:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jigsaw BOOM.lnk

2014-11-08 01:42 - 2014-11-08 01:42 - 00000000 ____D () E:\Program Files\Alawar.pl

2014-11-08 00:20 - 2014-11-08 00:20 - 00000774 _____ () E:\Users\Ola\Desktop\codsp — skrót.lnk

2014-11-02 15:52 - 2014-11-02 15:52 - 00000000 ____D () E:\Users\Ola\Documents\Hitman Blood Money

2014-11-02 15:46 - 2012-08-30 13:01 - 00348160 _____ (Microsoft Corporation) E:\Windows\system32\msvcr71.dll

2014-11-02 13:47 - 2014-11-03 13:47 - 00114904 _____ (Malwarebytes Corporation) E:\Windows\system32\Drivers\7B8F5DA6.sys

2014-11-01 13:56 - 2014-11-01 23:49 - 00196608 _____ () E:\Windows\system32\Ikeext.etl

2014-11-01 13:49 - 2014-11-16 18:06 - 00186840 _____ () E:\Windows\WindowsUpdate.log

2014-10-27 20:05 - 2014-10-25 20:56 - 70009865 ____N () E:\Users\Ola\Desktop\20141025_205400.mp4

2014-10-27 20:05 - 2014-10-25 20:52 - 30426303 ____N () E:\Users\Ola\Desktop\20141025_205108.mp4

2014-10-23 12:58 - 2014-10-23 12:58 - 00000000 ____D () E:\ProgramData\AVAST Software

2014-10-23 12:58 - 2014-10-23 12:58 - 00000000 ____D () E:\Program Files\AVAST Software

2014-10-21 20:45 - 2014-10-21 20:45 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\AVG2015

2014-10-21 20:44 - 2014-10-21 20:58 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-10-21 20:44 - 2014-10-21 20:44 - 00000969 _____ () E:\Users\Public\Desktop\AVG 2015.lnk

2014-10-21 20:41 - 2014-10-21 20:44 - 00000000 ____D () E:\ProgramData\AVG2015

2014-10-21 20:41 - 2014-10-21 20:41 - 00000000 ___HD () E:\$AVG

2014-10-21 20:34 - 2014-11-16 16:10 - 00000000 ____D () E:\Users\Ola\AppData\Local\Avg2015

2014-10-21 19:59 - 2014-10-02 14:53 - 00231568 ____N (Microsoft Corporation) E:\Windows\system32\MpSigStub.exe

2014-10-20 22:04 - 2014-10-20 22:04 - 00001769 _____ () E:\Users\Public\Desktop\Start BlueStacks.lnk

2014-10-20 22:04 - 2014-10-20 22:04 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2014-10-20 22:04 - 2014-10-20 22:04 - 00000000 ____D () E:\ProgramData\BlueStacks

2014-10-20 22:03 - 2014-10-20 22:04 - 00000000 ____D () E:\Program Files\BlueStacks

2014-10-20 22:02 - 2014-10-20 22:02 - 00000000 ____D () E:\Users\Ola\AppData\Local\Bluestacks

2014-10-18 02:36 - 2014-10-18 02:36 - 00000000 ____D () E:\ProgramData\GRETECH

2014-10-17 13:22 - 2014-10-17 13:22 - 00000000 ____D () E:\Program Files\Common Files\Java

2014-10-17 13:22 - 2014-10-17 13:21 - 00272808 _____ (Oracle Corporation) E:\Windows\system32\javaws.exe

2014-10-17 13:21 - 2014-10-17 13:21 - 00175528 _____ (Oracle Corporation) E:\Windows\system32\javaw.exe

2014-10-17 13:21 - 2014-10-17 13:21 - 00175528 _____ (Oracle Corporation) E:\Windows\system32\java.exe

2014-10-17 13:21 - 2014-10-17 13:21 - 00096680 _____ (Oracle Corporation) E:\Windows\system32\WindowsAccessBridge.dll

2014-10-17 13:21 - 2014-10-17 13:21 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-10-17 13:21 - 2014-10-17 13:21 - 00000000 ____D () E:\Program Files\Java

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-16 18:17 - 2014-10-08 17:31 - 00000930 _____ () E:\Windows\Tasks\Adobe Flash Player Updater.job

2014-11-16 18:16 - 2014-09-28 20:47 - 00000000 ____D () E:\ProgramData\MFAData

2014-11-16 18:11 - 2009-07-14 05:34 - 00010336 ____H () E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-11-16 18:11 - 2009-07-14 05:34 - 00010336 ____H () E:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-11-16 18:04 - 2014-09-28 20:48 - 00114904 _____ (Malwarebytes Corporation) E:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-11-16 18:03 - 2014-09-28 21:22 - 00001032 _____ () E:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-11-16 18:03 - 2009-07-14 05:53 - 00000006 ____H () E:\Windows\Tasks\SA.DAT

2014-11-16 17:39 - 2014-09-28 21:22 - 00001036 _____ () E:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-11-16 14:31 - 2014-09-28 22:20 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\GG

2014-11-15 19:20 - 2014-10-04 19:59 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\Skype

2014-11-14 22:25 - 2009-07-14 03:37 - 00000000 ____D () E:\Windows\system32\LogFiles

2014-11-14 12:10 - 2014-09-28 20:50 - 01523412 _____ () E:\Windows\system32\PerfStringBackup.INI

2014-11-14 12:10 - 2009-07-14 09:07 - 00687590 _____ () E:\Windows\system32\perfh015.dat

2014-11-14 12:10 - 2009-07-14 09:07 - 00131176 _____ () E:\Windows\system32\perfc015.dat

2014-11-14 11:56 - 2009-07-14 05:53 - 00032590 _____ () E:\Windows\Tasks\SCHEDLGU.TXT

2014-11-13 22:19 - 2014-10-08 17:31 - 00701104 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerApp.exe

2014-11-13 22:19 - 2014-10-08 17:31 - 00071344 _____ (Adobe Systems Incorporated) E:\Windows\system32\FlashPlayerCPLApp.cpl

2014-11-07 23:29 - 2014-10-12 17:29 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-11-01 23:49 - 2009-07-14 03:37 - 00000000 ____D () E:\Windows\tracing

2014-11-01 13:27 - 2014-10-04 20:20 - 00000000 ____D () E:\Users\Ola\AppData\Roaming\uTorrent

2014-11-01 13:27 - 2014-09-28 21:33 - 00000000 ____D () E:\Windows\Panther

2014-11-01 13:27 - 2009-07-14 03:37 - 00000000 ____D () E:\Windows\system32\Msdtc

2014-11-01 13:26 - 2014-10-04 19:58 - 00000000 ____D () E:\ProgramData\Skype

2014-11-01 13:26 - 2014-09-28 20:49 - 00000000 ____D () E:\Program Files\WinRAR

2014-10-28 16:37 - 2014-09-28 21:23 - 00002139 _____ () E:\Users\Public\Desktop\Google Chrome.lnk

2014-10-27 03:04 - 2014-09-28 22:01 - 00000000 ____D () E:\Windows\Minidump

2014-10-24 11:28 - 2014-09-28 20:47 - 00001068 _____ () E:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-10-24 11:28 - 2014-09-28 20:47 - 00000000 ____D () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-10-24 11:28 - 2014-09-28 20:47 - 00000000 ____D () E:\Program Files\Malwarebytes Anti-Malware

2014-10-21 20:39 - 2014-09-28 21:08 - 00000000 ____D () E:\Program Files\AVG

2014-10-21 19:02 - 2014-09-28 21:09 - 00000000 ____D () E:\ProgramData\AVG2013

2014-10-21 13:52 - 2009-07-14 03:37 - 00000000 ____D () E:\Windows\Microsoft.NET

2014-10-20 22:04 - 2009-07-14 03:37 - 00000000 __RHD () E:\Users\Public\Libraries

2014-10-17 13:22 - 2014-10-06 00:00 - 00000000 ____D () E:\ProgramData\Oracle

2014-10-17 13:18 - 2014-10-13 17:54 - 00002441 _____ () E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

Some content of TEMP:

====================

E:\Users\Ola\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

E:\Windows\explorer.exe => File is digitally signed

E:\Windows\system32\winlogon.exe => File is digitally signed

E:\Windows\system32\wininit.exe => File is digitally signed

E:\Windows\system32\svchost.exe => File is digitally signed

E:\Windows\system32\services.exe => File is digitally signed

E:\Windows\system32\User32.dll => File is digitally signed

E:\Windows\system32\userinit.exe => File is digitally signed

E:\Windows\system32\rpcss.dll => File is digitally signed

E:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-15 00:29

==================== End Of Log ============================

Nie podpinaj się pod czyiś temat, załóż własny.

Zaloguj się

👋 Witaj na MPCForum!

Jak usunąć reklamy GoSave?

Pytanie

pijawka 3000

pijawka 3000

6 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

Nezvik

Nezvik

kolomyja007

kolomyja007

MatrixXHardcore

MatrixXHardcore

pijawka 3000

pijawka 3000

Nezvik

Nezvik

Janusz.

Janusz.

Zarchiwizowany