atieclxx.exe etc..

MoVinek · 15 Stycznia 2015

Od jakiegoś czasu pojawiły mi się w menedżerze zadań takie procesy:

Zacznijmy od tego czy to jest na pewno szkodliwe? Wydaje mi się, że tak, zwłaszcza, ze coś mi karta zaczyna inaczej działać. Nie ma z nią konkretnych problemów, ale coś można zauważyć, ale to nie o tym mowa. Niech ktoś powie, czy to, aby na pewno jest szkodliwe i jeśli tak jak to usunąć? : )

19 Stycznia 2015

Wystarczy wpisać nazwę każdego procesu w Google, ALE zrobiłem to za ciebie

Te procesy sa systemowe-bezpieczne.

Winlogon i crss miałeś od zawsze

Loczuch · 19 Stycznia 2015

Helo, w googlach przeczytałam, że ten proces, którego użyłeś jako nazwę tematu może być wirusem. (malware)

Polecam to: http://www.neuber.com/taskmanager/index.html?ref=file.net

Security Task Manager detects unknown malware and rootkits hidden from your antivirus software.

Nezvik · 19 Stycznia 2015

Wykonaj logi FRST. O ile nazwy plików są systemowe to ścieżki plików mogą być różne, a brak ich podpisów jest dziwny.

19 Stycznia 2015

Jeśli twierdzisz, że masz wirusa to polecam ComboFix.

MoVinek · 19 Stycznia 2015

@Loczuch @Nezvik @Lavertis

Zaniepokoił mnie właśnie ich brak podpisu.
Loczuch- zapomniałem dopisać, że czytałem o nich w internecie, ale na jednej stronie było, że to wirusy jeśli ich rozmiar się zwiększa, czy jakoś tak, a na innych, że to nic złego.
A na pewno, że nic złego nie robią te winlogon i csrss, ale atieclxx jest powiązany z grafiką i o nim już nie było mowy za dużo, dlatego on najbardziej mnie zaniepokoił.
Sprawdzałem tez na innym PC i te dwa systemowe są faktycznie, ale tego ponoć odpowiadającego za grafikę (atieclxx) nie ma, a nie mogę ich zamknąć w menedżerze zadań, więc myślałem, że ktoś mi tutaj powie, czy powinienem się tym przejmować, czy nie

Loczuch · 19 Stycznia 2015

Tak jak ktos na gorze pisal, wykonaj logi FRST. Co do tego atieclxx, zainstaluj program ktory Ci polecilam pare postow wyzej

MoVinek · 20 Stycznia 2015

@Nezvik @Loczuch
FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Ja (administrator) on XXX on 20-01-2015 01:53:31
Running from C:\Users\Ja\Downloads
Loaded Profiles: Ja (Available profiles: Ja)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hi-Rez Studios) D:\Gry\Smite\HiPatchService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Electronic Arts) D:\Gry\Origin\Origin.exe
() D:\Program Files (x86)\screenSHU\screenSHU.exe
() C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) D:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Ja\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe [8947008 2014-12-18] ()
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1014736 2014-07-22] (MSI)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM-x32\...\Run: [RazerCortex] => D:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [60640 2014-12-06] (Razer Inc.)
HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\Run: [EADM] => D:\Gry\Origin\Origin.exe [3618648 2014-12-18] (Electronic Arts)
HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\Run: [screenSHU] => D:\Program Files (x86)\screenSHU\screenSHU.exe [2112000 2013-09-04] ()
HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\Run: [MK LOL] => D:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-12-18] ()
HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\Run: [MKLOL] => D:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-12-18] ()
HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [16294912 2014-12-30] ()
HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\MountPoints2: {3700ac7b-8841-11e4-920e-d8cb8a15c14c} - E:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2034425790-284581535-3037039298-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1419091409&from=smt&uid=WDCXWD20EARX-00PASB0_WD-WCAZAF80104501045
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20499&r=2015/01/10&hid=12491396538919429543&lg=EN&cc=PL&unqvl=74
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20499&r=2015/01/10&hid=12491396538919429543&lg=EN&cc=PL&unqvl=74
SearchScopes: HKU\S-1-5-21-2034425790-284581535-3037039298-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20499&r=2015/01/10&hid=12491396538919429543&lg=EN&cc=PL&unqvl=74
SearchScopes: HKU\S-1-5-21-2034425790-284581535-3037039298-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=20499&r=2015/01/10&hid=12491396538919429543&lg=EN&cc=PL&unqvl=74
BHO: youtubeadblocker -> {ee076e31-1815-4aed-84df-bb18322379fa} -> C:\Program Files (x86)\youtubeadblocker\fUnADKF0dmoF2T.x64.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2034425790-284581535-3037039298-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 81.15.210.251 81.15.210.251

FireFox:
========
FF ProfilePath: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\wufxfoef.default
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.thesearchpage.info/?pid=20499&r=2015/01/10&hid=12491396538919429543&lg=EN&cc=PL&unqvl=74&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://websearch.thesearchpage.info/?pid=20499&r=2015/01/10&hid=12491396538919429543&lg=EN&cc=PL&unqvl=74
FF Keyword.URL: hxxp://websearch.thesearchpage.info/?pid=20499&r=2015/01/10&hid=12491396538919429543&lg=EN&cc=PL&unqvl=74&l=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF user.js: detected! => C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\wufxfoef.default\user.js
FF SearchPlugin: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\wufxfoef.default\searchplugins\WebSearch.xml
FF Extension: youtubeadblocker - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\wufxfoef.default\Extensions\[email protected] [2015-01-11]
FF Extension: youtubeadblocker - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\wufxfoef.default\Extensions\[email protected] [2015-01-11]
FF Extension: uniSaaleS - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\wufxfoef.default\Extensions\[email protected] [2015-01-11]
FF Extension: YouTube mp3 - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\wufxfoef.default\Extensions\[email protected] [2014-12-22]
FF Extension: Adblock Plus - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\wufxfoef.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-22]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "https://www.google.pl/?gfe_rd=cr&ei=gC2YVMCtMu310gWt34CYBg&gws_rd=ssl"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-18]
CHR Extension: (Google Wallet) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HiPatchService; D:\Gry\Smite\HiPatchService.exe [9216 2015-01-12] (Hi-Rez Studios) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe [713568 2014-12-18] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S3 Origin Client Service; D:\Gry\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-12-17] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RzKLService; D:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-12-06] (Razer Inc.)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 ACTION_SVC; D:\Action!\action_svc.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2014-10-09] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2014-10-09] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2014-10-09] (BitDefender)
R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2014-10-09] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2014-10-09] (BitDefender LLC)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-20] (Disc Soft Ltd)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-10-09] (BitDefender LLC)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-10-09] (BitDefender S.R.L.)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R3 voxaldriver; C:\Windows\System32\DRIVERS\voxaldriverx64.sys [34512 2014-12-30] ()
S3 ALSysIO; \??\C:\Users\Ja\AppData\Local\Temp\ALSysIO64.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-20 01:53 - 2015-01-20 01:53 - 02126848 _____ (Farbar) C:\Users\Ja\Downloads\FRST64.exe
2015-01-20 01:53 - 2015-01-20 01:53 - 00018007 _____ () C:\Users\Ja\Downloads\FRST.txt
2015-01-20 01:53 - 2015-01-20 01:53 - 00000000 ____D () C:\FRST
2015-01-20 00:38 - 2015-01-20 00:38 - 00001064 _____ () C:\Users\Ja\Desktop\VirtualDJ Home FREE.lnk
2015-01-20 00:38 - 2015-01-20 00:38 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2015-01-20 00:37 - 2015-01-20 00:38 - 00000000 ____D () C:\Users\Ja\Documents\VirtualDJ
2015-01-20 00:37 - 2015-01-20 00:37 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2015-01-20 00:36 - 2015-01-20 00:36 - 38273656 _____ (Atomix Productions) C:\Users\Ja\Downloads\install_virtualdj_home_v7.4.2.exe
2015-01-18 23:10 - 2015-01-19 00:05 - 00000020 _____ () C:\Windows\capsys184523.log
2015-01-18 11:10 - 2015-01-18 11:10 - 00000000 ____D () C:\Windows\SysWOW64\DCS
2015-01-18 11:09 - 2015-01-19 19:57 - 00002848 _____ () C:\Windows\setupact.log
2015-01-18 11:09 - 2015-01-18 11:09 - 00017072 _____ () C:\Windows\PFRO.log
2015-01-18 11:09 - 2015-01-18 11:09 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-17 21:19 - 2015-01-17 21:19 - 00000000 ____D () C:\ProgramData\BitDefender
2015-01-17 20:56 - 2015-01-19 19:59 - 00002339 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-01-17 20:56 - 2015-01-17 20:56 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\LavasoftStatistics
2015-01-17 20:56 - 2015-01-17 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-01-17 20:56 - 2014-10-09 10:09 - 02084072 _____ (Bitdefender) C:\Windows\system32\bdnc.dll
2015-01-17 20:56 - 2014-10-09 10:08 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll
2015-01-17 20:56 - 2014-10-09 10:08 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll
2015-01-17 20:56 - 2014-10-09 10:08 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll
2015-01-17 20:56 - 2014-10-09 10:08 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2015-01-17 20:56 - 2014-10-09 10:08 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll
2015-01-17 20:56 - 2014-10-09 10:08 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll
2015-01-17 20:56 - 2014-10-09 10:08 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll
2015-01-17 20:49 - 2015-01-17 20:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-01-17 20:46 - 2015-01-17 20:46 - 00000000 ____D () C:\Program Files\Lavasoft
2015-01-17 20:43 - 2015-01-17 20:43 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Lavasoft
2015-01-17 20:43 - 2015-01-17 20:43 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2015-01-17 20:40 - 2015-01-17 20:40 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-01-17 20:38 - 2015-01-17 20:38 - 01924232 _____ () C:\Users\Ja\Downloads\Adaware_Installer.exe
2015-01-17 18:52 - 2015-01-17 21:19 - 00000000 ____D () C:\Users\Ja\Desktop\hz
2015-01-17 18:52 - 2015-01-17 18:52 - 01559155 _____ () C:\Users\Ja\Downloads\BotNix.HeroZero.Bot.zip
2015-01-17 12:44 - 2015-01-17 12:44 - 00000000 ____D () C:\Users\Ja\Documents\Razer
2015-01-17 12:44 - 2015-01-17 12:44 - 00000000 ____D () C:\Users\Ja\AppData\Local\Razer_Inc
2015-01-17 12:39 - 2015-01-17 12:41 - 22126232 _____ (Razer Inc. ) C:\Users\Ja\Downloads\RazerCortexSetup_5.2.22.0.exe
2015-01-17 05:45 - 2014-07-16 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-17 05:45 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-16 21:16 - 2015-01-16 21:16 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-01-16 21:16 - 2015-01-16 21:16 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2015-01-16 21:16 - 2015-01-16 21:16 - 00113543 _____ () C:\Windows\SysWOW64\slmgr.vbs
2015-01-16 21:16 - 2015-01-16 21:16 - 00002048 _____ () C:\Windows\SysWOW64\winver.exe
2015-01-16 21:16 - 2015-01-16 21:16 - 00001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2015-01-16 21:14 - 2015-01-16 21:14 - 09458428 _____ (Anemeros Software) C:\Users\Ja\Downloads\aktywator.exe
2015-01-16 21:08 - 2015-01-16 21:08 - 00097280 ____N (Microsoft Corporation) C:\bootsect.exe
2015-01-15 07:28 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:14 - 2015-01-14 17:14 - 00667707 _____ () C:\Users\Ja\Downloads\herozerobot.rar
2015-01-14 17:14 - 2013-05-04 20:22 - 00000000 ____D () C:\Users\Ja\Desktop\herozerobot
2015-01-14 07:34 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 07:34 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 07:34 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 07:34 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 07:34 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 07:34 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 07:34 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 07:34 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 07:34 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 07:34 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 07:34 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 07:34 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 07:34 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 07:34 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 15:58 - 2015-01-13 15:58 - 00002956 _____ () C:\Windows\System32\Tasks\{00D95DB9-0104-4EF4-A29C-5CC5303C1FED}
2015-01-12 15:16 - 2015-01-12 15:16 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2015-01-12 15:15 - 2015-01-12 15:15 - 00671744 _____ () C:\Users\Ja\Downloads\Detection.msi
2015-01-11 21:56 - 2015-01-16 07:23 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Spotify
2015-01-11 21:56 - 2015-01-13 07:27 - 00000000 ____D () C:\Users\Ja\AppData\Local\Spotify
2015-01-11 21:56 - 2015-01-11 21:56 - 00137888 _____ (Spotify Ltd) C:\Users\Ja\Downloads\SpotifySetup.exe
2015-01-11 21:56 - 2015-01-11 21:56 - 00001803 _____ () C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-01-11 21:42 - 2015-01-20 01:47 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-11 21:42 - 2015-01-11 21:42 - 00004036 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-11 21:42 - 2015-01-11 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-11 21:41 - 2015-01-19 21:46 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-11 21:41 - 2015-01-11 21:41 - 00880784 _____ (Google Inc.) C:\Users\Ja\Downloads\ChromeSetup.exe
2015-01-11 21:41 - 2015-01-11 21:41 - 00003784 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-11 15:51 - 2015-01-11 15:51 - 00009127 _____ () C:\Users\Ja\Downloads\gimp-2.8.14-setup-1.exe.torrent
2015-01-11 00:10 - 2015-01-11 00:10 - 00000000 __SHD () C:\Users\Ja\AppData\Local\EmieUserList
2015-01-11 00:10 - 2015-01-11 00:10 - 00000000 __SHD () C:\Users\Ja\AppData\Local\EmieSiteList
2015-01-11 00:10 - 2015-01-11 00:10 - 00000000 __SHD () C:\Users\Ja\AppData\Local\EmieBrowserModeList
2015-01-10 23:54 - 2015-01-17 20:59 - 00000000 ____D () C:\Users\Ja\Desktop\PompaMT2
2015-01-10 21:29 - 2015-01-10 21:30 - 942399540 _____ () C:\Users\Ja\Desktop\PompaMT2.rar
2015-01-10 18:37 - 2015-01-10 18:37 - 00031464 _____ () C:\Users\Ja\Downloads\free-intro-fifa-15.mp4
2015-01-10 18:27 - 2015-01-10 18:49 - 22863873 _____ () C:\Users\Ja\Downloads\free intro fifa 15.mp4
2015-01-10 18:20 - 2015-01-10 18:23 - 21667279 _____ () C:\Users\Ja\Downloads\Intro Template #2 - by xXGameLPXx.rar
2015-01-10 17:52 - 2015-01-10 17:52 - 06835096 _____ () C:\Users\Ja\Downloads\C4D_8.zip
2015-01-10 17:42 - 2015-01-10 17:43 - 05310653 _____ () C:\Users\Ja\Downloads\Sv_outro1_by_Velosofy.zip
2015-01-10 17:32 - 2015-01-12 22:18 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-10 17:21 - 2015-01-10 17:21 - 00001144 _____ () C:\Users\Ja\Desktop\dontcrack — skrót.lnk
2015-01-10 17:16 - 2015-01-10 17:16 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\MAXON
2015-01-10 17:07 - 2015-01-10 17:13 - 135961374 _____ () C:\Users\Ja\Downloads\Cinema 4D R13.rar
2015-01-10 16:59 - 2015-01-10 17:01 - 25609876 _____ () C:\Users\Ja\Downloads\Action!.rar
2015-01-10 15:12 - 2015-01-10 15:12 - 00002139 _____ () C:\Users\Ja\Desktop\Skype.lnk
2015-01-10 13:19 - 2015-01-10 14:17 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Audacity
2015-01-10 13:19 - 2015-01-10 13:19 - 00000721 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-01-10 13:19 - 2015-01-10 13:19 - 00000721 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-01-10 13:10 - 2015-01-10 13:10 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\PDAppFlex
2015-01-10 13:01 - 2015-01-10 13:01 - 00000699 _____ () C:\Users\Ja\Desktop\Fraps.lnk
2015-01-10 13:01 - 2015-01-10 13:01 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2015-01-10 12:48 - 2015-01-10 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
2015-01-10 12:48 - 2015-01-10 12:48 - 00000000 ____D () C:\Windows\SysWOW64\X86
2015-01-10 12:48 - 2015-01-10 12:48 - 00000000 ____D () C:\Windows\SysWOW64\AMD64
2015-01-10 12:47 - 2015-01-10 12:49 - 00000000 ____D () C:\ProgramData\{f89de039-43ba-3fd5-f89d-de03943b80e5}
2015-01-10 12:33 - 2015-01-10 12:49 - 00000000 ____D () C:\Program Files (x86)\EZDownloader
2015-01-10 12:33 - 2015-01-10 12:33 - 00000000 ____D () C:\Program Files (x86)\uniSaaleS
2015-01-10 12:33 - 2015-01-10 12:33 - 00000000 ____D () C:\Program Files (x86)\BB10  PlayBook App Manager
2015-01-10 12:32 - 2015-01-11 21:46 - 00000000 ____D () C:\ProgramData\mdinchegmkhmjhlcfpgeebbokbnfoilb
2015-01-10 12:23 - 2013-05-28 21:23 - 00652288 _____ () C:\Windows\system32\ficvdec_x64.dll
2015-01-10 12:23 - 2013-05-28 21:22 - 00641024 _____ () C:\Windows\SysWOW64\ficvdec_x86.dll
2015-01-10 12:22 - 2015-01-10 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2015-01-10 12:20 - 2015-01-10 12:20 - 00001352 _____ () C:\Users\Ja\Documents\AutoHotkey.ahk
2015-01-10 12:19 - 2015-01-10 12:20 - 00000462 _____ () C:\Users\Ja\Desktop\Cs.txt
2015-01-10 12:19 - 2015-01-10 12:19 - 00000000 ___RD () C:\Users\Ja\Documents\Notes
2015-01-10 11:29 - 2015-01-10 11:29 - 00003704 _____ () C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2015-01-10 11:27 - 2015-01-10 12:23 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Mirillis
2015-01-10 11:27 - 2015-01-10 12:23 - 00000000 ____D () C:\ProgramData\Mirillis
2015-01-10 11:27 - 2015-01-10 11:28 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mirillis
2015-01-10 11:24 - 2015-01-10 12:23 - 00000000 ____D () C:\Users\Ja\AppData\Local\Mirillis
2015-01-10 11:24 - 2015-01-10 11:24 - 00000000 ____D () C:\Users\Ja\Documents\Action!
2015-01-10 11:21 - 2015-01-10 11:21 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\AVG
2015-01-10 11:19 - 2015-01-10 11:24 - 00000000 ____D () C:\ProgramData\AVG
2015-01-10 11:19 - 2015-01-10 11:19 - 00000000 ____D () C:\Users\Ja\AppData\Local\Avg
2015-01-10 11:14 - 2015-01-10 13:34 - 00000000 ____D () C:\Program Files (x86)\youtubeadblocker
2015-01-10 11:14 - 2015-01-10 11:14 - 00000000 ____D () C:\ProgramData\3104648640889749720
2015-01-10 11:05 - 2015-01-10 11:05 - 00003510 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-BARTOSZAKAMOVIN-Ja
2015-01-10 11:05 - 2015-01-10 11:05 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-01-10 10:59 - 2015-01-10 11:04 - 00000000 ____D () C:\Users\Ja\Documents\Adobe
2015-01-10 10:57 - 2015-01-10 10:57 - 00001136 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2014.lnk
2015-01-10 10:41 - 2015-01-10 10:41 - 00001124 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2014.lnk
2015-01-10 10:40 - 2015-01-10 10:57 - 00000000 ____D () C:\Program Files\Adobe
2015-01-10 10:38 - 2015-01-10 10:56 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-10 09:54 - 2015-01-10 09:54 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2015-01-10 09:54 - 2015-01-10 09:54 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-01-09 23:43 - 2015-01-09 23:43 - 00000000 ___RD () C:\Users\Ja\Creative Cloud Files
2015-01-09 23:20 - 2015-01-10 10:41 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-09 23:19 - 2015-01-09 23:19 - 00001327 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-01-09 23:19 - 2015-01-09 23:19 - 00001315 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-01-09 23:17 - 2015-01-09 23:17 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-09 19:05 - 2015-01-09 19:05 - 00002039 _____ () C:\Users\Public\Desktop\Bloody5.lnk
2015-01-09 19:05 - 2015-01-09 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody
2015-01-09 18:47 - 2015-01-09 19:05 - 00000000 ____D () C:\Program Files (x86)\Bloody5
2015-01-09 17:38 - 2015-01-09 17:38 - 00000000 ____D () C:\Users\Ja\AppData\Local\HashChanger
2015-01-09 17:38 - 2014-09-12 19:26 - 00332288 _____ () C:\Users\Ja\Desktop\HashChangerv2.exe
2015-01-08 22:56 - 2015-01-10 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-01-08 22:56 - 2015-01-08 22:56 - 00001067 _____ () C:\Users\Ja\Desktop\AutoHotkey.lnk
2015-01-08 22:56 - 2015-01-08 22:56 - 00000000 ____D () C:\Program Files (x86)\AutoHotkey
2015-01-08 16:23 - 2015-01-08 16:23 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Need for Speed World
2015-01-08 15:57 - 2015-01-08 15:57 - 00000000 ____D () C:\Users\Ja\AppData\Local\Electronic_Arts_Inc
2015-01-08 15:54 - 2015-01-08 15:54 - 00000000 ____D () C:\Users\Ja\Documents\WB Games
2015-01-08 15:52 - 2015-01-08 15:52 - 00001501 _____ () C:\Users\Public\Desktop\Batman Arkham City GOTY.lnk
2015-01-08 15:52 - 2015-01-08 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rocksteady Studios
2015-01-08 15:35 - 2015-01-08 15:35 - 00000781 _____ () C:\Users\Ja\Desktop\Need For Speed World.lnk
2015-01-07 07:27 - 2015-01-13 07:27 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2015-01-07 07:27 - 2015-01-07 07:27 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT
2015-01-03 16:17 - 2015-01-03 16:17 - 00000000 ____D () C:\ProgramData\Ubisoft
2015-01-03 15:50 - 2015-01-03 15:50 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\InstallShield
2015-01-03 15:48 - 2015-01-03 15:48 - 00001158 _____ () C:\Users\Ja\Desktop\Ts3.lnk
2015-01-03 15:48 - 2015-01-03 15:48 - 00000853 _____ () C:\Users\Ja\Desktop\MK Jogo.lnk
2015-01-03 15:48 - 2015-01-03 15:48 - 00000721 _____ () C:\Users\Ja\Desktop\SHU.lnk
2015-01-03 15:47 - 2015-01-03 15:47 - 00001207 _____ () C:\Users\Ja\Desktop\DTLite.lnk
2015-01-03 15:46 - 2015-01-03 15:46 - 00000934 _____ () C:\Users\Ja\Desktop\Steam.lnk
2015-01-03 15:45 - 2015-01-03 15:45 - 00000972 _____ () C:\Users\Ja\Desktop\WoT.lnk
2015-01-03 15:45 - 2015-01-03 15:45 - 00000956 _____ () C:\Users\Ja\Desktop\Origin.lnk
2015-01-03 15:45 - 2015-01-03 15:42 - 00001250 _____ () C:\Users\Ja\Desktop\Far Cry 4.lnk
2015-01-03 15:44 - 2015-01-03 15:44 - 00001028 _____ () C:\Users\Ja\Desktop\Smite.lnk
2015-01-03 15:43 - 2015-01-03 15:43 - 00001014 _____ () C:\Users\Ja\Desktop\Minecraft.lnk
2015-01-03 15:43 - 2015-01-03 15:43 - 00000710 _____ () C:\Users\Ja\Desktop\Rito.lnk
2015-01-03 15:42 - 2015-01-03 15:42 - 00001032 _____ () C:\Users\Ja\Desktop\DC Universe.lnk
2015-01-03 15:37 - 2015-01-03 15:37 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\java
2015-01-03 02:56 - 2015-01-03 02:57 - 00000000 ____D () C:\ProgramData\Stardock
2015-01-03 00:41 - 2015-01-03 00:41 - 00000206 _____ () C:\Users\Ja\Desktop\Fallen Enchantress Legendary Heroes.url
2015-01-02 17:36 - 2015-01-02 17:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2015-01-01 21:53 - 2015-01-01 21:53 - 00000000 ____D () C:\Windows\pss
2014-12-31 01:06 - 2015-01-11 19:07 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\.minecraft
2014-12-31 01:06 - 2014-12-31 01:06 - 00000000 ____D () C:\ProgramData\Sun
2014-12-31 01:05 - 2014-12-31 01:05 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-31 01:05 - 2014-12-31 01:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-31 01:05 - 2014-12-31 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-31 01:05 - 2014-12-31 01:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-30 02:36 - 2014-12-30 02:42 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-12-30 02:36 - 2014-12-30 02:36 - 00034512 _____ () C:\Windows\system32\Drivers\voxaldriverx64.sys
2014-12-30 02:36 - 2014-12-30 02:36 - 00001181 _____ () C:\Users\Ja\AppData\Roaming\trace_FilterInstaller.txt
2014-12-30 02:36 - 2014-12-30 02:36 - 00001122 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voxal Voice Changer.lnk
2014-12-30 02:36 - 2014-12-30 02:36 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\NCH Software
2014-12-30 02:36 - 2014-12-30 02:36 - 00000000 ____D () C:\ProgramData\NCH Software
2014-12-30 02:36 - 2014-12-30 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-12-30 02:36 - 2014-12-30 02:36 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-12-30 02:36 - 2014-12-30 02:36 - 00000000 _____ () C:\Users\Ja\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-12-30 02:31 - 2014-12-30 02:31 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Avnex
2014-12-30 02:29 - 2008-12-26 12:56 - 00021504 _____ (Avnex) C:\Windows\system32\Drivers\vcsvad.sys
2014-12-29 21:18 - 2014-12-29 21:18 - 00000000 ____D () C:\Users\Ja\AppData\Local\SkypeFx
2014-12-29 01:30 - 2014-12-29 01:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2014-12-29 01:30 - 2014-12-29 01:30 - 00000000 ____D () C:\Program Files\Core Temp
2014-12-29 01:27 - 2014-12-29 01:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-12-29 01:27 - 2014-12-29 01:27 - 00000000 ____D () C:\Program Files\CPUID
2014-12-27 23:58 - 2014-12-27 23:58 - 00000016 _____ () C:\Users\Ja\Documents\xedf.txt
2014-12-26 17:54 - 2014-12-26 17:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-12-24 13:56 - 2014-12-24 13:56 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Wargaming.net
2014-12-24 13:25 - 2014-12-24 13:25 - 00000719 _____ () C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk
2014-12-24 13:25 - 2014-12-24 13:25 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-24 13:25 - 2014-12-24 13:25 - 00000000 ____D () C:\Users\Ja\AppData\Local\SCE
2014-12-24 13:06 - 2014-12-24 13:06 - 00000000 ____D () C:\Users\Ja\Documents\Ashampoo Burning Studio 2015
2014-12-24 13:02 - 2014-12-24 13:02 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Ashampoo
2014-12-24 13:01 - 2014-12-24 13:01 - 00000000 ____D () C:\Users\Ja\AppData\Local\ashampoo
2014-12-24 13:01 - 2014-12-24 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-12-24 13:00 - 2014-12-24 13:01 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-12-23 23:54 - 2014-12-23 23:54 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\TP-LINK
2014-12-23 23:54 - 2014-12-23 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2014-12-23 23:50 - 2014-12-23 23:50 - 00003178 _____ () C:\Windows\System32\Tasks\{A9658881-AD86-4DD7-855A-77D8F456DC87}
2014-12-23 19:21 - 2014-12-23 19:21 - 00000000 ____D () C:\ProgramData\Atheros
2014-12-23 19:16 - 2014-12-23 23:53 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-12-23 19:16 - 2012-11-06 10:47 - 02755584 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2014-12-23 19:16 - 2012-11-06 10:47 - 02755584 _____ (Atheros Communications, Inc.) C:\Windows\system32\athrx.sys
2014-12-23 19:16 - 2012-11-06 10:47 - 00007528 _____ () C:\Windows\system32\athrextx.cat
2014-12-23 18:22 - 2014-12-24 14:39 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-12-23 18:22 - 2014-12-24 14:39 - 00001908 _____ () C:\Windows\diagerr.xml
2014-12-23 17:56 - 2014-12-23 17:58 - 00000000 ____D () C:\Users\Ja\Desktop\Windows.7.SP1.VL.IE11.PL.x86.Kwiecien.2014-NiKKA
2014-12-23 13:42 - 2014-11-17 22:37 - 00129600 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2014-12-23 13:41 - 2014-12-09 23:21 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2014-12-23 13:40 - 2014-12-23 13:40 - 00000000 ____D () C:\ProgramData\RzMaelstromVAD_1.1.58.1854
2014-12-23 13:38 - 2015-01-17 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-12-23 13:15 - 2013-05-10 15:37 - 00000000 ____D () C:\realtek_hd_all_mb
2014-12-22 17:16 - 2015-01-20 01:16 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-22 17:16 - 2015-01-19 02:00 - 00000000 ____D () C:\Users\Ja\AppData\Local\Adobe
2014-12-22 17:16 - 2015-01-14 17:16 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-22 17:16 - 2015-01-14 17:16 - 00003868 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-22 17:16 - 2014-12-22 17:16 - 00000000 ____D () C:\Windows\system32\Macromed
2014-12-22 17:16 - 2014-12-22 17:16 - 00000000 ____D () C:\Users\Ja\AppData\Local\Macromedia
2014-12-22 16:44 - 2014-12-23 13:47 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-22 16:44 - 2014-12-22 16:45 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Mozilla
2014-12-22 16:44 - 2014-12-22 16:45 - 00000000 ____D () C:\Users\Ja\AppData\Local\Mozilla
2014-12-22 16:44 - 2014-12-22 16:44 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-22 16:44 - 2014-12-22 16:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-22 16:44 - 2014-12-22 16:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-22 16:31 - 2014-12-22 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
2014-12-22 15:49 - 2015-01-01 20:28 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Rainmeter
2014-12-22 15:49 - 2014-12-22 15:49 - 00000000 ____D () C:\Users\Ja\Documents\Rainmeter
2014-12-22 00:43 - 2014-12-28 00:55 - 00000000 ____D () C:\Users\Ja\Documents\Euro Truck Simulator 2
2014-12-21 14:13 - 2015-01-14 17:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-21 14:13 - 2014-12-21 14:13 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-12-21 01:26 - 2014-12-21 01:26 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Awesomium
2014-12-21 01:25 - 2014-12-21 01:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-12-21 01:25 - 2014-12-21 01:25 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-20 01:39 - 2014-12-17 19:59 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Skype
2015-01-20 01:38 - 2014-12-18 18:02 - 00000000 ____D () C:\Users\Ja\AppData\Local\screenSHU
2015-01-20 01:31 - 2009-07-14 05:45 - 00026096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-20 01:31 - 2009-07-14 05:45 - 00026096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-19 20:02 - 2014-12-17 17:44 - 01995395 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 20:01 - 2014-12-17 17:59 - 00065477 _____ () C:\Windows\SysWOW64\Gms.log
2015-01-19 20:00 - 2014-12-17 16:05 - 00000000 ____D () C:\ProgramData\Origin
2015-01-19 19:57 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-19 14:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-18 11:09 - 2014-12-17 12:16 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-18 11:09 - 2014-12-17 12:15 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-18 11:09 - 2014-12-17 12:08 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-17 22:31 - 2014-12-20 17:03 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-17 21:15 - 2014-12-19 17:36 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\uTorrent
2015-01-17 20:39 - 2014-12-17 12:16 - 00000000 ___HD () C:\$AVG
2015-01-17 12:43 - 2014-12-19 12:42 - 00000000 ____D () C:\Users\Ja\AppData\Local\Razer
2015-01-17 12:43 - 2014-12-19 12:41 - 00000000 ____D () C:\ProgramData\Razer
2015-01-16 21:02 - 2014-12-17 17:59 - 00058008 _____ () C:\Users\Ja\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-16 21:02 - 2009-07-14 05:45 - 04933592 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 22:40 - 2014-12-20 17:02 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\DAEMON Tools Lite
2015-01-14 07:44 - 2014-12-17 13:32 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 07:41 - 2014-12-17 13:32 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-11 21:42 - 2014-12-17 17:58 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-11 21:41 - 2014-12-19 17:36 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Opera Software
2015-01-11 21:41 - 2014-12-19 17:36 - 00000000 ____D () C:\Users\Ja\AppData\Local\Opera Software
2015-01-11 21:41 - 2014-12-19 17:35 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-10 18:02 - 2014-12-17 18:02 - 00000000 ____D () C:\Windows\System32\Tasks\Intel(R) Small Business Advantage
2015-01-10 11:36 - 2014-12-18 17:56 - 00002764 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-01-10 11:29 - 2014-12-20 03:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
2015-01-10 11:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-10 11:04 - 2014-12-17 15:01 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Adobe
2015-01-10 10:39 - 2014-12-17 17:52 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-09 23:43 - 2014-12-17 17:44 - 00000000 ____D () C:\Users\Ja
2015-01-08 22:56 - 2011-04-12 14:32 - 00000000 ____D () C:\Windows\ShellNew
2015-01-08 15:35 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-03 15:51 - 2014-12-17 17:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-03 02:57 - 2014-12-20 17:27 - 00000000 ____D () C:\Users\Ja\Documents\My Games
2014-12-30 02:31 - 2014-12-17 17:44 - 00000000 ____D () C:\Users\Ja\AppData\Local\VirtualStore
2014-12-28 14:07 - 2014-12-17 16:06 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\Origin
2014-12-23 17:57 - 2011-04-12 14:21 - 00740098 _____ () C:\Windows\system32\perfh015.dat
2014-12-23 17:57 - 2011-04-12 14:21 - 00155672 _____ () C:\Windows\system32\perfc015.dat
2014-12-23 17:57 - 2009-07-14 06:13 - 01669190 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-23 13:52 - 2014-12-20 17:03 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-12-23 13:48 - 2014-12-17 17:58 - 00000000 ____D () C:\ProgramData\Creative
2014-12-23 13:48 - 2014-12-17 17:57 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-12-23 13:47 - 2014-12-20 17:03 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\mystartsearch
2014-12-23 13:47 - 2014-12-17 17:45 - 00001421 _____ () C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-23 13:45 - 2014-12-19 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-12-23 13:41 - 2014-12-19 12:41 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-12-23 13:33 - 2014-12-17 17:58 - 00000000 ____D () C:\Program Files\Google
2014-12-23 13:30 - 2014-12-17 17:53 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-12-23 13:28 - 2014-12-17 17:58 - 00000000 ____D () C:\Users\Ja\AppData\Local\Google
2014-12-23 13:28 - 2014-12-17 17:58 - 00000000 ____D () C:\ProgramData\Google
2014-12-22 15:28 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-21 14:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-21 13:46 - 2014-12-19 15:42 - 00000000 ____D () C:\Users\Ja\Documents\FIFA 15

==================== Files in the root of some directories =======
2014-12-30 02:36 - 2014-12-30 02:36 - 0001181 _____ () C:\Users\Ja\AppData\Roaming\trace_FilterInstaller.txt
2014-12-30 02:36 - 2014-12-30 02:36 - 0000000 _____ () C:\Users\Ja\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 10:49

==================== End Of Log ============================

Loczuch · 20 Stycznia 2015

Easy, wg mnie jest okej

MoVinek · 20 Stycznia 2015

Po sprawdzałem sobie, potem te logi jeszcze i wydaje mi się, tak jak mówisz, że będzie ok. Te nagłe skoki mogły być spowodowane włączeniem jakiegoś programu w tle bez mojej wiedzy, czy coś w tym stylu, a do niczego złego nie dochodziło. Tak czy siak, dzięki.

Nezvik · 20 Stycznia 2015

@MoVinek
Większej infekcji nie widać, ale jest trochę adaware i podejrzanych folderów w ProgramData. Dodatkowo firefox został zainfekowany kodem js:

FF user.js: detected!

Usuwanie przeprowadzę jutro lub w czwartek, bo jestem chory i nie mam do tego głowy. W tym czasie dostarcz log Addition, który powinien zostać stworzony przy wykonywaniu logów. Jeśli się nie stworzył to przejdź do poradnika i sprawdź jakie opcje powinieneś mieć zaznaczone.

Dodatkowo odniosę się do tego co napisał @Lavertis
COMBOFIX NIE JEST SKANEREM ANTYWIRUSOWYM I NIE UŻYWA SIĘ GO NA WŁASNĄ RĘKĘ

MoVinek · 21 Stycznia 2015

@Nezvik

Coś tam widziałem z tym firefox'em, ale nie przejmowałem się tym za bardzo, to może być coś z jakąś wtyczką czy coś?
Pobrałem na FF raz s**t nie chcący, ale wydawało mi się, że go wywaliłem, a teraz i tak na chrome siedzę, więc nie zauważyłem nic :/

Był Addition, już wrzucam : )

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Ja at 2015-01-20 01:54:04
Running from C:\Users\Ja\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\uTorrent) (Version: 3.4.2.37248 - BitTorrent Inc.)
Ad-Aware Antivirus (HKLM\...\{A5C0392D-46A7-4CB3-800B-5794909453BD}_AdAwareUpdater) (Version: 11.5.202.7299 - Lavasoft)
AdAwareInstaller (Version: 11.5.202.7299 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.5.202.7299 - Lavasoft) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{FD8FD2BD-A82D-C528-EDA0-A6635F47C19C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AvcEngine (Version: 3.10.7820.0 - Lavasoft) Hidden
Batman Arkham City - Game of the Year Edition (HKLM-x32\...\Batman Arkham City - Game of the Year Edition_is1) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 14.12.0020 - Bloody)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DC Universe Online (HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version:  - Stardock Entertainment)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version:  - )
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.51.8439 - Intel(R) Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.2.22.0 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2531.0 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{21C695A7-B3A2-4DAC-9F90-BA1ED571F0AB}) (Version: 2.2.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
TP-LINK TL-WN781ND Driver (HKLM-x32\...\{87C7B472-9BC2-43C8-9F03-86D2908E1A51}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.8 - MSI)
VirtualDJ Home FREE (HKLM-x32\...\{EE9E75F0-1FB8-440A-A34A-058F7456E113}) (Version: 7.4.2 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.11 - NCH Software)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-2034425790-284581535-3037039298-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

17-01-2015 08:59:56 Windows Update
17-01-2015 20:38:12 Removed AVG 2015
17-01-2015 20:39:56 Removed AVG 2015
17-01-2015 20:40:46 AA11
20-01-2015 00:37:43 Installed VirtualDJ Home FREE

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-16 21:16 - 00000921 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {071F08F0-B0E5-450A-9997-A4684469FF9D} - System32\Tasks\AdobeAAMUpdater-1.0-BARTOSZAKAMOVIN-Ja => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {10E4DA32-0FBB-4D4C-9A25-F60BD8AADDCE} - System32\Tasks\CCleanerSkipUAC => D:\Program Files (x86)\CCleaner64.exe [2014-12-12] (Piriform Ltd)
Task: {432F1B09-1BA9-4996-8FE6-DB89E99F4567} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11] (Google Inc.)
Task: {44FCDC5D-765A-49BF-ADE4-949FD3509617} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {621BF1FE-70C2-40BA-9196-FF40531DB6D4} - System32\Tasks\{00D95DB9-0104-4EF4-A29C-5CC5303C1FED} => C:\Users\Ja\Desktop\PompaMT2\PompaMT2.exe [2015-01-17] (PompaMT2)
Task: {6575C6E9-8CCE-4745-8360-A7C3F31E5060} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {A03E6DDD-D493-4DD7-94F3-CC8A4A79CD1B} - System32\Tasks\{A9658881-AD86-4DD7-855A-77D8F456DC87} => pcalua.exe -a "C:\Users\Ja\Desktop\Nowy folder (2)\Setup.exe" -d "C:\Users\Ja\Desktop\Nowy folder (2)"
Task: {C1110931-A823-49C9-B528-A76E3DF600D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 08947008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe
2014-12-18 15:21 - 2014-12-18 15:21 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\RCF.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00125792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_filesystem-vc100-mt-1_57.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_system-vc100-mt-1_57.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_date_time-vc100-mt-1_57.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00107352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_thread-vc100-mt-1_57.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_chrono-vc100-mt-1_57.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_locale-vc100-mt-1_57.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 02130752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\HtmlFramework.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\DllStorage.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTrayDefaultSkin.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\Localization.dll
2013-09-04 18:21 - 2013-09-04 18:21 - 02112000 _____ () D:\Program Files (x86)\screenSHU\screenSHU.exe
2015-01-09 18:59 - 2014-12-30 11:28 - 16294912 _____ () C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
2014-04-17 11:02 - 2014-04-17 11:02 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-12-18 15:09 - 2014-12-18 15:09 - 00713568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe
2014-12-18 15:21 - 2014-12-18 15:21 - 12716368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareServiceKernel.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00786264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_regex-vc100-mt-1_57.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00736584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareActivation.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00474968 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareApplicationUpdater.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00812360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareGamingMode.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00099136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareReset.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00119616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTime.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00957784 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareDefinitionsUpdater.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00867688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareDefinitionsUpdaterScheduler.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01107272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareIgnoreList.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00248648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareQuarantine.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01009496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiMalwareEngine.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiRootkitEngine.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01171280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareScannerHistory.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01295680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareScanner.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_timer-vc100-mt-1_57.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00975704 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareScannerScheduler.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01091416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareRealTimeProtection.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareIncompatibles.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00894280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiSpam.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00849232 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiPhishing.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareParentalControl.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 02953040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareWebProtection.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01251664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareEmailProtection.dll
2014-12-18 15:22 - 2014-12-18 15:22 - 00053600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_iostreams-vc100-mt-1_57.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01289048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareNetworkProtection.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00968000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwarePromo.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00360776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareFeedback.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 02785112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareThreatWorkAlliance.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01228608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwarePinCode.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00968000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareNotice.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAvcEngine.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 01177960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareRealTimeProtectionHistory.dll
2014-12-18 15:21 - 2014-12-18 15:21 - 00152896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\SecurityCenter.dll
2015-01-17 20:56 - 2014-10-09 10:08 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2015-01-17 21:19 - 2015-01-17 21:19 - 00766976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpbr.mdl
2015-01-17 21:19 - 2015-01-17 21:19 - 00556032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpdsp.mdl
2015-01-17 21:19 - 2015-01-17 21:19 - 02575360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpph.mdl
2015-01-17 21:19 - 2015-01-17 21:19 - 01306112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttprbl.mdl
2014-12-17 19:14 - 2014-12-17 19:14 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-12-19 04:22 - 2014-12-19 04:22 - 00290816 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2013-12-06 15:53 - 2013-12-06 15:53 - 00090112 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraPlk.dll
2014-12-17 16:10 - 2014-12-18 07:17 - 01007104 _____ () D:\Gry\Origin\platforms\qwindows.dll
2014-12-17 16:10 - 2014-12-18 07:17 - 00023552 _____ () D:\Gry\Origin\imageformats\qgif.dll
2014-12-17 16:10 - 2014-12-18 07:17 - 00024576 _____ () D:\Gry\Origin\imageformats\qico.dll
2014-12-17 16:10 - 2014-12-18 07:17 - 00216576 _____ () D:\Gry\Origin\imageformats\qjpeg.dll
2014-12-17 16:10 - 2014-12-18 07:17 - 00261120 _____ () D:\Gry\Origin\imageformats\qmng.dll
2014-12-17 16:10 - 2014-12-18 07:17 - 00019456 _____ () D:\Gry\Origin\imageformats\qtga.dll
2014-12-17 16:10 - 2014-12-18 07:17 - 00337408 _____ () D:\Gry\Origin\imageformats\qtiff.dll
2014-12-17 16:10 - 2014-12-18 07:17 - 00018944 _____ () D:\Gry\Origin\imageformats\qwbmp.dll
2014-12-17 16:10 - 2014-12-18 07:17 - 00060928 _____ () D:\Gry\Origin\audio\qtaudio_windows.dll
2011-06-08 08:32 - 2011-06-08 08:32 - 00011362 _____ () D:\Program Files (x86)\screenSHU\mingwm10.dll
2011-06-08 08:32 - 2011-06-08 08:32 - 00043008 _____ () D:\Program Files (x86)\screenSHU\libgcc_s_dw2-1.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2015-01-09 19:05 - 2013-04-03 18:29 - 00085504 _____ () C:\Program Files (x86)\Bloody5\Bloody5\DLL\DLL_ZoomControl.dll
2015-01-09 19:05 - 2014-01-10 17:48 - 04260352 _____ () C:\Program Files (x86)\Bloody5\Bloody5\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2014-12-23 13:42 - 2014-11-26 03:12 - 40622592 _____ () C:\Users\Ja\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-12-19 04:22 - 2014-12-19 04:22 - 00192512 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll
2014-12-23 13:42 - 2014-11-26 03:12 - 00911360 _____ () C:\Users\Ja\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2014-12-23 13:42 - 2014-11-26 03:12 - 00134144 _____ () C:\Users\Ja\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2015-01-17 15:53 - 2015-01-09 01:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-17 15:53 - 2015-01-09 01:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-17 15:53 - 2015-01-09 01:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-17 15:53 - 2015-01-09 01:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2014-04-03 16:48 - 2014-04-03 16:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-17 15:53 - 2015-01-09 01:35 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "D:\Program Files (x86)\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Grid => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: RocketDock => "D:\Program Files (x86)\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sound Blaster Cinema => "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
MSCONFIG\startupreg: Spotify => "C:\Users\Ja\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Ja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Ja\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

========================= Accounts: ==========================

Administrator (S-1-5-21-2034425790-284581535-3037039298-500 - Administrator - Disabled)
Gość (S-1-5-21-2034425790-284581535-3037039298-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2034425790-284581535-3037039298-1002 - Limited - Enabled)
Ja (S-1-5-21-2034425790-284581535-3037039298-1000 - Administrator - Enabled) => C:\Users\Ja

==================== Faulty Device Manager Devices =============

Name: Kontroler sieci
Description: Kontroler sieci
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2015 07:59:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2015 07:57:20 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (01/19/2015 07:57:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 
0x800401F9

Error: (01/19/2015 02:29:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2” w wierszu C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/19/2015 00:07:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2015 00:06:22 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (01/19/2015 00:06:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 
0x800401F9

Error: (01/18/2015 09:59:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 09:57:40 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (01/18/2015 09:57:40 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 
0x800401F9


System errors:
=============
Error: (01/17/2015 10:31:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa WindowsMangerProtect Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (01/15/2015 07:23:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Razer Game Scanner z powodu następującego błędu: 
%%1053

Error: (01/15/2015 07:23:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Razer Game Scanner.

Error: (01/10/2015 06:07:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Intel(R) Small Business Advantage niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (01/10/2015 01:40:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/09/2015 07:19:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Razer Game Scanner z powodu następującego błędu: 
%%1053

Error: (01/09/2015 07:19:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Razer Game Scanner.

Error: (01/09/2015 11:18:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Razer Game Scanner z powodu następującego błędu: 
%%1053

Error: (01/09/2015 11:18:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Razer Game Scanner.

Error: (01/03/2015 09:35:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Razer Game Scanner z powodu następującego błędu: 
%%1053


Microsoft Office Sessions:
=========================
Error: (01/19/2015 07:59:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2015 07:57:20 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (01/19/2015 07:57:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (01/19/2015 02:29:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe

Error: (01/19/2015 00:07:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2015 00:06:22 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (01/19/2015 00:06:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (01/18/2015 09:59:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2015 09:57:40 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (01/18/2015 09:57:40 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9


CodeIntegrity Errors:
===================================
  Date: 2015-01-19 19:57:19.455
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-19 12:06:18.681
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-18 21:57:39.792
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-18 11:09:37.932
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-17 16:28:44.642
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-17 10:18:26.777
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-17 05:37:51.907
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-16 21:18:00.217
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Kątem oka coś tam widzę, że się nawaliło, ale nie jestem pewien, bo teraz się trochę śpieszę, więc na szybko to wrzucam, jeśli tylko będziesz miał czas, to po proszę o jakieś sugestie, czy coś z tym robić

@Edit
wy*ebałem tego Assasina : )

Zaloguj się

👋 Witaj na MPCForum!

atieclxx.exe etc..

Rekomendowane odpowiedzi

MoVinek

MoVinek

Gość

Gość

Loczuch

Loczuch

Nezvik

Nezvik

Gość

Gość

MoVinek

MoVinek

Loczuch

Loczuch

MoVinek

MoVinek

Loczuch

Loczuch

MoVinek

MoVinek

Nezvik

Nezvik

MoVinek

MoVinek

Zarchiwizowany