Wyskakujące reklamy Mozilla Firefox

Tekson · 3 Kwietnia 2015

Witam. Mam problem z ciągle wyskakującymi reklamami w przegląrce Mozilla Firefox. Te reklamy pochodzą od Online Advertising Support. Co prawda, kiedy zrobię przywracanie systemu do dnia 31.03 wszystko znika, ale po paru godzinach znów te reklamy wracają i muszę robić przywracanie od nowa. W innych przeglądarkach sprawdzałem i wszystko działa normalnie...

Resetowałem już Firefoxa, usunąłem wszystkie dodatki, pousowałem wszystkie programy, które ostatnio instalowałem. Te podejrzane programy też usunąłem i nic... Ciągle te wyskakujące okna z reklamami, które strasznie utrudniają korzystanie z Firefoxa i przeglądarka strasznie mi od nich muli.

Jest ktoś kto mógłby mi pomóc?

Dodaję jeszcze skan z OTL

OTL logfile created on: Pt-2015-04-03 20:07:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Damian\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: ddd-yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 48,79% Memory free
4,00 Gb Paging File | 2,71 Gb Available in Paging File | 67,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,66 Gb Total Space | 54,69 Gb Free Space | 56,00% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 130,27 Gb Free Space | 65,00% Space Free | Partition Type: NTFS

Computer Name: DAMIAN-KOMPUTER | User Name: Damian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015-04-03 19:59:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Damian\Downloads\OTL.exe
PRC - [2015-03-27 07:00:03 | 000,376,944 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2015-02-06 16:51:59 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
PRC - [2014-12-13 09:30:19 | 000,971,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2014-07-21 18:08:28 | 001,905,488 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2014-07-18 14:13:22 | 000,009,216 | ---- | M] (Hi-Rez Studios) -- D:\Program Files\Hi-Rez Studios\HiPatchService.exe
PRC - [2014-07-16 10:53:38 | 000,375,056 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
PRC - [2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-07-14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe

========== Modules (No Company Name) ==========

MOD - [2007-09-02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
MOD - [2007-09-02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /medsvc -- (globalUpdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /svc -- (globalUpdate)
SRV - [2015-03-27 07:00:16 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015-03-24 06:22:24 | 000,836,288 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015-01-02 20:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014-11-22 08:57:16 | 000,088,400 | ---- | M] (Perfect World Entertainment Inc) [On_Demand | Stopped] -- D:\Program Files\RaiderZ\Arc\ArcService.exe -- (ArcService)
SRV - [2014-07-21 18:08:28 | 001,905,488 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014-07-18 14:13:22 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- D:\Program Files\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2014-07-16 10:53:38 | 000,375,056 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- system32\drivers\wpnfd_1_10_0_6.sys -- (wpnfd_1_10_0_6)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2015-01-30 12:44:32 | 000,043,192 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\{743e5ec0-5922-485f-b9a2-ad3da2380d62}w.sys -- ({743e5ec0-5922-485f-b9a2-ad3da2380d62}w)
DRV - [2015-01-15 14:51:46 | 008,536,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2015-01-15 14:50:52 | 000,161,424 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2015-01-08 18:31:50 | 000,023,840 | ---- | M] (REALiX) [Kernel | System | Running] -- C:\Windows\System32\drivers\HWiNFO32.SYS -- (HWiNFO32)
DRV - [2014-11-20 18:38:06 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014-07-19 03:27:35 | 000,296,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1422682954&from=sien&uid=395049983_397234_A43DB8E7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1422682954&from=sien&uid=395049983_397234_A43DB8E7&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1422682954&from=sien&uid=395049983_397234_A43DB8E7&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1422682954&from=sien&uid=395049983_397234_A43DB8E7
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?type=ds&ts=1422682954&from=sien&uid=395049983_397234_A43DB8E7&q={searchTerms}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.wonderfulsearches.info/?l=1&q={searchTerms}&pid=1539&r=2014/07/26&hid=1156995406958126068&lg=EN&cc=PL&unqvl=60

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1422682954&from=sien&uid=395049983_397234_A43DB8E7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1422682954&from=sien&uid=395049983_397234_A43DB8E7
IE - HKCU\..\SearchScopes,DefaultScope = {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=sien&utm_campaign=install_ie&utm_content=ds&from=sien&uid=395049983_397234_A43DB8E7&ts=1422683070&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=sien&utm_campaign=install_ie&utm_content=ds&from=sien&uid=395049983_397234_A43DB8E7&ts=1422683070&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=sien&utm_campaign=install_ie&utm_content=ds&from=sien&uid=395049983_397234_A43DB8E7&ts=1422683070&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=sien&utm_campaign=install_ie&utm_content=ds&from=sien&uid=395049983_397234_A43DB8E7&ts=1422683070&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: "URL" = http://www.mystartsearch.com/web/?utm_source=b&utm_medium=sien&utm_campaign=install_ie&utm_content=ds&from=sien&uid=395049983_397234_A43DB8E7&ts=1422683070&type=default&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "PL"
FF - prefs.js..browser.search.region: "PL"
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin: D:\Program Files\RaiderZ\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2015-04-03 19:50:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Damian\AppData\Roaming\mozilla\Extensions
[2015-04-03 19:50:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015-04-03 19:50:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - Extension: No name found = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhdjbfjheoohmhpakglckehdcgfffbl\18968.94.7_0\
CHR - Extension: No name found = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpkonlbialedjgeegikdallckpnliboc\12264.76.1_0\
CHR - Extension: No name found = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdklionolegofhffnhoagpmlailnnni\10305.24.5_0\
CHR - Extension: No name found = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\idggmlekajlpkppfjdadikipagekmfdn\11100.96.0_0\
CHR - Extension: No name found = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhekfgkiebcdiemikbpipliohcokogk\16946.9051.345_0\
CHR - Extension: No name found = C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014-07-23 16:07:02 | 000,000,921 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 genuine.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 sls.microsoft.com
O2 - BHO: (Adblocker) - {3C9F2E9F-338C-0FD2-3919-840C4BDFDCB5} - C:\Program Files\Adblocker\PkJKMO.dll File not found
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ArcPluginIEBHO Class) - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - D:\Program Files\RaiderZ\Arc\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {b608cc98-54de-4775-96c9-097de398500c} - No CLSID value found.
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [bCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mbot_pl_175] File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [spotify] C:\Users\Damian\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [spotify Web Helper] C:\Users\Damian\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73452AB7-21E4-4AE2-8979-BEDF145449DF}: DhcpNameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{67c536d4-70ca-11e4-bc64-001fd0b43554}\Shell - "" = AutoRun
O33 - MountPoints2\{67c536d4-70ca-11e4-bc64-001fd0b43554}\Shell\AutoRun\command - "" = J:\Autorun.exe
O33 - MountPoints2\{8748b348-3f11-11e4-a7c5-001fd0b43554}\Shell - "" = AutoRun
O33 - MountPoints2\{8748b348-3f11-11e4-a7c5-001fd0b43554}\Shell\AutoRun\command - "" = J:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015-04-03 20:01:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2015-04-03 19:50:20 | 000,000,000 | ---D | C] -- C:\Users\Damian\AppData\Roaming\Mozilla
[2015-04-03 19:50:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2015-04-02 19:28:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015-03-22 16:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015-03-21 16:11:32 | 000,000,000 | ---D | C] -- C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Korner 5
[2015-03-21 16:10:57 | 000,000,000 | ---D | C] -- C:\Users\Damian\AppData\Roaming\Korner 5
[2015-03-11 20:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
[2015-03-11 20:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign
[2015-03-11 20:35:15 | 001,332,224 | ---- | C] (AD © 2009) -- C:\Windows\System32\SYNSOEMU.DLL

========== Files - Modified Within 30 Days ==========

[2015-04-03 20:07:00 | 000,001,310 | ---- | M] () -- C:\Windows\tasks\disco_games_notification_service.job
[2015-04-03 20:06:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015-04-03 20:04:32 | 000,001,817 | ---- | M] () -- C:\Users\Damian\Desktop\Spotify.lnk
[2015-04-03 20:04:05 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\aOYh8RxJ4GF2cDn7vb6.job
[2015-04-03 20:04:05 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\0xCXfHG9B1yD.job
[2015-04-03 20:03:41 | 000,004,796 | ---- | M] () -- C:\Windows\tasks\d3e51b3f-c522-4385-aa6f-19b2774fa609-11.job
[2015-04-03 20:03:41 | 000,003,770 | ---- | M] () -- C:\Windows\tasks\d3e51b3f-c522-4385-aa6f-19b2774fa609-7.job
[2015-04-03 20:03:41 | 000,003,052 | ---- | M] () -- C:\Windows\tasks\d3e51b3f-c522-4385-aa6f-19b2774fa609-1.job
[2015-04-03 20:03:41 | 000,002,402 | ---- | M] () -- C:\Windows\tasks\d3e51b3f-c522-4385-aa6f-19b2774fa609-5.job
[2015-04-03 20:03:41 | 000,002,066 | ---- | M] () -- C:\Windows\tasks\d3e51b3f-c522-4385-aa6f-19b2774fa609-2.job
[2015-04-03 20:03:41 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2015-04-03 20:03:41 | 000,000,672 | ---- | M] () -- C:\Windows\tasks\disco_games_updating_service.job
[2015-04-03 20:03:40 | 000,005,474 | ---- | M] () -- C:\Windows\tasks\33df6f68-f96c-460c-a75a-596495b19470-6.job
[2015-04-03 20:03:40 | 000,005,138 | ---- | M] () -- C:\Windows\tasks\33df6f68-f96c-460c-a75a-596495b19470-7.job
[2015-04-03 20:03:40 | 000,004,796 | ---- | M] () -- C:\Windows\tasks\33df6f68-f96c-460c-a75a-596495b19470-11.job
[2015-04-03 20:03:40 | 000,004,114 | ---- | M] () -- C:\Windows\tasks\d3e51b3f-c522-4385-aa6f-19b2774fa609-6.job
[2015-04-03 20:03:40 | 000,004,114 | ---- | M] () -- C:\Windows\tasks\d3e51b3f-c522-4385-aa6f-19b2774fa609-4.job
[2015-04-03 20:03:40 | 000,004,114 | ---- | M] () -- C:\Windows\tasks\33df6f68-f96c-460c-a75a-596495b19470-4.job
[2015-04-03 20:03:40 | 000,003,430 | ---- | M] () -- C:\Windows\tasks\33df6f68-f96c-460c-a75a-596495b19470-1-7.job
[2015-04-03 20:03:40 | 000,003,094 | ---- | M] () -- C:\Windows\tasks\33df6f68-f96c-460c-a75a-596495b19470-1-6.job
[2015-04-03 20:03:40 | 000,002,402 | ---- | M] () -- C:\Windows\tasks\d3e51b3f-c522-4385-aa6f-19b2774fa609-5_user.job
[2015-04-03 20:03:40 | 000,002,402 | ---- | M] () -- C:\Windows\tasks\33df6f68-f96c-460c-a75a-596495b19470-5_user.job
[2015-04-03 20:03:40 | 000,002,402 | ---- | M] () -- C:\Windows\tasks\33df6f68-f96c-460c-a75a-596495b19470-5.job
[2015-04-03 20:03:40 | 000,002,068 | ---- | M] () -- C:\Windows\tasks\33df6f68-f96c-460c-a75a-596495b19470-10_user.job
[2015-04-03 20:03:40 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015-04-03 20:03:40 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\SW_Booster-S-608891039.job
[2015-04-03 20:03:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015-04-03 20:03:26 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2015-04-03 19:50:15 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015-04-03 19:49:01 | 000,243,544 | ---- | M] () -- C:\Users\Damian\Desktop\Firefox Setup Stub 37.0.exe
[2015-04-03 19:35:35 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015-04-03 19:35:35 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015-04-03 19:30:00 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\Price Fountain.job
[2015-04-03 19:07:15 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2015-04-03 15:49:34 | 001,224,704 | ---- | M] () -- C:\Users\Damian\AppData\Roaming\aOYh8RxJ4GF2cDn7vb6.exe
[2015-04-03 15:49:12 | 001,577,472 | ---- | M] () -- C:\Users\Damian\AppData\Roaming\0xCXfHG9B1yD.exe
[2015-04-03 13:37:55 | 000,738,468 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2015-04-03 13:37:55 | 000,652,488 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015-04-03 13:37:55 | 000,154,578 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2015-04-03 13:37:55 | 000,120,890 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015-04-03 13:26:19 | 000,000,648 | ---- | M] () -- C:\Windows\tasks\dress4u_updating_service.job
[2015-03-31 10:14:36 | 000,004,387 | ---- | M] () -- C:\Users\Damian\AppData\Roaming\MT2kDzWeEDBuwPfnUxijR5
[2015-03-31 10:14:36 | 000,004,387 | ---- | M] () -- C:\Users\Damian\AppData\Roaming\aOYh8RxJ4GF2cDn7vb6
[2015-03-31 10:14:20 | 000,005,655 | ---- | M] () -- C:\Users\Damian\AppData\Roaming\J7u9MeKsQNZCNWj8SICoqOff
[2015-03-31 10:14:20 | 000,005,655 | ---- | M] () -- C:\Users\Damian\AppData\Roaming\0xCXfHG9B1yD
[2015-03-30 01:18:14 | 000,126,630 | ---- | M] () -- C:\Users\Damian\Desktop\bookmarks-2015-03-30_650_Nk2SlS7MEUmJ-Erqr4WnKA==.jsonlz4
[2015-03-28 02:26:06 | 000,054,335 | ---- | M] () -- C:\Users\Damian\AppData\Local\recently-used.xbel
[2015-03-23 21:22:17 | 041,123,884 | ---- | M] () -- C:\Users\Damian\Desktop\test3.wav
[2015-03-21 16:12:46 | 000,001,096 | ---- | M] () -- C:\Users\Damian\Desktop\Korner 5 Website.lnk
[2015-03-05 22:16:25 | 179,045,192 | ---- | M] () -- C:\Windows\MEMORY.DMP

========== Files Created - No Company Name ==========

[2015-04-03 19:50:15 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015-04-03 19:50:15 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015-04-03 19:49:01 | 000,243,544 | ---- | C] () -- C:\Users\Damian\Desktop\Firefox Setup Stub 37.0.exe
[2015-04-03 19:47:32 | 000,126,630 | ---- | C] () -- C:\Users\Damian\Desktop\bookmarks-2015-03-30_650_Nk2SlS7MEUmJ-Erqr4WnKA==.jsonlz4
[2015-04-03 19:07:33 | 000,001,014 | ---- | C] () -- C:\Windows\tasks\aOYh8RxJ4GF2cDn7vb6.job
[2015-04-03 19:07:29 | 000,001,000 | ---- | C] () -- C:\Windows\tasks\0xCXfHG9B1yD.job
[2015-04-03 19:07:25 | 000,000,672 | ---- | C] () -- C:\Windows\tasks\disco_games_updating_service.job
[2015-04-03 19:07:24 | 000,001,310 | ---- | C] () -- C:\Windows\tasks\disco_games_notification_service.job
[2015-04-03 15:49:34 | 001,224,704 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\aOYh8RxJ4GF2cDn7vb6.exe
[2015-04-03 15:49:12 | 001,577,472 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\0xCXfHG9B1yD.exe
[2015-04-03 01:09:59 | 000,000,648 | ---- | C] () -- C:\Windows\tasks\dress4u_updating_service.job
[2015-03-31 10:14:36 | 000,004,387 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\MT2kDzWeEDBuwPfnUxijR5
[2015-03-31 10:14:36 | 000,004,387 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\aOYh8RxJ4GF2cDn7vb6
[2015-03-31 10:14:20 | 000,005,655 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\J7u9MeKsQNZCNWj8SICoqOff
[2015-03-31 10:14:20 | 000,005,655 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\0xCXfHG9B1yD
[2015-03-28 02:26:06 | 000,054,335 | ---- | C] () -- C:\Users\Damian\AppData\Local\recently-used.xbel
[2015-03-23 21:22:14 | 041,123,884 | ---- | C] () -- C:\Users\Damian\Desktop\test3.wav
[2015-03-21 16:12:46 | 000,001,096 | ---- | C] () -- C:\Users\Damian\Desktop\Korner 5 Website.lnk
[2015-03-20 20:18:21 | 000,001,817 | ---- | C] () -- C:\Users\Damian\Desktop\Spotify.lnk
[2015-01-08 19:30:05 | 000,000,086 | ---- | C] () -- C:\Users\Damian\AppData\Roaming\WB.CFG
[2015-01-08 18:39:38 | 005,804,772 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2015-01-08 18:39:37 | 001,443,340 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2015-01-08 18:39:36 | 000,087,864 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll
[2014-11-01 20:35:39 | 000,018,168 | ---- | C] () -- C:\Windows\System32\roboot.exe
[2014-08-24 02:26:43 | 000,000,432 | ---- | C] () -- C:\Windows\wininit.ini
[2014-08-04 08:31:08 | 000,007,597 | ---- | C] () -- C:\Users\Damian\AppData\Local\resmon.resmoncfg
[2014-07-26 20:45:33 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014-07-19 03:35:32 | 002,140,976 | ---- | C] () -- C:\Windows\System32\SStudio.dll
[2014-07-19 03:35:29 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2014-07-19 03:31:26 | 004,151,176 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2014-07-19 03:31:11 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2014-07-19 03:31:11 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2014-07-19 03:31:11 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2014-07-19 03:31:10 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2014-07-19 03:31:08 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2014-07-19 03:27:49 | 000,010,084 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin

========== ZeroAccess Check ==========

[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Arkzyw · 3 Kwietnia 2015

Wykonaj logi FRST http://www.mpcforum.pl/topic/1364875-logi/

D&G · 4 Kwietnia 2015

Przeskanuj adwcleaner'em.

Tekson · 4 Kwietnia 2015

Adwcleanerem też czyściłem, ale dobra nieważne zrobiłem formata i problem znikł. Dzięki wszystkim za próby pomocy. Temat do zamknięcia

Tekson · 3 Kwietnia 2015

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Damian (administrator) on DAMIAN-KOMPUTER on 03-04-2015 20:40:56
Running from C:\Users\Damian\Downloads
Loaded Profiles: Damian (Available profiles: Damian)
Platform: Microsoft Windows 7 Home Premium (X86) OS Language: Polski (Polska)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hi-Rez Studios) D:\Program Files\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 2015-01-08] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [mbot_pl_175] => [X]
HKU\S-1-5-21-3582798026-1382773839-1018714972-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3582798026-1382773839-1018714972-1000\...\MountPoints2: {67c536d4-70ca-11e4-bc64-001fd0b43554} - J:\Autorun.exe
HKU\S-1-5-21-3582798026-1382773839-1018714972-1000\...\MountPoints2: {8748b348-3f11-11e4-a7c5-001fd0b43554} - J:\LGAutoRun.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle Corporation)
BHO: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Program Files\RaiderZ\Arc\Plugins\ArcPluginIE.dll [2014-11-22] (Perfect World Entertainment Inc)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 194.204.159.1 194.204.152.34

FireFox:
========
FF ProfilePath: C:\Users\Damian\AppData\Roaming\Mozilla\Firefox\Profiles\l5aj5an5.default
FF Homepage: www.google.pl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1212152.dll [2014-05-30] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @perfectworld.com/npArcPlayNowPlugin -> D:\Program Files\RaiderZ\Arc\Plugins\npArcPluginFF.dll [2014-11-22] (Perfect World Entertainment Inc)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-19]
CHR Extension: (Google Drive) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-19]
CHR Extension: (YouTube) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-19]
CHR Extension: (cnhdjbfjheoohmhpakglckehdcgfffbl) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhdjbfjheoohmhpakglckehdcgfffbl [2015-04-03]
CHR Extension: (Google Search) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-19]
CHR Extension: (fpkonlbialedjgeegikdallckpnliboc) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpkonlbialedjgeegikdallckpnliboc [2015-04-03]
CHR Extension: (hfdklionolegofhffnhoagpmlailnnni) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdklionolegofhffnhoagpmlailnnni [2015-04-01]
CHR Extension: (idggmlekajlpkppfjdadikipagekmfdn) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\idggmlekajlpkppfjdadikipagekmfdn [2015-04-02]
CHR Extension: (disco games) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhekfgkiebcdiemikbpipliohcokogk [2015-04-03]
CHR Extension: (Gmail) - C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-19]

Opera:
=======
OPR Extension: (GoHD) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\bokijhalndhhhikpnaniimagniglonke [2015-01-31]
OPR Extension: (cnhdjbfjheoohmhpakglckehdcgfffbl) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhdjbfjheoohmhpakglckehdcgfffbl [2015-04-03]
OPR Extension: (dress4u) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\dlabcihlajghaekmikmkncdhekcaaenl [2015-04-03]
OPR Extension: (fpkonlbialedjgeegikdallckpnliboc) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\fpkonlbialedjgeegikdallckpnliboc [2015-04-03]
OPR Extension: (hfdklionolegofhffnhoagpmlailnnni) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdklionolegofhffnhoagpmlailnnni [2015-04-01]
OPR Extension: (idggmlekajlpkppfjdadikipagekmfdn) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\idggmlekajlpkppfjdadikipagekmfdn [2015-04-02]
OPR Extension: (roller coaster park) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\obbfamljbihbcghcciagdafdpbgcmkne [2015-04-02]
OPR Extension: (disco games) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\obhekfgkiebcdiemikbpipliohcokogk [2015-04-03]
OPR Extension: (Adblock Plus) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-11-29]
OPR Extension: (trivia games) - C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Extensions\pdpibhkfkahcjfaebebkiphgenajknae [2015-04-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArcService; D:\Program Files\RaiderZ\Arc\ArcService.exe [88400 2014-11-22] (Perfect World Entertainment Inc)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1905488 2014-07-21] (LogMeIn Inc.)
U2 HiPatchService; D:\Program Files\Hi-Rez Studios\HiPatchService.exe [9216 2014-07-18] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-07-16] (LogMeIn, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-11-20] (Disc Soft Ltd)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-08] (REALiX)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-03 20:40 - 2015-04-03 20:41 - 00010812 _____ () C:\Users\Damian\Downloads\FRST.txt
2015-04-03 20:40 - 2015-04-03 20:40 - 00000000 ____D () C:\FRST
2015-04-03 20:39 - 2015-04-03 20:39 - 01135104 _____ (Farbar) C:\Users\Damian\Downloads\FRST.exe
2015-04-03 20:30 - 2015-04-03 20:33 - 00000000 ____D () C:\AdwCleaner
2015-04-03 20:30 - 2015-04-03 20:30 - 02208768 _____ () C:\Users\Damian\Downloads\AdwCleaner.pl 4.200.exe
2015-04-03 20:20 - 2015-04-03 20:20 - 00062396 _____ () C:\Users\Damian\Desktop\OTL.txt
2015-04-03 19:50 - 2015-04-03 19:50 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-03 19:50 - 2015-04-03 19:50 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-03 19:50 - 2015-04-03 19:50 - 00000000 ____D () C:\Users\Damian\AppData\Roaming\Mozilla
2015-04-03 19:50 - 2015-04-03 19:50 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-03 19:49 - 2015-04-03 19:49 - 00243544 _____ () C:\Users\Damian\Desktop\Firefox Setup Stub 37.0.exe
2015-04-03 19:47 - 2015-03-30 01:18 - 00126630 _____ () C:\Users\Damian\Desktop\bookmarks-2015-03-30_650_Nk2SlS7MEUmJ-Erqr4WnKA==.jsonlz4
2015-04-03 19:07 - 2015-04-03 20:34 - 00001310 _____ () C:\Windows\Tasks\disco_games_notification_service.job
2015-04-03 19:07 - 2015-04-03 20:34 - 00001014 _____ () C:\Windows\Tasks\aOYh8RxJ4GF2cDn7vb6.job
2015-04-03 19:07 - 2015-04-03 20:34 - 00001000 _____ () C:\Windows\Tasks\0xCXfHG9B1yD.job
2015-04-03 19:07 - 2015-04-03 20:34 - 00000672 _____ () C:\Windows\Tasks\disco_games_updating_service.job
2015-04-03 15:49 - 2015-04-03 15:49 - 01577472 _____ () C:\Users\Damian\AppData\Roaming\0xCXfHG9B1yD.exe
2015-04-03 15:49 - 2015-04-03 15:49 - 01224704 _____ () C:\Users\Damian\AppData\Roaming\aOYh8RxJ4GF2cDn7vb6.exe
2015-04-03 03:55 - 2015-04-03 13:32 - 00000000 ____D () C:\Users\Damian\Downloads\SpyHunter 4.1.11.0 + Crack
2015-04-03 01:09 - 2015-04-03 13:26 - 00000648 _____ () C:\Windows\Tasks\dress4u_updating_service.job
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Damian\AppData\Roaming\J7u9MeKsQNZCNWj8SICoqOff
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Damian\AppData\Roaming\0xCXfHG9B1yD
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Damian\AppData\Roaming\MT2kDzWeEDBuwPfnUxijR5
2015-03-31 10:14 - 2015-03-31 10:14 - 00004387 _____ () C:\Users\Damian\AppData\Roaming\aOYh8RxJ4GF2cDn7vb6
2015-03-28 02:26 - 2015-03-28 02:26 - 00054335 _____ () C:\Users\Damian\AppData\Local\recently-used.xbel
2015-03-23 21:22 - 2015-03-23 21:22 - 41123884 _____ () C:\Users\Damian\Desktop\test3.wav
2015-03-22 16:27 - 2015-04-03 19:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-21 16:11 - 2015-04-03 19:52 - 00000000 ____D () C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Korner 5
2015-03-21 16:10 - 2015-04-03 19:52 - 00000000 ____D () C:\Users\Damian\AppData\Roaming\Korner 5
2015-03-21 16:06 - 2015-03-21 16:07 - 37875400 _____ () C:\Users\Damian\Downloads\k5_setup.exe
2015-03-20 20:18 - 2015-04-03 20:04 - 00001817 _____ () C:\Users\Damian\Desktop\Spotify.lnk
2015-03-19 00:13 - 2015-03-19 00:13 - 05491242 _____ () C:\Users\Damian\Downloads\120512_immortal_songs_2_teen_top_c_a-ifZk7gK1Hb4_fmt135.mp4
2015-03-14 19:37 - 2015-03-14 19:37 - 00026213 _____ () C:\Users\Damian\Downloads\szablon.zip
2015-03-11 20:35 - 2015-03-11 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
2015-03-11 20:35 - 2015-03-11 20:35 - 00000000 ____D () C:\Program Files\Common Files\Digidesign
2015-03-11 20:35 - 2009-10-24 22:15 - 01332224 _____ (AD © 2009) C:\Windows\system32\SYNSOEMU.DLL
2015-03-05 17:59 - 2015-03-05 17:59 - 04908214 _____ () C:\Users\Damian\Downloads\czachojeb_-_napany_dread-LqRKPMPFN_g_fmt43.mp4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-03 20:40 - 2014-07-19 03:20 - 01664708 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-03 20:40 - 2009-07-14 10:07 - 00738468 _____ () C:\Windows\system32\perfh015.dat
2015-04-03 20:40 - 2009-07-14 10:07 - 00154578 _____ () C:\Windows\system32\perfc015.dat
2015-04-03 20:37 - 2014-07-19 03:16 - 01349465 _____ () C:\Windows\WindowsUpdate.log
2015-04-03 20:34 - 2014-08-14 17:09 - 00000000 ____D () C:\Users\Damian\AppData\Local\LogMeIn Hamachi
2015-04-03 20:34 - 2014-07-19 04:00 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-03 20:34 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-03 20:33 - 2015-02-01 08:56 - 00013900 _____ () C:\Windows\setupact.log
2015-04-03 20:32 - 2009-07-14 06:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-03 20:32 - 2009-07-14 06:34 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-03 20:22 - 2014-07-29 23:05 - 00000000 ____D () C:\Users\Damian\AppData\Local\Spotify
2015-04-03 20:22 - 2014-07-29 23:03 - 00000000 ____D () C:\Users\Damian\AppData\Roaming\Spotify
2015-04-03 20:21 - 2015-02-01 08:56 - 00013182 _____ () C:\Windows\PFRO.log
2015-04-03 20:06 - 2014-07-19 04:01 - 00001036 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-03 20:04 - 2014-07-29 23:05 - 00001803 _____ () C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-04-03 19:53 - 2014-12-02 00:09 - 00000000 ____D () C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-04-03 19:53 - 2014-10-24 13:36 - 00000000 ____D () C:\Users\Damian\Documents\AutomaticSolution Software
2015-04-03 19:29 - 2014-07-22 18:54 - 00000000 ____D () C:\Program Files\Steam
2015-04-03 13:33 - 2014-07-19 03:17 - 00000000 ____D () C:\Users\Damian
2015-04-03 13:33 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-04-03 13:32 - 2014-12-12 22:51 - 00000000 ____D () C:\Windows\Minidump
2015-04-03 13:32 - 2014-08-24 02:29 - 00000000 ____D () C:\Users\Damian\AppData\Roaming\uTorrent
2015-04-03 13:32 - 2014-07-20 23:14 - 00000000 ____D () C:\Users\Damian\AppData\Roaming\Skype
2015-04-03 13:32 - 2014-07-19 04:29 - 00000000 ____D () C:\Users\Damian\AppData\Roaming\Audacity
2015-04-03 13:32 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2015-04-03 13:32 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-03 13:31 - 2015-02-27 19:47 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-04-03 13:31 - 2014-07-19 03:23 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2015-04-03 04:28 - 2014-07-19 04:09 - 00000000 ____D () C:\Windows\Panther
2015-04-03 04:28 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-04-03 02:59 - 2014-07-19 03:25 - 00041711 _____ () C:\Users\Damian\Desktop\Notatki.txt
2015-03-31 19:52 - 2014-07-19 04:32 - 00000000 ____D () C:\Users\Damian\AppData\Roaming\TS3Client
2015-03-30 19:33 - 2014-11-29 19:36 - 00000000 ____D () C:\Program Files\Opera
2015-03-28 02:35 - 2014-07-19 03:31 - 00000000 ____D () C:\Users\Damian\.gimp-2.8
2015-03-28 02:24 - 2014-07-27 21:27 - 00000000 ____D () C:\Users\Damian\AppData\Local\gtk-2.0
2015-03-26 01:08 - 2014-07-22 18:54 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-03-21 00:30 - 2014-07-19 04:31 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2015-03-20 21:23 - 2015-02-27 19:47 - 00000000 ____D () C:\Users\Damian\AppData\Local\Battle.net
2015-03-20 20:25 - 2014-07-19 23:33 - 00000000 ____D () C:\Users\Damian\AppData\Roaming\.minecraft
2015-03-16 21:07 - 2014-07-19 04:20 - 00001824 _____ () C:\Users\Damian\GBoost_Bootstrap.log
2015-03-16 17:42 - 2014-07-19 03:27 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-16 15:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-03-16 12:44 - 2014-07-19 03:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-11 20:58 - 2014-12-02 00:06 - 00000000 ____D () C:\Program Files\FL Studio 11
2015-03-11 20:37 - 2014-12-02 00:09 - 00000000 ____D () C:\Program Files\VstPlugins
2015-03-09 15:37 - 2009-07-14 06:53 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-05 22:16 - 2015-02-08 02:27 - 179045192 _____ () C:\Windows\MEMORY.DMP

==================== Files in the root of some directories =======

2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Damian\AppData\Roaming\0xCXfHG9B1yD
2015-04-03 15:49 - 2015-04-03 15:49 - 1577472 _____ () C:\Users\Damian\AppData\Roaming\0xCXfHG9B1yD.exe
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Damian\AppData\Roaming\aOYh8RxJ4GF2cDn7vb6
2015-04-03 15:49 - 2015-04-03 15:49 - 1224704 _____ () C:\Users\Damian\AppData\Roaming\aOYh8RxJ4GF2cDn7vb6.exe
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Damian\AppData\Roaming\J7u9MeKsQNZCNWj8SICoqOff
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Damian\AppData\Roaming\MT2kDzWeEDBuwPfnUxijR5
2015-01-08 19:30 - 2015-01-20 20:30 - 0000086 _____ () C:\Users\Damian\AppData\Roaming\WB.CFG
2015-03-28 02:26 - 2015-03-28 02:26 - 0054335 _____ () C:\Users\Damian\AppData\Local\recently-used.xbel
2014-08-04 08:31 - 2014-08-11 19:34 - 0007597 _____ () C:\Users\Damian\AppData\Local\resmon.resmoncfg

Some content of TEMP:
====================
C:\Users\Damian\AppData\Local\Temp\Quarantine.exe
C:\Users\Damian\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2009-07-14 01:24] - [2009-07-14 03:16] - 0811520 ____A (Microsoft Corporation) 8626F0C30D4E3564FFDD25C90F4426F1

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-31 07:46

==================== End Of Log ============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Damian at 2015-04-03 20:41:30
Running from C:\Users\Damian\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3582798026-1382773839-1018714972-1000\...\uTorrent) (Version: 3.4.2.33080 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Audition CS5.5 (HKLM\...\{D5B1535A-FDFC-4B40-B2E2-21DA83D9CB57}) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
Arc (HKLM\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Don't Starve (HKLM\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together Beta (HKLM\...\Steam App 322330) (Version: - Klei Entertainment)
Easy Auto Clicker (HKLM\...\Easy Auto Clicker_is1) (Version: V2.0 - easyautoclicker.com)
f.lux (HKU\S-1-5-21-3582798026-1382773839-1018714972-1000\...\Flux) (Version: - )
FL Studio 11 (HKLM\...\FL Studio 11) (Version: - Image-Line)
Gameforge Live 2.0.6 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GRID 2 (HKLM\...\Steam App 44350) (Version: - Codemasters Racing)
Heroes of the Storm (HKLM\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 9.3.0 (HKLM\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.4.3.4000 - Maxthon International Limited)
Metin2 (HKLM\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft PowerPoint 2010 (HKLM\...\Office14.POWERPOINT) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 37.0 (x86 pl) (HKLM\...\Mozilla Firefox 37.0 (x86 pl)) (Version: 37.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla)
Mz RAM Booster (HKLM\...\MzRAMBooster_is1) (Version: 4.1.0 - Mz RAM Booster)
NapiProjekt (2.2.0.2399) (HKLM\...\NapiProjekt_is1) (Version: - )
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA Cg Toolkit 3.1 April 2012 (HKLM\...\Cg Toolkit_is1) (Version: - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Opera Stable 28.0.1750.48 (HKLM\...\Opera 28.0.1750.48) (Version: 28.0.1750.48 - Opera Software ASA)
Origin (HKLM\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Panel sterowania NVIDIA 347.09 (Version: 347.09 - NVIDIA Corporation) Hidden
Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50709 - Microsoft Corporation)
Ravia.eu (HKLM\...\Ravia.eu) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM\...\reFX Nexus_is1) (Version: - )
Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Smite (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2268.2 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-3582798026-1382773839-1018714972-1000\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
System Requirements Lab CYRI (HKLM\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton)
VVVVVV (HKLM\...\Steam App 70300) (Version: - Terry Cavanagh)
WinRAR 5.10 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

31-03-2015 07:53:58 Zaplanowany punkt kontrolny
01-04-2015 19:37:09 Operacja przywracania
03-04-2015 04:04:04 Installed SpyHunter
03-04-2015 13:20:08 Removed SpyHunter
03-04-2015 13:29:24 Operacja przywracania

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2014-07-23 16:07 - 00000921 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3F24471A-C42F-4FAA-81B5-37CFCB2007B5} - System32\Tasks\Opera scheduled Autoupdate 1417282656 => C:\Program Files\Opera\launcher.exe [2015-03-16] (Opera Software)
Task: {523096A7-2E66-4AC1-A545-4045C74521D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {563FCF71-40DC-441E-87CE-C5DA110A192B} - System32\Tasks\disco_games_notification_service => C:\Program Files\disco games\disco_games_notification_service.exe
Task: {588E5FB8-5CE8-42AA-8818-D606690A4AC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {590118E0-0398-4F6F-89B6-117F4605BE70} - System32\Tasks\0xCXfHG9B1yD => C:\Users\Damian\AppData\Roaming\0xCXfHG9B1yD.exe [2015-04-03] ()
Task: {7D021C19-0FC1-40A8-A378-B5F7F4B00F5D} - System32\Tasks\AdobeAAMUpdater-1.0-Damian-Komputer-Damian => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {8A91F6AB-67B6-47FA-96A9-2622662B7A17} - System32\Tasks\Driver Booster SkipUAC (Damian) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {8BCFDB3B-9EA0-4589-B866-2EB0AEDBD65B} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\Maxthon.exe [2014-12-10] (Maxthon International ltd.)
Task: {987C0E43-96A1-45FB-96F7-5F1DC27D98B5} - System32\Tasks\disco_games_updating_service => C:\Program Files\disco games\disco_games_updating_service.exe
Task: {A2146773-860A-4FD6-9AF6-5E539F174C92} - System32\Tasks\aOYh8RxJ4GF2cDn7vb6 => C:\Users\Damian\AppData\Roaming\aOYh8RxJ4GF2cDn7vb6.exe [2015-04-03] ()
Task: {D233A08C-1041-4FC0-BBDF-FA3D07923773} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {E726DC3B-F59D-4D2A-906F-38C0989A6DE5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\0xCXfHG9B1yD.job => C:\Users\Damian\AppData\Roaming\0xCXfHG9B1yD.exe
Task: C:\Windows\Tasks\aOYh8RxJ4GF2cDn7vb6.job => C:\Users\Damian\AppData\Roaming\aOYh8RxJ4GF2cDn7vb6.exe
Task: C:\Windows\Tasks\disco_games_notification_service.job => C:\Program Files\disco games\disco_games_notification_service.exeç/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='disco games' /appid='73143' /srcid='2913' /bic='96ddfbef15bd17d2be3fb5b1bae56708' /verifier='8dcd46905c5732757294098bc95e1616' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif
Task: C:\Windows\Tasks\disco_games_updating_service.job => C:\Program Files\disco games\disco_games_updating_service.exe¬ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=disco_games_updating_service /funurl=http:/stats.buildomserv.com
Task: C:\Windows\Tasks\dress4u_updating_service.job => C:\Program Files\dress4u\dress4u_updating_service.exe¨ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=dress4u_updating_service /funurl=http:/stats.buildomserv.com
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-07-19 03:31 - 2014-12-13 09:30 - 00107664 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-07-19 03:24 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files\RocketDock\RocketDock.dll
2014-07-19 03:24 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files\RocketDock\RocketDock.exe
2015-02-06 16:51 - 2015-02-06 16:51 - 16852144 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3582798026-1382773839-1018714972-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 194.204.159.1 - 194.204.152.34

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: f.lux => "C:\Users\Damian\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: screenSHU => "C:\Program Files\screenSHU\screenSHU.exe" --hidden
MSCONFIG\startupreg: Spotify => "C:\Users\Damian\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Damian\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-3582798026-1382773839-1018714972-500 - Administrator - Disabled)
Damian (S-1-5-21-3582798026-1382773839-1018714972-1000 - Administrator - Enabled) => C:\Users\Damian
Gość (S-1-5-21-3582798026-1382773839-1018714972-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3582798026-1382773839-1018714972-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2015 08:34:04 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (04/03/2015 08:34:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu:
0x800401F9

Error: (04/03/2015 08:21:56 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (04/03/2015 08:21:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu:
0x800401F9

Error: (04/03/2015 08:03:39 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (04/03/2015 08:03:39 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu:
0x800401F9

Error: (04/03/2015 01:33:35 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (04/03/2015 01:33:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu:
0x800401F9

Error: (04/03/2015 01:26:18 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (04/03/2015 01:26:18 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu:
0x800401F9

System errors:
=============
Error: (04/03/2015 08:33:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Usługa udostępniania w sieci programu Windows Media Player z powodu następującego błędu:
%%1069

Error: (04/03/2015 08:33:12 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Usługa WMPNetworkSvc nie może zalogować się jako NT AUTHORITY\NetworkService za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu:
%%50

Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

Error: (04/03/2015 08:33:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Windows Search z powodu następującego błędu:
%%1069

Error: (04/03/2015 08:33:12 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Usługa WSearch nie może zalogować się jako NT AUTHORITY\SYSTEM za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu:
%%50

Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

Error: (04/03/2015 08:33:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/03/2015 08:32:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Ochrona oprogramowania niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/03/2015 08:32:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/03/2015 08:32:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/03/2015 08:32:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (04/03/2015 08:32:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Microsoft Office Sessions:
=========================
Error: (04/03/2015 08:34:04 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (04/03/2015 08:34:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (04/03/2015 08:21:56 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (04/03/2015 08:21:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (04/03/2015 08:03:39 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (04/03/2015 08:03:39 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (04/03/2015 01:33:35 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (04/03/2015 01:33:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (04/03/2015 01:26:18 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (04/03/2015 01:26:18 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

==================== Memory info ===========================

Processor: AMD Athlon 64 X2 Dual Core Processor 6000+
Percentage of memory in use: 59%
Total physical RAM: 2047.55 MB
Available physical RAM: 830.56 MB
Total Pagefile: 4095.11 MB
Available Pagefile: 2544.67 MB
Total Virtual: 2113.88 MB
Available Virtual: 1932.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.66 GB) (Free:54.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:200.43 GB) (Free:130.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 27B327B2)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Shortcut.txt

Users shortcut scan result (x86) Version: 11-03-2015
Ran by Damian at 2015-04-03 20:42:01
Running from C:\Users\Damian\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CS5.5.lnk -> C:\Program Files\Adobe\Adobe Audition CS5.5\Adobe Audition.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk -> C:\Program Files\FL Studio 11\FL.exe (Image-Line)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk -> C:\Windows\Installer\{95140000-00AF-0415-0000-0000000FF1CE}\ppvwicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX\Nexus\NEXUS Manual English.lnk -> C:\Program Files\VstPlugins\Manual\Nexus 2 Manual English.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX\Nexus\What's New.lnk -> C:\Program Files\VstpluginsManual\What's New.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Arc.lnk -> D:\Program Files\RaiderZ\Arc\ArcLauncher.exe (Perfect World Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Repair Arc.lnk -> D:\Program Files\RaiderZ\Arc\ArcRepair.exe (Perfect World Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Cg Toolkit\Cg 2.0 Overview.lnk -> C:\Program Files\NVIDIA Corporation\Cg\docs\Cg-2.0.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Cg Toolkit\Explore Cg Toolkit.lnk -> C:\Program Files\NVIDIA Corporation\Cg ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Cg Toolkit\Reference Manual .lnk -> C:\Program Files\NVIDIA Corporation\Cg\docs\CgReferenceManual.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Cg Toolkit\Reference Manual.lnk -> C:\Program Files\NVIDIA Corporation\Cg\docs\CgReferenceManual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Cg Toolkit\Release Notes.lnk -> C:\Program Files\NVIDIA Corporation\Cg\docs\CgReleaseNotes.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Cg Toolkit\Uninstall Cg Toolkit.lnk -> C:\Program Files\NVIDIA Corporation\Cg\unins001.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\Cg Toolkit\User's Manual.lnk -> C:\Program Files\NVIDIA Corporation\Cg\docs\CgUsersManual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files\Notepad++\notepad++.exe (Don HO [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt\Informacje o zmianach.lnk -> C:\Program Files\NapiProjekt\changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt\NapiProjekt.lnk -> C:\Program Files\NapiProjekt\napisy.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt\Strona domowa NapiProjekt.lnk -> C:\Program Files\NapiProjekt\www.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mz Ultimate Tools\Mz RAM Booster\Deinstalacja programu Mz RAM Booster.lnk -> C:\Program Files\Mz Ultimate Tools\Mz RAM Booster\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mz Ultimate Tools\Mz RAM Booster\Help.lnk -> C:\Program Files\Mz Ultimate Tools\Mz RAM Booster\Help.chm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mz Ultimate Tools\Mz RAM Booster\Mz RAM Booster.lnk -> C:\Program Files\Mz Ultimate Tools\Mz RAM Booster\MzRAMBooster.exe (Mz Ultimate Tools)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mz Ultimate Tools\Mz RAM Booster\ReadMe.lnk -> C:\Program Files\Mz Ultimate Tools\Mz RAM Booster\Readme.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-0018-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{90140000-0018-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90140000-0018-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Language Preferences.lnk -> C:\Windows\Installer\{90140000-0018-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{90140000-0018-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-0018-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu\Odinstaluj.lnk -> D:\Program Files\Metin2 Ravia.eu\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2 Ravia.eu\Włącz grę.lnk -> D:\Program Files\Metin2 Ravia.eu\start_game.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser\Uninstall.lnk -> C:\Program Files\Maxthon\Bin\Mx3UnInstall.exe (Maxthon International ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk -> C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk -> C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files\K-Lite Codec Pack\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk -> C:\Program Files\K-Lite Codec Pack\Tools\GraphStudioNext.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk -> C:\Program Files\K-Lite Codec Pack\Tools\mediainfo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\VobSubStrip.lnk -> C:\Program Files\K-Lite Codec Pack\Tools\VobSubStrip.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk -> C:\Program Files\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Xvid StatsReader.lnk -> C:\Program Files\K-Lite Codec Pack\Tools\StatsReader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk -> C:\Program Files\K-Lite Codec Pack\Info\faq.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files\Image-Line\Shared\Start ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Hi-Rez Diagnostics and Support.lnk -> D:\Program Files\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm\Heroes of the Storm.lnk -> D:\Program Files\Heroes of the Storm\Heroes of the Storm\Heroes of the Storm.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Deinstalacja programu Gameforge Live.lnk -> D:\Program Files\Metin2\GameforgeLive\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Gameforge Live.lnk -> D:\Program Files\Metin2\GameforgeLive\GameforgeLive.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Auto Clicker\Uninstall Easy Auto Clicker.lnk -> C:\Program Files\EasyAutoClicker\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\Links\Desktop.lnk -> C:\Users\Damian\Desktop ()
Shortcut: C:\Users\Damian\Links\Downloads.lnk -> C:\Users\Damian\Downloads ()
Shortcut: C:\Users\Damian\Documents\Heroes of the Storm\[email protected] -> C:\Users\Damian\Documents\Heroes of the Storm\Accounts\401461821\2-Hero-1-1314886 ()
Shortcut: C:\Users\Damian\Desktop\Maxthon Cloud Browser.lnk -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
Shortcut: C:\Users\Damian\Desktop\Spotify.lnk -> C:\Users\Damian\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\screenSHU.lnk -> C:\Program Files\screenSHU\screenSHU.exe ()
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Damian\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files\Image-Line\Shared\Start ()
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux\Flux.lnk -> C:\Users\Damian\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux\Uninstall.lnk -> C:\Users\Damian\AppData\Local\FluxSoftware\Flux\uninstall.exe ()
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\OpenFM.lnk -> C:\Users\Damian\AppData\Local\OpenFM\Application\openfm.exe (No File)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Battle.net Launcher.lnk -> C:\Program Files\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Easy Auto Clicker.lnk -> C:\Program Files\EasyAutoClicker\EasyAutoClicker.exe ()
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\FL Studio launcher.lnk -> C:\Program Files\FL Studio 11\FL.exe (Image-Line)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Flux.lnk -> C:\Users\Damian\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\GBoost.lnk -> C:\Program Files\GBoost\GBoost.exe (GZero)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Magic Launcher.lnk -> C:\Users\Damian\Desktop\Magic Launcher.exe (http://magiclauncher.com)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Maxthon Cloud Browser.lnk -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Opera Internet Browser.lnk -> C:\Program Files\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Pełne czyszczenie śmieci.lnk -> C:\Program Files\Elex-tech\YAC\iStart.exe (No File)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\RocketDock.lnk -> C:\Program Files\RocketDock\RocketDock.exe ()
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Damian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\FL Studio 11.lnk -> C:\Program Files\FL Studio 11\FL.exe (Image-Line)
Shortcut: C:\Users\Public\Desktop\Gameforge Live.lnk -> D:\Program Files\Metin2\GameforgeLive\GameforgeLive.exe ()
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Heroes of the Storm.lnk -> D:\Program Files\Heroes of the Storm\Heroes of the Storm\Heroes of the Storm.exe (Blizzard Entertainment)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment\Arc\Uninstall Arc.lnk -> C:\Program Files\InstallShield Installation Information\{CED8E25B-122A-4E80-B612-7F99B93284B3}\setup.exe (Perfect World Entertainment) -> -runfromtemp -l0x0809 -removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt\Napisy oczekujące na pobranie.lnk -> C:\Program Files\NapiProjekt\napisy.exe () -> -kolejka
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2\Metin2.lnk -> D:\Program Files\Metin2\GameforgeLive\GameforgeLive.exe () -> "D:\Program Files\Metin2\GameforgeLive\Games\POL_pol\Metin2\Metin2.exe" -start Metin2
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /i {BDA0EB29-8B31-4BF4-8B05-04AA52340AC4} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow VFW interface.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Windows\system32\ff_vfw.dll",configureVFW
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax",Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali video renderer.lnk -> C:\Program Files\K-Lite Codec Pack\Tools\dsconfig.exe (MONOGRAM Multimedia, s.r.o.) -> {760A8F35-97E7-479D-AAF5-DA9EFF95D751}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madFLAC.lnk -> C:\Program Files\K-Lite Codec Pack\Tools\dsconfig.exe (MONOGRAM Multimedia, s.r.o.) -> {6B257121-CBB6-46B3-ABFA-B14DFA98C4A6}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk -> C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe () -> /resetsettings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\VP7 decoder.lnk -> C:\Program Files\K-Lite Codec Pack\Tools\dsconfig.exe (MONOGRAM Multimedia, s.r.o.) -> {C204438D-6E1A-4309-B09C-0C0F749863AF}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Xvid encoder.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Windows\system32\xvidvfw.dll",Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Smite.lnk -> D:\Program Files\Hi-Rez Studios\HiRezLauncherUI.exe (Hi-Rez Studios Inc.) -> game=300 product=17
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Uninstall All Hi-Rez Games.lnk -> D:\Program Files\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company) -> uninstall=all
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\AION Free-to-Play.lnk -> D:\Program Files\Metin2\GameforgeLive\GameforgeLive.exe () -> "D:\Program Files\Metin2\GameforgeLive\Games\POL_pol\AION\NCLauncher.exe" -start Aion
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Public\Desktop\AION Free-to-Play.lnk -> D:\Program Files\Metin2\GameforgeLive\GameforgeLive.exe () -> "D:\Program Files\Metin2\GameforgeLive\Games\POL_pol\AION\NCLauncher.exe" -start Aion

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser\Visit Maxthon Forum.url -> hxxp://go.maxthon.com/redir/mx4/feature_post.htm?f=mx4forum
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Strona internetowa Gameforge Live.url -> hxxp://gfl.gameforge.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Strona WWW programu AION Free-to-Play.url -> hxxp://aionfreetoplay.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Mouse Auto Clicker\Free Mouse Auto Clicker on the Web.url -> hxxp://www.Advanced-Mouse-Auto-Clicker.com/
InternetURL: C:\Users\Damian\Favorites\Windows Live\Galeria gadżetów Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkID=70742
InternetURL: C:\Users\Damian\Favorites\Windows Live\Poczta usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Damian\Favorites\Windows Live\Programy usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Damian\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Damian\Favorites\MSN — witryny sieci Web\MSN Gospodarka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Damian\Favorites\MSN — witryny sieci Web\MSN Rozrywka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Damian\Favorites\MSN — witryny sieci Web\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Damian\Favorites\MSN — witryny sieci Web\MSN Technologie.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Damian\Favorites\MSN — witryny sieci Web\MSN Wideo.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Damian\Favorites\MSN — witryny sieci Web\Portal MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\Centrum bezpieczeństwa Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkID=72887
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\Dodatki programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\Microsoft Office Online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72885
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\Microsoft Technet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72886
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\Microsoft w Polsce.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\Oryginalne oprogramowanie firmy Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72900
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\Strona główna programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\Strona główna systemu Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\Technologia RSS.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72889
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\W domu.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Damian\Favorites\Microsoft — witryny sieci Web\W pracy.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72407
InternetURL: C:\Users\Damian\Favorites\Links for Polska\Bezpieczeństwo w trybie online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=142211
InternetURL: C:\Users\Damian\Favorites\Links for Polska\Bezpieczny Internet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129626
InternetURL: C:\Users\Damian\Favorites\Links for Polska\Kultura.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129625
InternetURL: C:\Users\Damian\Favorites\Links for Polska\Pogodynka.pl — oficjalny serwis pogodowy IMGW.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129624
InternetURL: C:\Users\Damian\Favorites\Links for Polska\Polska.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129622
InternetURL: C:\Users\Damian\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Damian\Favorites\Links\Sugerowane witryny.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Damian\Downloads\Adobe Audition CS5.5\Adobe Error Toolkit.url -> hxxp://thepiratebay.org/search/Adobe%20clean%20install%20%5Bthethingy%5D/0/99/300
InternetURL: C:\Users\Damian\Downloads\Adobe Audition CS5.5\Adobe Training DVD's.url -> hxxp://thepiratebay.org/search/adobe%20training%20dvd%20%5Bthethingy%5D/0/99/200
InternetURL: C:\Users\Damian\Downloads\Adobe Audition CS5.5\Adobe Training Manuals.url -> hxxp://thepiratebay.org/search/adobe%20training%20manual%20%5Bthethingy%5D/0/99/600
InternetURL: C:\Users\Damian\Downloads\Adobe Audition CS5.5\Suprbay Forum.url -> hxxp://forum.suprbay.org/member.php?action=register&referrer=102727
InternetURL: C:\Users\Damian\Downloads\Adobe Audition CS5.5\The Pig Pen.url -> hxxp://muckypig.com/thepigpen/member.php?action=register&referrer=63
InternetURL: C:\Users\Damian\Downloads\Adobe Audition CS5.5\thethingy's torrents.url -> hxxp://thepiratebay.org/user/thethingy/
InternetURL: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> steam://rungameid/730
InternetURL: C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Unturned.url -> steam://rungameid/304930

==================== End of log =============================

MatrixXHardcore · 4 Kwietnia 2015

Zamykam na prośbę autora.

Arkzyw · 3 Kwietnia 2015

Pobierz fixlixt.txt http://www.speedyshare.com/VpReW/fixlist.txt umieść w tym samym folderze co FRST i naciśnij fix.

1. Uwaga - nie umieszczaj w ten sposób logów na forum. Najlepiej załaduj gdzieś i podawaj link (np. speedyshare http://www.speedyshare.com/ )

2. Uwaga - zainwestuj w oryginalny system !!

Tekson · 3 Kwietnia 2015

Zrobiłem tak jak kazałeś. Nic to nie dało

Zaloguj się

👋 Witaj na MPCForum!

Wyskakujące reklamy Mozilla Firefox

Pytanie

Tekson

Tekson

7 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

Arkzyw

Arkzyw

D&G

D&G

Tekson

Tekson

Tekson

Tekson

MatrixXHardcore

MatrixXHardcore

Arkzyw

Arkzyw

Tekson

Tekson

Zarchiwizowany