Problem z reklamami...

[MR.ZiomuuSs]

Witam.. Po raz kolejny mam problem z uporczywymi reklamami. Mam również pytanie: Jako że mam brata, do którego nie dociera że nie musi instalować wszystkiego co widzi na reklamach, to czy gdybym zrobił mu osobne konto (windows 7) a on by tam sobie instalował te surfvoxy i inne g***a to czy przeniosło by się to również na moje konto, czy tylko u niego byłyby te reklamy?

Tutaj logi FRST:

 

 

FRST

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by W (administrator) on W-KOMPUTER on 09-07-2015 13:02:55
Running from C:\Users\W\Desktop\Pobrane
Loaded Profiles: W (Available Profiles: W)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Windows SysTool) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla FTP Client\fzsftp.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Simon Tatham) C:\Users\W\Desktop\Programy\putty.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\msoia.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\MountPoints2: J - J:\autorun.exe
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\MountPoints2: {0893d637-e4fb-11e4-b51a-001e90021611} - J:\Install.exe
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\MountPoints2: {5a3f2e49-0850-11e5-a21d-001e90021611} - M:\Autorun.exe
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\MountPoints2: {843e5ed7-ef33-11e4-b7ac-001e90021611} - L:\setup.exe
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\MountPoints2: {d69758f6-ddfe-11e4-a3d4-001e90021611} - M:\Autorun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB&q={searchTerms}
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3457423968-916553893-2173699218-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3457423968-916553893-2173699218-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3457423968-916553893-2173699218-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3457423968-916553893-2173699218-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3457423968-916553893-2173699218-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-05-20] (Thinknice Co. Limited)
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-05-20] (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-29] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-29] (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{062F263A-94DB-4875-A00D-82819CE37F13}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB

FireFox:
========
FF ProfilePath: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: delta-homes
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-08] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-08] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\searchplugins\delta-homes.xml [2015-06-29]
FF Extension: csscoveragespaghetticoderorg - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] [2015-04-08]
FF Extension: QuickSearch - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] [2015-05-20]
FF Extension: Search Enginer - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] [2015-04-04]
FF Extension: Default SearchProtected  - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] [2015-06-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\extensions\[email protected]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR DefaultSearchURL: Default -> http://search.delta-homes.com/web/?type=ds&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB&q={searchTerms}
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-04]
CHR Extension: (Google Drive) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-04]
CHR Extension: (YouTube) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-04]
CHR Extension: (Google Search) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-04]
CHR Extension: (GoHD) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-07-08]
CHR Extension: (Bookmark Manager) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-29]
CHR Extension: (nflehelhgpjjhfiigceaplnmgiblnclo) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\nflehelhgpjjhfiigceaplnmgiblnclo [2015-04-08]
CHR Extension: (Google Wallet) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-04]
CHR Extension: (Gmail) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]

Opera: 
=======
OPR Extension: (GoHD) - C:\Users\W\AppData\Roaming\Opera Software\Opera Stable\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-07-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-31] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-04-29] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-08] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-08] (globalUpdate) [File not signed] <==== ATTENTION
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [157824 2015-05-20] (XTab system)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [602112 2015-05-20] (Windows SysTool) [File not signed] <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-04] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 13:02 - 2015-07-09 13:03 - 00000000 ____D C:\FRST
2015-07-08 11:20 - 2015-07-09 12:35 - 00000000 ____D C:\SkinPack
2015-07-08 10:45 - 2015-07-09 12:48 - 00005476 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6.job
2015-07-08 10:45 - 2015-07-09 12:48 - 00003096 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6.job
2015-07-08 10:45 - 2015-07-09 12:33 - 00005140 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7.job
2015-07-08 10:45 - 2015-07-09 12:33 - 00003096 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7.job
2015-07-08 10:45 - 2015-07-09 12:33 - 00002404 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5_user.job
2015-07-08 10:45 - 2015-07-09 12:33 - 00002404 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5.job
2015-07-08 10:45 - 2015-07-08 10:45 - 00008504 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6
2015-07-08 10:45 - 2015-07-08 10:45 - 00008170 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7
2015-07-08 10:45 - 2015-07-08 10:45 - 00006126 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7
2015-07-08 10:45 - 2015-07-08 10:45 - 00006124 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6
2015-07-08 10:45 - 2015-07-08 10:45 - 00005434 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5
2015-07-08 10:45 - 2015-07-08 10:45 - 00000000 ____D C:\Program Files (x86)\02fe8cc0-b655-4551-b8ca-c1d81345005d
2015-07-08 10:44 - 2015-07-09 12:48 - 00002070 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-10_user.job
2015-07-08 10:44 - 2015-07-09 12:33 - 00004452 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3.job
2015-07-08 10:44 - 2015-07-09 12:32 - 00005142 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11.job
2015-07-08 10:44 - 2015-07-08 10:45 - 00000000 ____D C:\Program Files (x86)\GoHD
2015-07-08 10:44 - 2015-07-08 10:44 - 00008172 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11
2015-07-08 10:44 - 2015-07-08 10:44 - 00007482 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3
2015-07-08 10:40 - 2015-07-09 12:33 - 00000974 _____ C:\Windows\Tasks\yoEkQGCvR.job
2015-07-08 10:40 - 2015-07-08 10:40 - 00003996 _____ C:\Windows\System32\Tasks\yoEkQGCvR
2015-07-08 10:38 - 2015-07-09 12:32 - 00000926 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-07-08 10:38 - 2015-07-09 12:32 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-08 10:38 - 2015-07-09 10:49 - 00000930 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-07-08 10:38 - 2015-07-08 10:44 - 00003928 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-07-08 10:38 - 2015-07-08 10:44 - 00003674 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-07-08 10:38 - 2015-07-08 10:38 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-07-08 10:36 - 2015-07-08 11:21 - 00020850 _____ C:\Users\W\Desktop\drop.sk
2015-07-08 09:56 - 2015-07-08 10:36 - 00000000 ___RD C:\Users\W\Desktop\projekty
2015-07-08 09:48 - 2015-07-08 09:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-07-08 09:48 - 2015-07-08 09:48 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2015-07-08 09:48 - 2015-07-08 09:48 - 00113543 _____ C:\Windows\SysWOW64\slmgr.vbs
2015-07-08 09:48 - 2015-07-08 09:48 - 00002048 _____ C:\Windows\SysWOW64\winver.exe
2015-07-08 09:48 - 2015-07-08 09:48 - 00001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2015-07-07 12:07 - 2015-07-07 12:07 - 00307160 _____ C:\Windows\Minidump\070715-24195-01.dmp
2015-07-05 16:36 - 2015-07-05 16:36 - 00000000 ____D C:\Users\W\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-07-05 16:36 - 2015-07-05 16:36 - 00000000 ____D C:\Users\W\AppData\Local\EMU
2015-07-05 16:33 - 2015-07-05 16:36 - 00007607 _____ C:\Users\W\AppData\Local\Resmon.ResmonCfg
2015-06-30 15:26 - 2015-06-30 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-06-30 15:26 - 2015-06-30 15:26 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-29 13:51 - 2015-06-29 13:51 - 00315048 _____ C:\Windows\Minidump\062915-26379-01.dmp
2015-06-29 09:27 - 2015-06-29 09:27 - 00000000 ____D C:\Users\W\Documents\MCEdit
2015-06-28 12:41 - 2011-11-03 21:16 - 00043806 _____ C:\Chunkster.jar
2015-06-28 11:39 - 2015-06-28 11:39 - 00002328 _____ C:\Users\W\AppData\Local\recently-used.xbel
2015-06-28 11:36 - 2015-06-28 11:39 - 00000000 ____D C:\Users\W\AppData\Local\gtk-2.0
2015-06-28 11:34 - 2015-06-28 11:34 - 00000000 ____D C:\Users\W\.thumbnails
2015-06-28 11:27 - 2015-06-28 11:27 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-06-28 11:25 - 2015-06-28 11:26 - 00000000 ____D C:\Program Files\GIMP 2
2015-06-27 10:39 - 2015-06-27 10:39 - 00303248 _____ C:\Windows\Minidump\062715-23758-01.dmp
2015-06-26 11:07 - 2015-06-28 11:40 - 00000000 ____D C:\Users\W\.gimp-2.8
2015-06-26 11:07 - 2015-06-26 11:07 - 00000000 ____D C:\Users\W\AppData\Local\gegl-0.2
2015-06-17 14:40 - 2015-06-17 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-06-14 17:53 - 2015-06-14 17:53 - 00000246 _____ C:\Users\W\SciTE.session
2015-06-14 17:53 - 2015-06-14 17:53 - 00000000 ____D C:\Users\W\AppData\Local\AutoIt v3
2015-06-14 17:21 - 2015-06-14 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2015-06-14 17:21 - 2015-06-14 17:21 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2015-06-11 16:39 - 2015-06-11 16:39 - 00000558 _____ C:\Windows\wmsetup.log
2015-06-11 16:39 - 2015-06-11 16:39 - 00000000 ____D C:\Users\W\Documents\DeadIsland
2015-06-11 16:01 - 2015-06-11 16:01 - 06477032 _____ (Tim Kosse) C:\Users\W\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-10 16:30 - 2015-06-10 17:56 - 00000000 ____D C:\Users\W\AppData\Roaming\Audacity
2015-06-10 16:30 - 2015-06-10 16:30 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-06-10 16:29 - 2015-07-08 10:48 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-06-10 16:21 - 2015-06-10 16:21 - 24210616 _____ (Audacity Team ) C:\Users\W\Downloads\audacity-win-2.1.0.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 13:02 - 2015-04-04 14:08 - 00000000 ___RD C:\Users\W\Desktop\Pobrane
2015-07-09 12:55 - 2015-04-04 13:39 - 00000000 ___RD C:\Users\W\Desktop\Programy
2015-07-09 12:41 - 2015-05-08 14:49 - 00000000 ____D C:\Users\W\AppData\Local\LogMeIn Hamachi
2015-07-09 12:41 - 2015-04-04 14:04 - 00000000 ____D C:\Users\W\AppData\Roaming\.minecraft
2015-07-09 12:40 - 2015-04-04 15:22 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 12:36 - 2015-04-04 13:23 - 00000000 ____D C:\Users\W\AppData\Roaming\FileZilla
2015-07-09 12:36 - 2015-04-04 12:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-07-09 12:36 - 2015-04-04 12:47 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-07-09 12:36 - 2015-04-04 12:07 - 01079945 _____ C:\Windows\WindowsUpdate.log
2015-07-09 12:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2015-07-09 12:32 - 2015-04-04 15:22 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-09 12:32 - 2015-04-04 13:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-09 12:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 12:32 - 2009-07-14 06:51 - 00070554 _____ C:\Windows\setupact.log
2015-07-09 12:31 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-09 12:31 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-09 08:54 - 2010-11-21 05:47 - 00018762 _____ C:\Windows\PFRO.log
2015-07-08 16:06 - 2015-04-08 16:20 - 00000000 ____D C:\Users\W\AppData\Local\CrashDumps
2015-07-08 13:21 - 2015-04-04 14:11 - 00000600 _____ C:\Users\W\AppData\Local\PUTTY.RND
2015-07-08 11:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2015-07-08 10:47 - 2015-04-28 15:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-07 12:07 - 2015-04-07 08:34 - 305082053 _____ C:\Windows\MEMORY.DMP
2015-07-07 12:07 - 2015-04-07 08:34 - 00000000 ____D C:\Windows\Minidump
2015-07-05 16:36 - 2015-04-04 13:35 - 00000000 ___RD C:\Users\W\Desktop\Gry
2015-07-05 16:26 - 2015-04-04 13:27 - 00000000 ____D C:\Users\W\AppData\Roaming\uTorrent
2015-07-05 16:00 - 2015-04-23 14:09 - 00000000 ____D C:\Users\W\Documents\GTA San Andreas User Files
2015-07-05 14:29 - 2015-05-23 17:54 - 00000000 ____D C:\Users\W\AppData\Roaming\TS3Client
2015-07-04 20:59 - 2015-04-04 15:20 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-01 15:30 - 2015-04-04 12:49 - 00000000 ____D C:\Users\W\AppData\Roaming\Skype
2015-06-29 09:22 - 2015-06-03 16:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-28 11:34 - 2015-04-04 12:32 - 00000000 ____D C:\Users\W
2015-06-25 20:14 - 2015-05-01 15:48 - 00000000 ____D C:\Users\W\Documents\Assassin's Creed IV Black Flag
2015-06-25 13:54 - 2015-04-04 12:35 - 00003876 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1428143704
2015-06-25 13:54 - 2015-04-04 12:34 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-17 14:40 - 2015-05-23 17:53 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-06-14 17:21 - 2011-04-12 15:32 - 00000000 ____D C:\Windows\ShellNew
2015-06-11 16:38 - 2015-04-08 16:18 - 00122919 _____ C:\Windows\DirectX.log
2015-06-10 18:33 - 2015-06-01 16:11 - 00000000 ____D C:\Users\W\AppData\Roaming\Moje pliki Bitwy o Śródziemie™ II
2015-06-09 14:09 - 2015-04-04 12:48 - 00000000 ____D C:\ProgramData\Skype
2015-06-09 13:23 - 2015-04-04 15:17 - 00000000 ____D C:\Users\W\AppData\Local\Adobe
2015-06-09 13:23 - 2015-04-04 14:20 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 13:23 - 2015-04-04 14:20 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-04-04 14:11 - 2015-07-08 13:21 - 0000600 _____ () C:\Users\W\AppData\Local\PUTTY.RND
2015-06-28 11:39 - 2015-06-28 11:39 - 0002328 _____ () C:\Users\W\AppData\Local\recently-used.xbel
2015-07-05 16:33 - 2015-07-05 16:36 - 0007607 _____ () C:\Users\W\AppData\Local\Resmon.ResmonCfg

Files to move or delete:
====================
C:\Users\W\worldpainter_1.10.6.exe


Some files in TEMP:
====================
C:\Users\W\AppData\Local\Temp\2270.exe
C:\Users\W\AppData\Local\Temp\AutoRun.exe
C:\Users\W\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\W\AppData\Local\Temp\bedgddfdca.exe
C:\Users\W\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\W\AppData\Local\Temp\eauninstall.exe
C:\Users\W\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\W\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\W\AppData\Local\Temp\ose00000.exe
C:\Users\W\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\W\AppData\Local\Temp\uninst.exe
C:\Users\W\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 12:04

==================== End of log ============================

 

 

Addition:

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by W at 2015-07-09 13:06:32
Running from C:\Users\W\Desktop\Pobrane
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3457423968-916553893-2173699218-500 - Administrator - Disabled)
Gość (S-1-5-21-3457423968-916553893-2173699218-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3457423968-916553893-2173699218-1002 - Limited - Enabled)
W (S-1-5-21-3457423968-916553893-2173699218-1001 - Administrator - Enabled) => C:\Users\W

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Assassin's Creed IV - Black Flag" (HKLM-x32\...\{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1) (Version: 1.01.0.0 - )
µTorrent (HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
Bitwa o Śródziemie™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0407 - Disc Soft Ltd)
Dark Messiah of Might & Magic Multi-Player (HKLM-x32\...\Steam App 2130) (Version:  - Arkane Studios)
Dark Messiah of Might & Magic Single Player (HKLM-x32\...\Steam App 2100) (Version:  - Arkane Studios)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
GameRanger (HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\GameRanger) (Version:  - GameRanger Technologies)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
GoHD (HKLM-x32\...\GoHD) (Version: 1.36.01.22 - InstallMoon) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version:  - Warner Bros. Games)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version:  - )
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software)
Panel sterowania NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
Tropico 4 1.00 (HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\Tropico 4) (Version: 1.00 - Kalypso Media)
WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

29-06-2015 09:20:36 Removed GTA San Andreas
30-06-2015 15:26:34 Installed GTA San Andreas
08-07-2015 10:45:54 Usunięte II Wojna Światowa

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-08 09:48 - 00000921 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C1207E-DAC2-4316-949A-1442157DDB14} - System32\Tasks\Opera scheduled Autoupdate 1428143704 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software)
Task: {347556B8-6B97-42B7-A8AF-C6FAEF899BA5} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-08] (globalUpdate) <==== ATTENTION
Task: {3B6EBC4B-36EC-47BC-B196-B6E15E6CA735} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-08] (globalUpdate) <==== ATTENTION
Task: {5BA8B0F8-2C93-4DD5-95CA-428B976DD5CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {5BF1962F-747F-4DB0-992D-C8B475CBE204} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {60A97DEB-2C5C-476D-8691-D15425D6A4D3} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-10_user => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-10.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {68575C5C-60F2-43A2-B5DB-B96BA5D8E7FA} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-1-6.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {77800018-1EE0-46B8-846A-DBE43EFFED15} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {8C02E926-E2FF-429C-A175-774E8994E13F} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-11.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {9A5DEEE8-72C5-40B4-B672-B14E0E05A574} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {9F53F466-7BD7-4AE8-9D13-5652BEA517FB} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-6.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {AD0802A2-4B52-461C-80F2-733E7349E691} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-7.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {AF3004F6-8EAA-4258-85A1-E004D0D7B51F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {C2D2CE3B-7C75-44D1-BEF1-9CF056B50771} - System32\Tasks\yoEkQGCvR => C:\Users\W\AppData\Roaming\yoEkQGCvR.exe <==== ATTENTION
Task: {CAC75CC4-1EB1-4715-B7E2-0F8FCA81B8A1} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5_user => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-5.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {CE15DCDB-CC54-4679-9495-4EBB0F2D23F2} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-3.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {E39B3756-0453-48EE-B2EC-008A9F489B7C} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-5.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {E97C27E8-E234-4861-9403-255A4102469E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {F2DB8D18-1046-4080-BC54-C92CCD6A9111} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-05-17] (Adobe Systems Incorporated)
Task: {F8AC7E3A-D8D6-4A9A-B65E-474B979CB90C} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-1-7.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-10_user.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5_user.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\yoEkQGCvR.job => C:\Users\W\AppData\Roaming\yoEkQGCvR.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-04-04 13:04 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-02 17:18 - 2015-06-02 17:18 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-04-04 13:24 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-25 13:54 - 2015-06-25 13:53 - 01649272 _____ () C:\Program Files (x86)\Opera\30.0.1835.88\libglesv2.dll
2015-06-25 13:54 - 2015-06-25 13:53 - 00081016 _____ () C:\Program Files (x86)\Opera\30.0.1835.88\libegl.dll
2015-05-17 13:05 - 2015-05-17 13:05 - 14982320 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_188.dll
2015-07-09 12:38 - 2015-07-09 12:38 - 00306176 _____ () C:\Users\W\AppData\Roaming\.minecraft\versions\1.8.3-OptiFine_HD_U_B1\1.8.3-OptiFine_HD_U_B1-natives-364981018160\lwjgl.dll
2015-07-09 12:38 - 2015-07-09 12:38 - 00246332 _____ () C:\Users\W\AppData\Roaming\.minecraft\versions\1.8.3-OptiFine_HD_U_B1\1.8.3-OptiFine_HD_U_B1-natives-364981018160\avutil-ttv-51.dll
2015-07-09 12:38 - 2015-07-09 12:38 - 00113171 _____ () C:\Users\W\AppData\Roaming\.minecraft\versions\1.8.3-OptiFine_HD_U_B1\1.8.3-OptiFine_HD_U_B1-natives-364981018160\swresample-ttv-0.dll
2015-07-09 12:38 - 2015-07-09 12:38 - 00394810 _____ () C:\Users\W\AppData\Roaming\.minecraft\versions\1.8.3-OptiFine_HD_U_B1\1.8.3-OptiFine_HD_U_B1-natives-364981018160\libmp3lame-ttv.dll
2015-07-09 12:38 - 2015-07-09 12:38 - 01145344 _____ () C:\Users\W\AppData\Roaming\.minecraft\versions\1.8.3-OptiFine_HD_U_B1\1.8.3-OptiFine_HD_U_B1-natives-364981018160\twitchsdk.dll
2015-07-09 12:38 - 2015-07-09 12:38 - 00390144 _____ () C:\Users\W\AppData\Roaming\.minecraft\versions\1.8.3-OptiFine_HD_U_B1\1.8.3-OptiFine_HD_U_B1-natives-364981018160\OpenAL32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\W\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{312799A6-959D-4325-BB00-BE112D69F18E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E32EEF6F-CFAA-4BD2-A57B-865487D2AF3E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{19C45C39-8E68-4744-BC38-521CB79C5EE8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0EE25737-45CD-47CC-A69D-4938514AE4D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F6017EA0-477C-4986-AE6C-3FBB6D5CDCA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{648057DD-F3FD-4DB2-B01C-4BC98CCC93F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{92895859-7AFE-41B1-9621-058DD6A711BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{353DEE53-90FB-42A1-A0B7-7A9A673372FC}] => (Allow) C:\Users\W\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C2A2E3F2-BEE7-4474-B475-F047B056EB3C}] => (Allow) C:\Users\W\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5488F1DC-3DF5-4D6C-992E-4CBB6DAE7A49}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A1F3785-5281-4086-9711-EBEDEFE2CF24}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ECA90BF9-2344-491B-A98D-520549D0F880}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0D740854-58EF-4CEB-B247-1D32EBFCAE11}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{4BC1D4E0-16A8-4491-A014-CD0CF9C1409A}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{FF438CFF-863E-47F3-A21C-E1FA64D5FEE2}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{DE013E78-6633-4AD7-93B5-8A34888CB355}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{5B7C3790-984C-4C2F-B6F5-1BA7254498BE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{30B2E29D-8211-46E2-9136-AB4142BAC3CE}] => (Allow) D:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat
FirewallRules: [{E6247543-466A-4C58-8BCC-6C4076813910}] => (Allow) D:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat
FirewallRules: [TCP Query User{0B7FE6A1-EED1-4066-AEFB-74743AD485E6}C:\users\w\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\w\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{17CCA565-1F63-448A-84C6-837941B39A0D}C:\users\w\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\w\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{553E23A8-0A86-4C64-98FD-AC101C18AF76}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe
FirewallRules: [{89898C3B-2650-4B3B-BFCB-38E6F5E8E558}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe
FirewallRules: [{72ED80F4-150B-41BB-988D-E6E340FBD162}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Multi-Player\runme.exe
FirewallRules: [{8533253C-0E07-4FB4-B0CD-20DD044BC42A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Multi-Player\runme.exe
FirewallRules: [TCP Query User{7BEC55D9-D3DD-4602-A5D5-A6447DB0B4DC}D:\program files (x86)\steam\steamapps\common\dark messiah might and magic multi-player\mm.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dark messiah might and magic multi-player\mm.exe
FirewallRules: [UDP Query User{A4A33F48-8924-4E7B-9D7B-3F25DCF821D6}D:\program files (x86)\steam\steamapps\common\dark messiah might and magic multi-player\mm.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dark messiah might and magic multi-player\mm.exe
FirewallRules: [{C48EC9C0-D2C3-4EC1-BC99-25160E4730D5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{8BF38007-5787-4151-855D-2014A7933DED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{B77F02DE-910A-49A7-897F-C816B9E60581}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{4D639B25-D46F-4B6A-87E1-C1A2782B9BFC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{02C69B51-1203-42E2-994A-64680BE4EC12}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{A04360E8-6BCA-4E6D-ABE9-0CD28382C41A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{E583D1C2-F667-42B9-9C23-8F990D736306}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{C47FAC96-74A4-491E-A017-93F7B37186C8}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{49901500-A5BE-40F9-9AAF-A2B96FB9139F}] => (Allow) D:\Games\Assassin's Creed IV - Black Flag\AC4BFSP.exe
FirewallRules: [{92D6DB4A-D131-478A-8A7B-2FFBD9892420}] => (Allow) D:\Games\Assassin's Creed IV - Black Flag\AC4BFSP.exe
FirewallRules: [TCP Query User{E24F52B4-1B56-4E9F-88FE-EDBEF21371D3}D:\program files (x86)\ii wojna światowa\hoipol.exe] => (Allow) D:\program files (x86)\ii wojna światowa\hoipol.exe
FirewallRules: [UDP Query User{D1862166-3BE8-4EB7-A7E0-51ECDACE80F9}D:\program files (x86)\ii wojna światowa\hoipol.exe] => (Allow) D:\program files (x86)\ii wojna światowa\hoipol.exe
FirewallRules: [TCP Query User{765040F3-FF57-42F2-9F75-73DAA6D488D5}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{A506F031-6038-4FAA-B428-8987CA561967}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{7A3F0F63-38CD-4AC0-A451-14D1E867CB75}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8B8FFE0E-49DA-4D53-A1E9-975DD5B71113}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{DC112141-811A-42AA-9B19-BF1D32877DBC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{54F5FB4A-3D39-4B2B-AF18-610A0566867B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4A7DC2D0-0311-4E08-8FE7-04C836D1C8E8}] => (Allow) C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat
FirewallRules: [{9AD0D767-9FEA-4E69-9714-2172C3D8D38B}] => (Allow) C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat
FirewallRules: [{1A9F0DC8-0319-45CE-8F2F-1F1A4B444178}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{08B3A8B7-F76B-4CF3-9A6C-5B01B364BA43}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{F5A833DE-D5A1-4436-8787-C08CC24E91E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2015 00:33:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 00:33:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be
Nazwa modułu powodującego błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000004e920f
Identyfikator procesu powodującego błąd: 0x9f8
Godzina uruchomienia aplikacji powodującej błąd: 0xNvStreamNetworkService.exe0
Ścieżka aplikacji powodującej błąd: NvStreamNetworkService.exe1
Ścieżka modułu powodującego błąd: NvStreamNetworkService.exe2
Identyfikator raportu: NvStreamNetworkService.exe3

Error: (07/09/2015 00:32:39 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (07/09/2015 00:32:39 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 
0x800401F9

Error: (07/09/2015 00:30:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]

Error: (07/09/2015 08:56:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 08:55:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be
Nazwa modułu powodującego błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000004e920f
Identyfikator procesu powodującego błąd: 0x9bc
Godzina uruchomienia aplikacji powodującej błąd: 0xNvStreamNetworkService.exe0
Ścieżka aplikacji powodującej błąd: NvStreamNetworkService.exe1
Ścieżka modułu powodującego błąd: NvStreamNetworkService.exe2
Identyfikator raportu: NvStreamNetworkService.exe3

Error: (07/09/2015 08:55:30 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (07/09/2015 08:55:29 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 
0x800401F9

Error: (07/08/2015 06:38:23 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]


System errors:
=============
Error: (07/07/2015 00:07:56 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff80002ef5ae1, 0xfffff880031dc608, 0xfffff880031dbe60)C:\Windows\MEMORY.DMP070715-24195-01

Error: (07/07/2015 00:07:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 12:05:38 na ‎2015-‎07-‎07 było nieoczekiwane.

Error: (07/07/2015 00:03:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 21:13:23 na ‎2015-‎07-‎06 było nieoczekiwane.

Error: (07/04/2015 05:23:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 17:21:35 na ‎2015-‎07-‎04 było nieoczekiwane.

Error: (07/03/2015 04:17:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (06/29/2015 05:46:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 17:42:29 na ‎2015-‎06-‎29 było nieoczekiwane.

Error: (06/29/2015 01:51:12 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007f (0x0000000000000008, 0x0000000080050031, 0x00000000000006f8, 0xfffff80002f0ffbc)C:\Windows\MEMORY.DMP062915-26379-01

Error: (06/29/2015 01:51:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 13:49:33 na ‎2015-‎06-‎29 było nieoczekiwane.

Error: (06/29/2015 00:12:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 10:28:45 na ‎2015-‎06-‎29 było nieoczekiwane.

Error: (06/29/2015 09:18:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 18:48:24 na ‎2015-‎06-‎28 było nieoczekiwane.


Microsoft Office:
=========================
Error: (07/09/2015 00:33:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 00:33:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f9f801d0ba329be0da80C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exedf65eac0-2625-11e5-b9f1-001e90021611

Error: (07/09/2015 00:32:39 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (07/09/2015 00:32:39 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (07/09/2015 00:30:20 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]

Error: (07/09/2015 08:56:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 08:55:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f9bc01d0ba1445214180C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe8954d1a0-2607-11e5-ba63-001e90021611

Error: (07/09/2015 08:55:30 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (07/09/2015 08:55:29 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (07/08/2015 06:38:23 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]


CodeIntegrity Errors:
===================================
  Date: 2015-07-09 12:32:37.203
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-09 10:19:29.253
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-09 09:34:09.384
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-09 09:10:19.855
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-09 08:55:27.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-08 10:25:30.290
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-08 09:49:45.582
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-04-08 14:05:14.368
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\watchdog.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-08 14:05:14.321
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\watchdog.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-08 14:05:12.262
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\watchdog.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
Percentage of memory in use: 88%
Total physical RAM: 2046.48 MB
Available physical RAM: 230.39 MB
Total Virtual: 4092.95 MB
Available Virtual: 981.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:78.17 GB) (Free:35.43 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:212.03 GB) (Free:119.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=212 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=78.2 GB) - (Type=07 NTFS)

==================== End of log ============================

 

 

Shortcut:

 

 

Users shortcut scan result (x64) Version:05-07-2015
Ran by W at 2015-07-09 13:09:11
Running from C:\Users\W\Desktop\Pobrane
Boot Mode: Normal
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files (x86)\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Instrukcja do gry.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\Instrukcja.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\README.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\ReadMe\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Zagraj w GTA San Andreas.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband\Mount&Blade Warband.lnk -> D:\Program Files (x86)\Mount&Blade Warband\mb_warband.exe (Taleworlds Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband\Uninstall.lnk -> D:\Program Files (x86)\Mount&Blade Warband\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\SkyDrive Pro 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\grv_icons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Wyślij do programu OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Centrum przekazywania pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Database Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\dbcicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Dziennik telemetryczny dla pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmclienticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Menedżer nagrywania programu Lync.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Preferencje językowe pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\sscicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Telemetryczny pulpit nawigacyjny dla pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmadminicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe (Tim Kosse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Bitwa o Śródziemie™ II.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\lotrbfme2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Edytor gry Bitwa o Śródziemie™ II.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\WorldBuilder.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Pomoc techniczna.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\Support\European Help Files\EA_Help_Select.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Przeczytaj.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\Support\pl\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Usuń Bitwa o Śródziemie™ II.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\eauninstall.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\AutoIt Help File.lnk -> C:\Program Files (x86)\AutoIt3\AutoIt.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\AutoIt Window Info (x64).lnk -> C:\Program Files (x86)\AutoIt3\Au3Info_x64.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\AutoIt Window Info (x86).lnk -> C:\Program Files (x86)\AutoIt3\Au3Info.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Compile Script to .exe (x64).lnk -> C:\Program Files (x86)\AutoIt3\Aut2Exe\Aut2exe_x64.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Compile Script to .exe (x86).lnk -> C:\Program Files (x86)\AutoIt3\Aut2Exe\Aut2exe.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Examples.lnk -> C:\Program Files (x86)\AutoIt3\Examples ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Run Script (x64).lnk -> C:\Program Files (x86)\AutoIt3\AutoIt3_x64.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Run Script (x86).lnk -> C:\Program Files (x86)\AutoIt3\AutoIt3.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\SciTE Script Editor.lnk -> C:\Program Files (x86)\AutoIt3\SciTE\SciTE.exe (Neil Hodgson [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\AutoIt v3 Website.lnk -> C:\Program Files (x86)\AutoIt3\AutoIt v3 Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\Browse Extras.lnk -> C:\Program Files (x86)\AutoIt3\Extras ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\AutoItX\AutoItX Help File.lnk -> C:\Program Files (x86)\AutoIt3\AutoItX\AutoItX.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\AutoItX\VBScript Examples.lnk -> C:\Program Files (x86)\AutoIt3\AutoItX\ActiveX\VBScript (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Assassin's Creed IV - Black Flag.lnk -> D:\Games\Assassin's Creed IV - Black Flag\Launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Manual.lnk -> D:\Games\Assassin's Creed IV - Black Flag\Support\Manual\English\AssassinsCreed.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Uninstall.lnk -> D:\Games\Assassin's Creed IV - Black Flag\Uninstall\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B5FECD24-66DE-45BF-9958-CAD1680E8A44}\PlayTasks\0\Launch.lnk -> D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B35AA340-6BB6-4E8D-9B6F-8CB69AAF64BA}\PlayTasks\2\Pomoc EA.lnk -> D:\Program Files (x86)\Electronic Arts\SPORE\Support\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{0890289A-B5B2-4D76-9B15-204E744285B7}\PlayTasks\1\Manual.lnk -> D:\Program Files (x86)\Kalypso Media\Tropico 4\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{0890289A-B5B2-4D76-9B15-204E744285B7}\PlayTasks\0\Play.lnk -> D:\Program Files (x86)\Kalypso Media\Tropico 4\Tropico4.exe (Haemimont Games)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\W\Links\Desktop.lnk -> C:\Users\W\Desktop ()
Shortcut: C:\Users\W\Links\Downloads.lnk -> C:\Users\W\Downloads ()
Shortcut: C:\Users\W\Desktop\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\W\Desktop\Programy\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\W\Desktop\Programy\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\W\Desktop\Programy\CPUID CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\Users\W\Desktop\Programy\CPUID HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\Users\W\Desktop\Programy\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\W\Desktop\Programy\FileZilla Client.lnk -> C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\Users\W\Desktop\Programy\GameRanger.lnk -> C:\Users\W\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
Shortcut: C:\Users\W\Desktop\Programy\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation)
Shortcut: C:\Users\W\Desktop\Programy\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO [email protected])
Shortcut: C:\Users\W\Desktop\Programy\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()
Shortcut: C:\Users\W\Desktop\Programy\Steam.lnk -> D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\W\Desktop\Programy\TeamSpeak 3 Client.lnk -> C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\W\Desktop\Programy\WorldPainter.lnk -> C:\Program Files (x86)\WorldPainter\worldpainter.exe (No File)
Shortcut: C:\Users\W\Desktop\Programy\µTorrent.lnk -> C:\Users\W\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\W\Desktop\Gry\Assassin's Creed IV - Black Flag.lnk -> D:\Games\Assassin's Creed IV - Black Flag\Launcher.exe ()
Shortcut: C:\Users\W\Desktop\Gry\Bitwa o Śródziemie™ II.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\lotrbfme2.exe ()
Shortcut: C:\Users\W\Desktop\Gry\GTA San Andreas.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe ()
Shortcut: C:\Users\W\Desktop\Gry\II Wojna Światowa PL.lnk -> D:\Program Files (x86)\II Wojna Światowa\RunPOL.exe (No File)
Shortcut: C:\Users\W\Desktop\Gry\LEGO MARVEL Super Heroes.lnk -> D:\Program Files (x86)\LEGO MARVEL Super Heroes\LEGOMARVEL.exe (Warner Bros. Interactive Entertainment)
Shortcut: C:\Users\W\Desktop\Gry\Skyrim (SKSE).lnk -> D:\Program Files (x86)\Steam\steamapps\common\Skyrim\skse_loader.exe ()
Shortcut: C:\Users\W\Desktop\Gry\Spore.lnk -> D:\Program Files (x86)\Electronic Arts\SPORE\Sporebin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\Users\W\Desktop\Gry\Tropico 5.lnk -> C:\Program Files (x86)\Tropico 5\Tropico5.exe (No File)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk -> C:\Users\W\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\W\AppData\Local\Microsoft\Windows\GameExplorer\{9D8A796B-A079-4E8B-85D8-1F3CC31665B0}\PlayTasks\0\Zagraj.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\lotrbfme2.exe ()
Shortcut: C:\Users\W\AppData\Local\Microsoft\Windows\GameExplorer\{746969F7-8048-4B97-AFAF-7C45EEDDE215}\PlayTasks\0\Zagraj.lnk -> D:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Multi-Player\mm.exe ()
Shortcut: C:\Users\W\AppData\Local\Microsoft\Windows\GameExplorer\{0786586D-D09B-4FD2-9328-C977F9D1DDE7}\PlayTasks\0\Zagraj.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe ()




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Odinstaluj GTA San Andreas.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe () ->  /design 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {80EE9168-BB59-4F87-BF1A-57C137EAF714} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Rejestracja elektroniczna.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\Support\EReg.exe (Electronic Arts Inc.) -> "lotrbfme2.exe"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Szukaj uaktualnień.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\lotrbfme2.exe () -> GrabPatches
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Check For Updates.lnk -> C:\Program Files (x86)\AutoIt3\AutoIt3.exe (AutoIt Team) -> "C:\Program Files (x86)\AutoIt3\Extras\AutoUpdateIt\AutoUpdateIt.au3"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{B35AA340-6BB6-4E8D-9B6F-8CB69AAF64BA}\PlayTasks\0\SPORE™.lnk -> D:\Program Files (x86)\Electronic Arts\SPORE\Sporebin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) ->  -locale:pl-pl
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\W\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\W\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Register Online.url -> hxxp://www.rockstargames.com/register/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Rockstar Games.url -> hxxp://www.rockstargames.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Rockstar North Ltd.url -> hxxp://www.RockstarNorth.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Linki\Cenega Poland.url -> hxxp://www.cenega.pl
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Linki\Kompania Graczy.url -> hxxp://www.cenega.pl/klub
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Linki\Pomoc techniczna.url -> hxxp://www.cenega.pl/pomoc
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Linki\Sklep internetowy.url -> hxxp://www.cenega.pl/sklep
InternetURL: C:\Users\W\Favorites\Links for Polska\Bezpieczeństwo w trybie online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=142211
InternetURL: C:\Users\W\Favorites\Links for Polska\Bezpieczny Internet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129626
InternetURL: C:\Users\W\Favorites\Links for Polska\Kultura.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129625
InternetURL: C:\Users\W\Favorites\Links for Polska\Pogodynka.pl — oficjalny serwis pogodowy IMGW.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129624
InternetURL: C:\Users\W\Favorites\Links for Polska\Polska.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129622
InternetURL: C:\Users\W\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\W\Favorites\Links\Sugerowane witryny.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\W\Desktop\Gry\Dead Island.url -> steam://rungameid/91310
InternetURL: C:\Users\W\Desktop\Gry\Heroes & Generals.url -> steam://rungameid/227940
InternetURL: C:\Users\W\Desktop\Gry\Robocraft.url -> steam://rungameid/301520
InternetURL: C:\Users\W\Desktop\Gry\The Forest.url -> steam://rungameid/242760

==================== End of log =============================

 

 

 

 

Proszę o pomoc i odpowiedź na powyższe pytanie... Z góry dziękuję.

ps. Program, który najprawdopodobniej wywołuje te reklamy nazywa się Gohd, jest w panelu sterowania ale nie da się go odinstalować w żaden sposób...

 

[Aranthor]

Zapisz poniższą zawartość do pliku fixlist.txt znajdującego się w tym samym folderze co FRST, po czym uruchom narzędzie i wciśnij przycisk fix.

globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION

Po tym zabiegu będzie można odinstalować przez panel sterowania adware, które było ukryte. Teraz czas na właściwe czyszczenie.

Odinstaluj:

• globalupdate Helper,
• GoHD (jeśli się nie da, pomiń).

Następnie zapisz zawartość tej strony do nowego pliku fixlist.txt. Dalej już wiesz co robić. Po zakończeniu czyszczenia udostępnij plik fixlog.txt oraz nowy komplet logów.

 

 

czy gdybym zrobił mu osobne konto (windows 7) a on by tam sobie instalował te surfvoxy i inne g***a to czy przeniosło by się to również na moje konto, czy tylko u niego byłyby te reklamy?

Jest duże prawdopodobieństwo, że wszystko lub przynajmniej część byłaby również na innych kontach.

 

 

PS. Zauważyłem, że wystąpiły u ciebie BSODy. Gdybyś chciał poznać ich przyczynę, załóż nowy temat i dołącz do niego pliki z folderu C:\Windows\Minidump.

[MR.ZiomuuSs]

Co to są BSODy? Nigdy się nie spotkałem z takim pojęciem. Oto logi:

 

 

Fixlog:

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by W at 2015-07-10 09:06:02 Run:2
Running from C:\Users\W\Desktop
Loaded Profiles: W (Available Profiles: W)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\MountPoints2: J - J:\autorun.exe
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\MountPoints2: {0893d637-e4fb-11e4-b51a-001e90021611} - J:\Install.exe
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\MountPoints2: {5a3f2e49-0850-11e5-a21d-001e90021611} - M:\Autorun.exe
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\MountPoints2: {843e5ed7-ef33-11e4-b7ac-001e90021611} - L:\setup.exe
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\MountPoints2: {d69758f6-ddfe-11e4-a3d4-001e90021611} - M:\Autorun.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB&q={searchTerms}
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3457423968-916553893-2173699218-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3457423968-916553893-2173699218-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3457423968-916553893-2173699218-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3457423968-916553893-2173699218-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3457423968-916553893-2173699218-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-05-20] (Thinknice Co. Limited)
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-05-20] (Thinknice Co. Limited)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: delta-homes
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1428157894&from=squadm&uid=395049983_397233_88287CEB
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF SearchPlugin: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\searchplugins\delta-homes.xml [2015-06-29]
FF Extension: csscoveragespaghetticoderorg - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] [2015-04-08]
FF Extension: QuickSearch - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] [2015-05-20]
FF Extension: Search Enginer - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] [2015-04-04]
FF Extension: Default SearchProtected  - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] [2015-06-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\extensions\[email protected]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR DefaultSearchURL: Default -> http://search.delta-homes.com/web/?type=ds&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB&q={searchTerms}
CHR Extension: (GoHD) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-07-08]
CHR Extension: (nflehelhgpjjhfiigceaplnmgiblnclo) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\nflehelhgpjjhfiigceaplnmgiblnclo [2015-04-08]
OPR Extension: (GoHD) - C:\Users\W\AppData\Roaming\Opera Software\Opera Stable\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-07-08]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-08] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-08] (globalUpdate) [File not signed] <==== ATTENTION
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [157824 2015-05-20] (XTab system)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [602112 2015-05-20] (Windows SysTool) [File not signed] <==== ATTENTION
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
Task: {347556B8-6B97-42B7-A8AF-C6FAEF899BA5} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-08] (globalUpdate) <==== ATTENTION
Task: {3B6EBC4B-36EC-47BC-B196-B6E15E6CA735} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-08] (globalUpdate) <==== ATTENTION
Task: {60A97DEB-2C5C-476D-8691-D15425D6A4D3} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-10_user => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-10.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {68575C5C-60F2-43A2-B5DB-B96BA5D8E7FA} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-1-6.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {8C02E926-E2FF-429C-A175-774E8994E13F} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-11.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {9F53F466-7BD7-4AE8-9D13-5652BEA517FB} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-6.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {AD0802A2-4B52-461C-80F2-733E7349E691} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-7.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {C2D2CE3B-7C75-44D1-BEF1-9CF056B50771} - System32\Tasks\yoEkQGCvR => C:\Users\W\AppData\Roaming\yoEkQGCvR.exe <==== ATTENTION
Task: {CAC75CC4-1EB1-4715-B7E2-0F8FCA81B8A1} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5_user => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-5.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {CE15DCDB-CC54-4679-9495-4EBB0F2D23F2} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-3.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {E39B3756-0453-48EE-B2EC-008A9F489B7C} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-5.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: {F8AC7E3A-D8D6-4A9A-B65E-474B979CB90C} - System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7 => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-1-7.exe [2015-07-08] (InstallMoon) <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-10_user.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5_user.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7.job => C:\Program Files (x86)\GoHD\57baac5e-0bfc-427d-abf1-e855ada48942-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\yoEkQGCvR.job => C:\Users\W\AppData\Roaming\yoEkQGCvR.exe <==== ATTENTION

2015-07-08 10:45 - 2015-07-09 12:48 - 00005476 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6.job
2015-07-08 10:45 - 2015-07-09 12:48 - 00003096 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6.job
2015-07-08 10:45 - 2015-07-09 12:33 - 00005140 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7.job
2015-07-08 10:45 - 2015-07-09 12:33 - 00003096 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7.job
2015-07-08 10:45 - 2015-07-09 12:33 - 00002404 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5_user.job
2015-07-08 10:45 - 2015-07-09 12:33 - 00002404 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5.job
2015-07-08 10:45 - 2015-07-08 10:45 - 00008504 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6
2015-07-08 10:45 - 2015-07-08 10:45 - 00008170 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7
2015-07-08 10:45 - 2015-07-08 10:45 - 00006126 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7
2015-07-08 10:45 - 2015-07-08 10:45 - 00006124 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6
2015-07-08 10:45 - 2015-07-08 10:45 - 00005434 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5
2015-07-08 10:45 - 2015-07-08 10:45 - 00000000 ____D C:\Program Files (x86)\02fe8cc0-b655-4551-b8ca-c1d81345005d
2015-07-08 10:44 - 2015-07-09 12:48 - 00002070 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-10_user.job
2015-07-08 10:44 - 2015-07-09 12:33 - 00004452 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3.job
2015-07-08 10:44 - 2015-07-09 12:32 - 00005142 _____ C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11.job
2015-07-08 10:44 - 2015-07-08 10:45 - 00000000 ____D C:\Program Files (x86)\GoHD
2015-07-08 10:44 - 2015-07-08 10:44 - 00008172 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11
2015-07-08 10:44 - 2015-07-08 10:44 - 00007482 _____ C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3
2015-07-08 10:40 - 2015-07-09 12:33 - 00000974 _____ C:\Windows\Tasks\yoEkQGCvR.job
2015-07-08 10:40 - 2015-07-08 10:40 - 00003996 _____ C:\Windows\System32\Tasks\yoEkQGCvR
2015-07-08 10:38 - 2015-07-09 12:32 - 00000926 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-07-08 10:38 - 2015-07-09 12:32 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-08 10:38 - 2015-07-09 10:49 - 00000930 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-07-08 10:38 - 2015-07-08 10:44 - 00003928 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-07-08 10:38 - 2015-07-08 10:44 - 00003674 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
C:\Program Files (x86)\globalUpdate
C:\Program Files (x86)\XTab
C:\ProgramData\WindowsMangerProtect

CMD: dir /a "C:\Program Files"
CMD: dir /a "C:\Program Files (x86)"
CMD: dir /a C:\ProgramData
CMD: dir /a C:\Users\W\AppData\
CMD: dir /a C:\Users\W\AppData\Roaming
CMD: dir /a C:\Users\W\AppData\Local
EmptyTemp:
*****************

Processes closed successfully.
"HKU\S-1-5-21-3457423968-916553893-2173699218-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J" => key removed successfully
"HKU\S-1-5-21-3457423968-916553893-2173699218-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0893d637-e4fb-11e4-b51a-001e90021611}" => key removed successfully
HKCR\CLSID\{0893d637-e4fb-11e4-b51a-001e90021611} => key not found. 
"HKU\S-1-5-21-3457423968-916553893-2173699218-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a3f2e49-0850-11e5-a21d-001e90021611}" => key removed successfully
HKCR\CLSID\{5a3f2e49-0850-11e5-a21d-001e90021611} => key not found. 
"HKU\S-1-5-21-3457423968-916553893-2173699218-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{843e5ed7-ef33-11e4-b7ac-001e90021611}" => key removed successfully
HKCR\CLSID\{843e5ed7-ef33-11e4-b7ac-001e90021611} => key not found. 
"HKU\S-1-5-21-3457423968-916553893-2173699218-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d69758f6-ddfe-11e4-a3d4-001e90021611}" => key removed successfully
HKCR\CLSID\{d69758f6-ddfe-11e4-a3d4-001e90021611} => key not found. 
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
HKU\S-1-5-21-3457423968-916553893-2173699218-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3457423968-916553893-2173699218-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
"HKU\S-1-5-21-3457423968-916553893-2173699218-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => key removed successfully
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found. 
"HKU\S-1-5-21-3457423968-916553893-2173699218-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found. 
"HKU\S-1-5-21-3457423968-916553893-2173699218-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => key removed successfully
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}" => key removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
Firefox newtab removed successfully
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox homepage removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\searchplugins\delta-homes.xml => moved successfully.
C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] => moved successfully.
C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] => moved successfully.
C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] => moved successfully.
C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\Extensions\[email protected] => moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => value removed successfully
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
Chrome HomePage removed successfully
Chrome StartupUrls removed successfully
Chrome DefaultSearchKeyword not found.
Chrome DefaultSearchURL not found.
C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk folder not found
C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\nflehelhgpjjhfiigceaplnmgiblnclo => moved successfully.
C:\Users\W\AppData\Roaming\Opera Software\Opera Stable\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk folder not found.
globalUpdate => Service removed successfully
globalUpdatem => Service removed successfully
IHProtect Service => Service removed successfully
WindowsMangerProtect => Service removed successfully
VGPU => Service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{347556B8-6B97-42B7-A8AF-C6FAEF899BA5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347556B8-6B97-42B7-A8AF-C6FAEF899BA5}" => key removed successfully
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B6EBC4B-36EC-47BC-B196-B6E15E6CA735}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B6EBC4B-36EC-47BC-B196-B6E15E6CA735}" => key removed successfully
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60A97DEB-2C5C-476D-8691-D15425D6A4D3} => key not found. 
C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-10_user not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\57baac5e-0bfc-427d-abf1-e855ada48942-10_user => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68575C5C-60F2-43A2-B5DB-B96BA5D8E7FA} => key not found. 
C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\57baac5e-0bfc-427d-abf1-e855ada48942-1-6 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C02E926-E2FF-429C-A175-774E8994E13F} => key not found. 
C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\57baac5e-0bfc-427d-abf1-e855ada48942-11 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F53F466-7BD7-4AE8-9D13-5652BEA517FB} => key not found. 
C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\57baac5e-0bfc-427d-abf1-e855ada48942-6 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD0802A2-4B52-461C-80F2-733E7349E691} => key not found. 
C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\57baac5e-0bfc-427d-abf1-e855ada48942-7 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2D2CE3B-7C75-44D1-BEF1-9CF056B50771}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2D2CE3B-7C75-44D1-BEF1-9CF056B50771}" => key removed successfully
C:\Windows\System32\Tasks\yoEkQGCvR => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\yoEkQGCvR" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAC75CC4-1EB1-4715-B7E2-0F8FCA81B8A1} => key not found. 
C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5_user not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\57baac5e-0bfc-427d-abf1-e855ada48942-5_user => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE15DCDB-CC54-4679-9495-4EBB0F2D23F2} => key not found. 
C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\57baac5e-0bfc-427d-abf1-e855ada48942-3 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E39B3756-0453-48EE-B2EC-008A9F489B7C} => key not found. 
C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\57baac5e-0bfc-427d-abf1-e855ada48942-5 => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8AC7E3A-D8D6-4A9A-B65E-474B979CB90C} => key not found. 
C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\57baac5e-0bfc-427d-abf1-e855ada48942-1-7 => key not found. 
C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6.job not found.
C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7.job not found.
C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-10_user.job not found.
C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11.job not found.
C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3.job not found.
C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5.job not found.
C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5_user.job not found.
C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6.job not found.
C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\yoEkQGCvR.job => moved successfully.
"C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6.job" => File/Folder not found.
"C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6.job" => File/Folder not found.
"C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7.job" => File/Folder not found.
"C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7.job" => File/Folder not found.
"C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5_user.job" => File/Folder not found.
"C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5.job" => File/Folder not found.
"C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-6" => File/Folder not found.
"C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-7" => File/Folder not found.
"C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-7" => File/Folder not found.
"C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-1-6" => File/Folder not found.
"C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-5" => File/Folder not found.
"C:\Program Files (x86)\02fe8cc0-b655-4551-b8ca-c1d81345005d" => File/Folder not found.
"C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-10_user.job" => File/Folder not found.
"C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3.job" => File/Folder not found.
"C:\Windows\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11.job" => File/Folder not found.
"C:\Program Files (x86)\GoHD" => File/Folder not found.
"C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-11" => File/Folder not found.
"C:\Windows\System32\Tasks\57baac5e-0bfc-427d-abf1-e855ada48942-3" => File/Folder not found.
"C:\Windows\Tasks\yoEkQGCvR.job" => File/Folder not found.
"C:\Windows\System32\Tasks\yoEkQGCvR" => File/Folder not found.
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job" => File/Folder not found.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully.
"C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job" => File/Folder not found.
"C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA" => File/Folder not found.
"C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore" => File/Folder not found.
C:\Program Files (x86)\globalUpdate => moved successfully.
C:\Program Files (x86)\XTab => moved successfully.
C:\ProgramData\WindowsMangerProtect => moved successfully.

=========  dir /a "C:\Program Files" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 8828-7CEB

 Katalog: C:\Program Files

2015-06-28  11:25    <DIR>          .
2015-06-28  11:25    <DIR>          ..
2015-04-04  14:19    <DIR>          CCleaner
2009-07-14  05:20    <DIR>          Common Files
2015-05-05  18:05    <DIR>          CPUID
2015-04-04  13:27    <DIR>          DAEMON Tools Lite
2009-07-14  06:54               174 desktop.ini
2011-04-12  15:32    <DIR>          DVD Maker
2015-06-28  11:26    <DIR>          GIMP 2
2012-06-12  21:12    <DIR>          Internet Explorer
2011-04-12  15:32    <DIR>          Microsoft Games
2015-05-31  17:47    <DIR>          Microsoft Office
2009-07-14  07:32    <DIR>          MSBuild
2015-04-04  13:06    <DIR>          NVIDIA Corporation
2009-07-14  07:32    <DIR>          Reference Assemblies
2009-07-14  07:09    <DIR>          Uninstall Information
2011-04-12  15:21    <DIR>          Windows Defender
2012-05-20  20:50    <DIR>          Windows Journal
2011-04-12  15:21    <DIR>          Windows Mail
2011-04-12  15:21    <DIR>          Windows Media Player
2015-04-04  12:31    <DIR>          Windows NT
2011-04-12  15:21    <DIR>          Windows Photo Viewer
2010-11-21  05:31    <DIR>          Windows Portable Devices
2011-04-12  15:21    <DIR>          Windows Sidebar
2015-04-04  17:00    <DIR>          WinRAR
               1 plik(÷)                174 bajt÷
              24 katalog(÷)  38 bajt÷ wolnych

========= End of CMD: =========


=========  dir /a "C:\Program Files (x86)" =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 8828-7CEB

 Katalog: C:\Program Files (x86)

2015-07-10  09:06    <DIR>          .
2015-07-10  09:06    <DIR>          ..
2015-04-04  13:05    <DIR>          AGEIA Technologies
2015-07-10  09:02    <DIR>          Audacity
2015-06-14  17:21    <DIR>          AutoIt3
2015-05-31  17:51    <DIR>          Common Files
2009-07-14  06:54               174 desktop.ini
2015-06-01  14:03    <DIR>          Electronic Arts
2015-07-09  12:36    <DIR>          FileZilla FTP Client
2015-04-04  15:22    <DIR>          Google
2015-07-08  10:47    <DIR>          InstallShield Installation Information
2012-06-12  21:12    <DIR>          Internet Explorer
2015-04-29  15:35    <DIR>          Java
2015-05-31  17:48    <DIR>          Microsoft Analysis Services
2015-05-31  17:50    <DIR>          Microsoft Office
2015-05-31  17:51    <DIR>          Microsoft SQL Server
2015-05-31  17:51    <DIR>          Microsoft.NET
2015-06-29  09:22    <DIR>          Mozilla Firefox
2009-07-14  07:32    <DIR>          MSBuild
2015-04-23  13:00    <DIR>          Notepad++
2015-04-04  13:06    <DIR>          NVIDIA Corporation
2015-06-25  13:54    <DIR>          Opera
2009-07-14  07:32    <DIR>          Reference Assemblies
2015-06-30  15:26    <DIR>          Rockstar Games
2015-04-04  12:49    <DIR>          Skype
2015-06-17  14:40    <DIR>          TeamSpeak 3 Client
2009-07-14  06:57    <DIR>          Uninstall Information
2011-04-12  15:21    <DIR>          Windows Defender
2011-04-12  15:21    <DIR>          Windows Mail
2011-04-12  15:21    <DIR>          Windows Media Player
2009-07-14  07:32    <DIR>          Windows NT
2011-04-12  15:21    <DIR>          Windows Photo Viewer
2010-11-21  05:31    <DIR>          Windows Portable Devices
2011-04-12  15:21    <DIR>          Windows Sidebar
               1 plik(÷)                174 bajt÷
              33 katalog(÷)  38 bajt÷ wolnych

========= End of CMD: =========


=========  dir /a C:\ProgramData =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 8828-7CEB

 Katalog: C:\ProgramData

2015-07-10  09:06    <DIR>          .
2015-07-10  09:06    <DIR>          ..
2009-07-14  07:08    <JUNCTION>     Application Data [C:\ProgramData]
2015-04-04  13:25    <DIR>          DAEMON Tools Lite
2015-04-04  12:31    <JUNCTION>     Dane aplikacji [C:\ProgramData]
2009-07-14  07:08    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
2009-07-14  07:08    <JUNCTION>     Documents [C:\Users\Public\Documents]
2015-04-04  12:31    <JUNCTION>     Dokumenty [C:\Users\Public\Documents]
2009-07-14  07:08    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
2015-04-04  16:32    <DIR>          IHProtectUpDate
2015-05-08  14:49    <DIR>          LogMeIn
2015-04-04  12:31    <JUNCTION>     Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu]
2015-05-31  17:48    <DIR>          Microsoft
2015-05-31  17:54    <DIR>          Microsoft Help
2015-04-04  13:46    <DIR>          Mozilla
2015-07-10  08:48    <DIR>          NVIDIA
2015-04-04  13:20    <DIR>          NVIDIA Corporation
2015-04-29  15:37    <DIR>          Oracle
2015-05-01  15:48    <DIR>          Orbit
2015-04-04  12:31    <JUNCTION>     Pulpit [C:\Users\Public\Desktop]
2015-05-31  17:51    <DIR>          regid.1991-06.com.microsoft
2015-06-09  14:09    <DIR>          Skype
2009-07-14  07:08    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
2015-04-04  12:48    <DIR>          Sun
2015-04-04  12:31    <JUNCTION>     Szablony [C:\ProgramData\Microsoft\Windows\Templates]
2009-07-14  07:08    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
2015-04-04  12:31    <JUNCTION>     Ulubione [C:\Users\Public\Favorites]
               0 plik(÷)                  0 bajt÷
              27 katalog(÷)  38 bajt÷ wolnych

========= End of CMD: =========


=========  dir /a C:\Users\W\AppData\ =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 8828-7CEB

 Katalog: C:\Users\W\AppData

2015-07-06  12:50    <DIR>          .
2015-07-06  12:50    <DIR>          ..
2015-07-10  09:03    <DIR>          Local
2015-04-29  16:57    <DIR>          LocalLow
2015-07-09  12:41    <DIR>          Roaming
               0 plik(÷)                  0 bajt÷
               5 katalog(÷)  38 bajt÷ wolnych

========= End of CMD: =========


=========  dir /a C:\Users\W\AppData\Roaming =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 8828-7CEB

 Katalog: C:\Users\W\AppData\Roaming

2015-07-09  12:41    <DIR>          .
2015-07-09  12:41    <DIR>          ..
2015-07-10  08:47    <DIR>          .minecraft
2015-04-04  15:12    <DIR>          Adobe
2015-06-10  17:56    <DIR>          Audacity
2015-04-08  17:14    <DIR>          DAEMON Tools Lite
2015-07-10  08:42    <DIR>          FileZilla
2015-04-04  14:14    <DIR>          GameRanger
2015-04-29  16:05    <DIR>          HeroesAndGeneralsDesktop
2015-04-04  14:04    <DIR>          java
2015-04-04  15:12    <DIR>          Macromedia
2015-07-06  12:49    <DIR>          Microsoft
2015-06-10  18:33    <DIR>          Moje pliki Bitwy o زäziemiet II
2015-04-17  17:16    <DIR>          Mount&Blade Warband
2015-04-04  13:46    <DIR>          Mozilla
2015-04-23  13:04    <DIR>          Notepad++
2015-04-29  16:21    <DIR>          NVIDIA
2015-04-04  12:35    <DIR>          Opera Software
2015-05-23  14:07    <DIR>          SecuROM
2015-07-01  15:30    <DIR>          Skype
2015-05-23  14:14    <DIR>          SPORE
2015-05-08  15:14    <DIR>          Tropico 4
2015-07-05  14:29    <DIR>          TS3Client
2015-07-05  16:26    <DIR>          uTorrent
2015-07-05  16:36    <DIR>          Warner Bros. Interactive Entertainment
2015-04-05  18:27    <DIR>          WinRAR
               0 plik(÷)                  0 bajt÷
              26 katalog(÷)  38 bajt÷ wolnych

========= End of CMD: =========


=========  dir /a C:\Users\W\AppData\Local =========

 Wolumin w stacji C nie ma etykiety.
 Numer seryjny woluminu: 8828-7CEB

 Katalog: C:\Users\W\AppData\Local

2015-07-10  09:03    <DIR>          .
2015-07-10  09:03    <DIR>          ..
2015-06-09  13:23    <DIR>          Adobe
2015-06-14  17:53    <DIR>          AutoIt v3
2015-07-09  15:03    <DIR>          CrashDumps
2015-04-04  12:32    <JUNCTION>     Dane aplikacji [C:\Users\W\AppData\Local]
2015-07-05  16:36    <DIR>          EMU
2015-05-05  18:08    <DIR>          eSupport.com
2015-06-26  11:07    <DIR>          fontconfig
2015-06-01  14:01           111 GDIPFONTCACHEV1.DAT
2015-06-26  11:07    <DIR>          gegl-0.2
2015-04-04  16:35    <DIR>          globalUpdate
2015-04-04  15:24    <DIR>          Google
2015-06-28  11:39    <DIR>          gtk-2.0
2015-04-04  12:32    <JUNCTION>     Historia [C:\Users\W\AppData\Local\Microsoft\Windows\History]
2015-07-09  16:19         1 IconCache.db
2015-05-08  14:49    <DIR>          LogMeIn
2015-04-04  17:21    <DIR>          Macromedia
2015-05-31  17:56    <DIR>          Microsoft
2015-04-18  18:49    <DIR>          Microsoft Games
2015-05-31  17:48    <DIR>          Microsoft Help
2015-04-04  13:46    <DIR>          Mozilla
2015-04-04  13:22    <DIR>          NVIDIA
2015-04-04  13:26    <DIR>          NVIDIA Corporation
2015-04-04  12:35    <DIR>          Opera Software
2015-04-04  13:27    <DIR>          Programs
2015-07-10  08:46               600 PUTTY.RND
2015-06-28  11:39             2 recently-used.xbel
2015-07-05  16:36             7 Resmon.ResmonCfg
2015-04-04  12:49    <DIR>          Skype
2015-04-08  16:20    <DIR>          Skyrim
2015-04-04  13:33    <DIR>          Steam
2015-07-10  09:06    <DIR>          Temp
2015-04-04  12:32    <JUNCTION>     Temporary Internet Files [C:\Users\W\AppData\Local\Microsoft\Windows\Temporary Internet Files]
2015-04-04  12:32    <DIR>          VirtualStore
               5 plik(÷)          1 bajt÷
              30 katalog(÷)  38 bajt÷ wolnych

========= End of CMD: =========

EmptyTemp: => 1.8 GB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 09:06:55 ====

 

 

FRST:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by W (administrator) on W-KOMPUTER on 10-07-2015 09:09:37
Running from C:\Users\W\Desktop
Loaded Profiles: W (Available Profiles: W)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-29] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-29] (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{062F263A-94DB-4875-A00D-82819CE37F13}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Extension: No Name - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\extensions\[email protected] [not found]
FF Extension: No Name - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\extensions\[email protected] [not found]
FF Extension: No Name - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\qmfu4wm7.default\extensions\[email protected] [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB"
CHR DefaultSearchKeyword: Default -> delta-homes
CHR DefaultSearchURL: Default -> http://search.delta-homes.com/web/?type=ds&ts=1432135408&z=2642a9a7f25c3b451f5a41bg9zdc8obg2c4w5z4e9w&from=wpm05203&uid=395049983_397233_88287CEB&q={searchTerms}
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-04]
CHR Extension: (Google Drive) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-04]
CHR Extension: (YouTube) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-04]
CHR Extension: (Google Search) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-04]
CHR Extension: (Bookmark Manager) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-29]
CHR Extension: (Google Wallet) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-04]
CHR Extension: (Gmail) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-31] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-04-29] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-04] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-03-13] (NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-10 09:09 - 2015-07-10 09:10 - 00009842 _____ C:\Users\W\Desktop\FRST.txt
2015-07-10 09:01 - 2015-07-10 09:01 - 00000000 ____D C:\Windows\system32\appmgmt
2015-07-09 13:02 - 2015-07-10 09:09 - 00000000 ____D C:\FRST
2015-07-09 13:01 - 2015-07-09 13:01 - 02112512 _____ (Farbar) C:\Users\W\Desktop\FRST64.exe
2015-07-08 11:20 - 2015-07-09 12:35 - 00000000 ____D C:\SkinPack
2015-07-08 10:36 - 2015-07-08 11:21 - 00020850 _____ C:\Users\W\Desktop\drop.sk
2015-07-08 09:56 - 2015-07-08 10:36 - 00000000 ___RD C:\Users\W\Desktop\projekty
2015-07-08 09:48 - 2015-07-08 09:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-07-08 09:48 - 2015-07-08 09:48 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2015-07-08 09:48 - 2015-07-08 09:48 - 00113543 _____ C:\Windows\SysWOW64\slmgr.vbs
2015-07-08 09:48 - 2015-07-08 09:48 - 00002048 _____ C:\Windows\SysWOW64\winver.exe
2015-07-08 09:48 - 2015-07-08 09:48 - 00001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2015-07-07 12:07 - 2015-07-07 12:07 - 00307160 _____ C:\Windows\Minidump\070715-24195-01.dmp
2015-07-05 16:36 - 2015-07-05 16:36 - 00000000 ____D C:\Users\W\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-07-05 16:36 - 2015-07-05 16:36 - 00000000 ____D C:\Users\W\AppData\Local\EMU
2015-07-05 16:33 - 2015-07-05 16:36 - 00007607 _____ C:\Users\W\AppData\Local\Resmon.ResmonCfg
2015-06-30 15:26 - 2015-06-30 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-06-30 15:26 - 2015-06-30 15:26 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-29 13:51 - 2015-06-29 13:51 - 00315048 _____ C:\Windows\Minidump\062915-26379-01.dmp
2015-06-29 09:27 - 2015-06-29 09:27 - 00000000 ____D C:\Users\W\Documents\MCEdit
2015-06-28 12:41 - 2011-11-03 21:16 - 00043806 _____ C:\Chunkster.jar
2015-06-28 11:39 - 2015-06-28 11:39 - 00002328 _____ C:\Users\W\AppData\Local\recently-used.xbel
2015-06-28 11:36 - 2015-06-28 11:39 - 00000000 ____D C:\Users\W\AppData\Local\gtk-2.0
2015-06-28 11:34 - 2015-06-28 11:34 - 00000000 ____D C:\Users\W\.thumbnails
2015-06-28 11:27 - 2015-06-28 11:27 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-06-28 11:25 - 2015-06-28 11:26 - 00000000 ____D C:\Program Files\GIMP 2
2015-06-27 10:39 - 2015-06-27 10:39 - 00303248 _____ C:\Windows\Minidump\062715-23758-01.dmp
2015-06-26 11:07 - 2015-06-28 11:40 - 00000000 ____D C:\Users\W\.gimp-2.8
2015-06-26 11:07 - 2015-06-26 11:07 - 00000000 ____D C:\Users\W\AppData\Local\gegl-0.2
2015-06-17 14:40 - 2015-06-17 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-06-14 17:53 - 2015-06-14 17:53 - 00000246 _____ C:\Users\W\SciTE.session
2015-06-14 17:53 - 2015-06-14 17:53 - 00000000 ____D C:\Users\W\AppData\Local\AutoIt v3
2015-06-14 17:21 - 2015-06-14 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2015-06-14 17:21 - 2015-06-14 17:21 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2015-06-11 16:39 - 2015-06-11 16:39 - 00000558 _____ C:\Windows\wmsetup.log
2015-06-11 16:39 - 2015-06-11 16:39 - 00000000 ____D C:\Users\W\Documents\DeadIsland
2015-06-11 16:01 - 2015-06-11 16:01 - 06477032 _____ (Tim Kosse) C:\Users\W\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-10 16:30 - 2015-06-10 17:56 - 00000000 ____D C:\Users\W\AppData\Roaming\Audacity
2015-06-10 16:30 - 2015-06-10 16:30 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-06-10 16:29 - 2015-07-10 09:02 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-06-10 16:21 - 2015-06-10 16:21 - 24210616 _____ (Audacity Team ) C:\Users\W\Downloads\audacity-win-2.1.0.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-10 09:08 - 2015-04-04 15:22 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-10 09:08 - 2015-04-04 13:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-10 09:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-10 09:08 - 2009-07-14 06:51 - 00071562 _____ C:\Windows\setupact.log
2015-07-10 09:07 - 2015-04-04 12:07 - 01097333 _____ C:\Windows\WindowsUpdate.log
2015-07-10 09:07 - 2010-11-21 05:47 - 00020308 _____ C:\Windows\PFRO.log
2015-07-10 09:06 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-10 09:06 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-10 09:00 - 2015-04-04 14:08 - 00000000 ___RD C:\Users\W\Desktop\Pobrane
2015-07-10 08:49 - 2009-07-14 07:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-10 08:47 - 2015-04-04 14:04 - 00000000 ____D C:\Users\W\AppData\Roaming\.minecraft
2015-07-10 08:46 - 2015-04-04 14:11 - 00000600 _____ C:\Users\W\AppData\Local\PUTTY.RND
2015-07-10 08:42 - 2015-04-04 13:23 - 00000000 ____D C:\Users\W\AppData\Roaming\FileZilla
2015-07-09 15:40 - 2015-04-04 15:22 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 15:03 - 2015-04-08 16:20 - 00000000 ____D C:\Users\W\AppData\Local\CrashDumps
2015-07-09 12:55 - 2015-04-04 13:39 - 00000000 ___RD C:\Users\W\Desktop\Programy
2015-07-09 12:36 - 2015-04-04 12:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-07-09 12:36 - 2015-04-04 12:47 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-07-09 12:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2015-07-08 11:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2015-07-08 10:47 - 2015-04-28 15:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-07 12:07 - 2015-04-07 08:34 - 305082053 _____ C:\Windows\MEMORY.DMP
2015-07-07 12:07 - 2015-04-07 08:34 - 00000000 ____D C:\Windows\Minidump
2015-07-05 16:36 - 2015-04-04 13:35 - 00000000 ___RD C:\Users\W\Desktop\Gry
2015-07-05 16:26 - 2015-04-04 13:27 - 00000000 ____D C:\Users\W\AppData\Roaming\uTorrent
2015-07-05 16:00 - 2015-04-23 14:09 - 00000000 ____D C:\Users\W\Documents\GTA San Andreas User Files
2015-07-05 14:29 - 2015-05-23 17:54 - 00000000 ____D C:\Users\W\AppData\Roaming\TS3Client
2015-07-04 20:59 - 2015-04-04 15:20 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-01 15:30 - 2015-04-04 12:49 - 00000000 ____D C:\Users\W\AppData\Roaming\Skype
2015-06-29 09:22 - 2015-06-03 16:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-28 11:34 - 2015-04-04 12:32 - 00000000 ____D C:\Users\W
2015-06-25 20:14 - 2015-05-01 15:48 - 00000000 ____D C:\Users\W\Documents\Assassin's Creed IV Black Flag
2015-06-25 13:54 - 2015-04-04 12:35 - 00003876 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1428143704
2015-06-25 13:54 - 2015-04-04 12:34 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-17 14:40 - 2015-05-23 17:53 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-06-14 17:21 - 2011-04-12 15:32 - 00000000 ____D C:\Windows\ShellNew
2015-06-11 16:38 - 2015-04-08 16:18 - 00122919 _____ C:\Windows\DirectX.log
2015-06-10 18:33 - 2015-06-01 16:11 - 00000000 ____D C:\Users\W\AppData\Roaming\Moje pliki Bitwy o Śródziemie™ II

==================== Files in the root of some directories =======

2015-04-04 14:11 - 2015-07-10 08:46 - 0000600 _____ () C:\Users\W\AppData\Local\PUTTY.RND
2015-06-28 11:39 - 2015-06-28 11:39 - 0002328 _____ () C:\Users\W\AppData\Local\recently-used.xbel
2015-07-05 16:33 - 2015-07-05 16:36 - 0007607 _____ () C:\Users\W\AppData\Local\Resmon.ResmonCfg

Files to move or delete:
====================
C:\Users\W\worldpainter_1.10.6.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 12:04

==================== End of log ============================

 

 

Addition:

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by W at 2015-07-10 09:12:15
Running from C:\Users\W\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3457423968-916553893-2173699218-500 - Administrator - Disabled)
Gość (S-1-5-21-3457423968-916553893-2173699218-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3457423968-916553893-2173699218-1002 - Limited - Enabled)
W (S-1-5-21-3457423968-916553893-2173699218-1001 - Administrator - Enabled) => C:\Users\W

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Assassin's Creed IV - Black Flag" (HKLM-x32\...\{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1) (Version: 1.01.0.0 - )
µTorrent (HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
Bitwa o Śródziemie™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0407 - Disc Soft Ltd)
Dark Messiah of Might & Magic Multi-Player (HKLM-x32\...\Steam App 2130) (Version:  - Arkane Studios)
Dark Messiah of Might & Magic Single Player (HKLM-x32\...\Steam App 2100) (Version:  - Arkane Studios)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
GameRanger (HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\GameRanger) (Version:  - GameRanger Technologies)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version:  - Warner Bros. Games)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version:  - )
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software)
Panel sterowania NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
Tropico 4 1.00 (HKU\S-1-5-21-3457423968-916553893-2173699218-1001\...\Tropico 4) (Version: 1.00 - Kalypso Media)
WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

30-06-2015 15:26:34 Installed GTA San Andreas
08-07-2015 10:45:54 Usunięte II Wojna Światowa
10-07-2015 09:01:10 Removed globalupdate Helper
10-07-2015 09:03:03 Removed LogMeIn Hamachi

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-08 09:48 - 00000921 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C1207E-DAC2-4316-949A-1442157DDB14} - System32\Tasks\Opera scheduled Autoupdate 1428143704 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software)
Task: {5BA8B0F8-2C93-4DD5-95CA-428B976DD5CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {5BF1962F-747F-4DB0-992D-C8B475CBE204} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {77800018-1EE0-46B8-846A-DBE43EFFED15} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {9A5DEEE8-72C5-40B4-B672-B14E0E05A574} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AF3004F6-8EAA-4258-85A1-E004D0D7B51F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E97C27E8-E234-4861-9403-255A4102469E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {F2DB8D18-1046-4080-BC54-C92CCD6A9111} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-05-17] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-04-04 13:04 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-04 13:24 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-02 17:18 - 2015-06-02 17:18 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-06-25 13:54 - 2015-06-25 13:53 - 01649272 _____ () C:\Program Files (x86)\Opera\30.0.1835.88\libglesv2.dll
2015-06-25 13:54 - 2015-06-25 13:53 - 00081016 _____ () C:\Program Files (x86)\Opera\30.0.1835.88\libegl.dll
2015-05-17 13:05 - 2015-05-17 13:05 - 14982320 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_188.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3457423968-916553893-2173699218-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\W\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{312799A6-959D-4325-BB00-BE112D69F18E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E32EEF6F-CFAA-4BD2-A57B-865487D2AF3E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{19C45C39-8E68-4744-BC38-521CB79C5EE8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0EE25737-45CD-47CC-A69D-4938514AE4D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F6017EA0-477C-4986-AE6C-3FBB6D5CDCA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{648057DD-F3FD-4DB2-B01C-4BC98CCC93F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{92895859-7AFE-41B1-9621-058DD6A711BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{353DEE53-90FB-42A1-A0B7-7A9A673372FC}] => (Allow) C:\Users\W\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C2A2E3F2-BEE7-4474-B475-F047B056EB3C}] => (Allow) C:\Users\W\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5488F1DC-3DF5-4D6C-992E-4CBB6DAE7A49}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2A1F3785-5281-4086-9711-EBEDEFE2CF24}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ECA90BF9-2344-491B-A98D-520549D0F880}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0D740854-58EF-4CEB-B247-1D32EBFCAE11}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{4BC1D4E0-16A8-4491-A014-CD0CF9C1409A}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{FF438CFF-863E-47F3-A21C-E1FA64D5FEE2}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{DE013E78-6633-4AD7-93B5-8A34888CB355}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{5B7C3790-984C-4C2F-B6F5-1BA7254498BE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{30B2E29D-8211-46E2-9136-AB4142BAC3CE}] => (Allow) D:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat
FirewallRules: [{E6247543-466A-4C58-8BCC-6C4076813910}] => (Allow) D:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat
FirewallRules: [TCP Query User{0B7FE6A1-EED1-4066-AEFB-74743AD485E6}C:\users\w\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\w\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{17CCA565-1F63-448A-84C6-837941B39A0D}C:\users\w\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\w\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{553E23A8-0A86-4C64-98FD-AC101C18AF76}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe
FirewallRules: [{89898C3B-2650-4B3B-BFCB-38E6F5E8E558}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe
FirewallRules: [{72ED80F4-150B-41BB-988D-E6E340FBD162}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Multi-Player\runme.exe
FirewallRules: [{8533253C-0E07-4FB4-B0CD-20DD044BC42A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Multi-Player\runme.exe
FirewallRules: [TCP Query User{7BEC55D9-D3DD-4602-A5D5-A6447DB0B4DC}D:\program files (x86)\steam\steamapps\common\dark messiah might and magic multi-player\mm.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dark messiah might and magic multi-player\mm.exe
FirewallRules: [UDP Query User{A4A33F48-8924-4E7B-9D7B-3F25DCF821D6}D:\program files (x86)\steam\steamapps\common\dark messiah might and magic multi-player\mm.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dark messiah might and magic multi-player\mm.exe
FirewallRules: [{C48EC9C0-D2C3-4EC1-BC99-25160E4730D5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{8BF38007-5787-4151-855D-2014A7933DED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{B77F02DE-910A-49A7-897F-C816B9E60581}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{4D639B25-D46F-4B6A-87E1-C1A2782B9BFC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{02C69B51-1203-42E2-994A-64680BE4EC12}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{A04360E8-6BCA-4E6D-ABE9-0CD28382C41A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{E583D1C2-F667-42B9-9C23-8F990D736306}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{C47FAC96-74A4-491E-A017-93F7B37186C8}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{49901500-A5BE-40F9-9AAF-A2B96FB9139F}] => (Allow) D:\Games\Assassin's Creed IV - Black Flag\AC4BFSP.exe
FirewallRules: [{92D6DB4A-D131-478A-8A7B-2FFBD9892420}] => (Allow) D:\Games\Assassin's Creed IV - Black Flag\AC4BFSP.exe
FirewallRules: [TCP Query User{E24F52B4-1B56-4E9F-88FE-EDBEF21371D3}D:\program files (x86)\ii wojna światowa\hoipol.exe] => (Allow) D:\program files (x86)\ii wojna światowa\hoipol.exe
FirewallRules: [UDP Query User{D1862166-3BE8-4EB7-A7E0-51ECDACE80F9}D:\program files (x86)\ii wojna światowa\hoipol.exe] => (Allow) D:\program files (x86)\ii wojna światowa\hoipol.exe
FirewallRules: [TCP Query User{765040F3-FF57-42F2-9F75-73DAA6D488D5}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{A506F031-6038-4FAA-B428-8987CA561967}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{7A3F0F63-38CD-4AC0-A451-14D1E867CB75}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8B8FFE0E-49DA-4D53-A1E9-975DD5B71113}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{DC112141-811A-42AA-9B19-BF1D32877DBC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{54F5FB4A-3D39-4B2B-AF18-610A0566867B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4A7DC2D0-0311-4E08-8FE7-04C836D1C8E8}] => (Allow) C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat
FirewallRules: [{9AD0D767-9FEA-4E69-9714-2172C3D8D38B}] => (Allow) C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat
FirewallRules: [{1A9F0DC8-0319-45CE-8F2F-1F1A4B444178}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{08B3A8B7-F76B-4CF3-9A6C-5B01B364BA43}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{F5A833DE-D5A1-4436-8787-C08CC24E91E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2015 09:09:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 09:08:21 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (07/10/2015 09:08:21 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 
0x800401F9

Error: (07/10/2015 08:50:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:49:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be
Nazwa modułu powodującego błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000004e920f
Identyfikator procesu powodującego błąd: 0x984
Godzina uruchomienia aplikacji powodującej błąd: 0xNvStreamNetworkService.exe0
Ścieżka aplikacji powodującej błąd: NvStreamNetworkService.exe1
Ścieżka modułu powodującego błąd: NvStreamNetworkService.exe2
Identyfikator raportu: NvStreamNetworkService.exe3

Error: (07/10/2015 08:49:08 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (07/10/2015 08:49:08 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 
0x800401F9

Error: (07/10/2015 08:42:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:41:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be
Nazwa modułu powodującego błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000004e920f
Identyfikator procesu powodującego błąd: 0x9bc
Godzina uruchomienia aplikacji powodującej błąd: 0xNvStreamNetworkService.exe0
Ścieżka aplikacji powodującej błąd: NvStreamNetworkService.exe1
Ścieżka modułu powodującego błąd: NvStreamNetworkService.exe2
Identyfikator raportu: NvStreamNetworkService.exe3

Error: (07/10/2015 08:41:33 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.


System errors:
=============
Error: (07/10/2015 09:06:33 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: 
%%1056.

Error: (07/10/2015 09:06:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/10/2015 09:06:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Ochrona oprogramowania niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/10/2015 09:06:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/10/2015 09:06:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/10/2015 09:06:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Instalator Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/10/2015 09:06:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Microsoft .NET Framework NGEN v4.0.30319_X86 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/10/2015 09:06:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Microsoft .NET Framework NGEN v4.0.30319_X64 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (07/10/2015 09:06:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa IHProtect Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (07/10/2015 09:06:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa NVIDIA Streamer Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.


Microsoft Office:
=========================
Error: (07/10/2015 09:09:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 09:08:21 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (07/10/2015 09:08:21 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (07/10/2015 08:50:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:49:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f98401d0badc8a39ed80C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exed2761560-26cf-11e5-b0a1-001e90021611

Error: (07/10/2015 08:49:08 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (07/10/2015 08:49:08 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (07/10/2015 08:42:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:41:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f9bc01d0badb7bb25000C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exebf4c76b0-26ce-11e5-aefe-001e90021611

Error: (07/10/2015 08:41:33 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001


CodeIntegrity Errors:
===================================
  Date: 2015-07-10 09:08:17.901
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-10 09:00:49.227
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-10 08:49:04.154
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-10 08:41:29.625
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-09 15:11:12.902
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-09 15:06:09.060
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-09 14:57:15.557
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-09 12:32:37.203
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-09 10:19:29.253
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-09 09:34:09.384
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
Percentage of memory in use: 56%
Total physical RAM: 2046.48 MB
Available physical RAM: 884.23 MB
Total Virtual: 4092.95 MB
Available Virtual: 2616.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:78.17 GB) (Free:37.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:212.03 GB) (Free:119.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=212 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=78.2 GB) - (Type=07 NTFS)

==================== End of log ============================

 

 

Shortcut:

 

 

Users shortcut scan result (x64) Version:05-07-2015
Ran by W at 2015-07-10 09:13:06
Running from C:\Users\W\Desktop
Boot Mode: Normal
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files (x86)\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Instrukcja do gry.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\Instrukcja.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\README.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\ReadMe\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Zagraj w GTA San Andreas.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband\Mount&Blade Warband.lnk -> D:\Program Files (x86)\Mount&Blade Warband\mb_warband.exe (Taleworlds Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband\Uninstall.lnk -> D:\Program Files (x86)\Mount&Blade Warband\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\SkyDrive Pro 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\grv_icons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Wyślij do programu OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Centrum przekazywania pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Database Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\dbcicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Dziennik telemetryczny dla pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmclienticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Menedżer nagrywania programu Lync.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Preferencje językowe pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\sscicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Narzędzia pakietu Office 2013\Telemetryczny pulpit nawigacyjny dla pakietu Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmadminicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe (Tim Kosse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Bitwa o Śródziemie™ II.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\lotrbfme2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Edytor gry Bitwa o Śródziemie™ II.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\WorldBuilder.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Pomoc techniczna.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\Support\European Help Files\EA_Help_Select.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Przeczytaj.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\Support\pl\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Usuń Bitwa o Śródziemie™ II.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\eauninstall.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\AutoIt Help File.lnk -> C:\Program Files (x86)\AutoIt3\AutoIt.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\AutoIt Window Info (x64).lnk -> C:\Program Files (x86)\AutoIt3\Au3Info_x64.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\AutoIt Window Info (x86).lnk -> C:\Program Files (x86)\AutoIt3\Au3Info.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Compile Script to .exe (x64).lnk -> C:\Program Files (x86)\AutoIt3\Aut2Exe\Aut2exe_x64.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Compile Script to .exe (x86).lnk -> C:\Program Files (x86)\AutoIt3\Aut2Exe\Aut2exe.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Examples.lnk -> C:\Program Files (x86)\AutoIt3\Examples ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Run Script (x64).lnk -> C:\Program Files (x86)\AutoIt3\AutoIt3_x64.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Run Script (x86).lnk -> C:\Program Files (x86)\AutoIt3\AutoIt3.exe (AutoIt Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\SciTE Script Editor.lnk -> C:\Program Files (x86)\AutoIt3\SciTE\SciTE.exe (Neil Hodgson [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\AutoIt v3 Website.lnk -> C:\Program Files (x86)\AutoIt3\AutoIt v3 Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\Browse Extras.lnk -> C:\Program Files (x86)\AutoIt3\Extras ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\AutoItX\AutoItX Help File.lnk -> C:\Program Files (x86)\AutoIt3\AutoItX\AutoItX.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Extras\AutoItX\VBScript Examples.lnk -> C:\Program Files (x86)\AutoIt3\AutoItX\ActiveX\VBScript (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Assassin's Creed IV - Black Flag.lnk -> D:\Games\Assassin's Creed IV - Black Flag\Launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Manual.lnk -> D:\Games\Assassin's Creed IV - Black Flag\Support\Manual\English\AssassinsCreed.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Uninstall.lnk -> D:\Games\Assassin's Creed IV - Black Flag\Uninstall\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B5FECD24-66DE-45BF-9958-CAD1680E8A44}\PlayTasks\0\Launch.lnk -> D:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B35AA340-6BB6-4E8D-9B6F-8CB69AAF64BA}\PlayTasks\2\Pomoc EA.lnk -> D:\Program Files (x86)\Electronic Arts\SPORE\Support\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{0890289A-B5B2-4D76-9B15-204E744285B7}\PlayTasks\1\Manual.lnk -> D:\Program Files (x86)\Kalypso Media\Tropico 4\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{0890289A-B5B2-4D76-9B15-204E744285B7}\PlayTasks\0\Play.lnk -> D:\Program Files (x86)\Kalypso Media\Tropico 4\Tropico4.exe (Haemimont Games)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\W\Links\Desktop.lnk -> C:\Users\W\Desktop ()
Shortcut: C:\Users\W\Links\Downloads.lnk -> C:\Users\W\Downloads ()
Shortcut: C:\Users\W\Desktop\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\W\Desktop\Programy\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\W\Desktop\Programy\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\W\Desktop\Programy\CPUID CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\Users\W\Desktop\Programy\CPUID HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\Users\W\Desktop\Programy\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\W\Desktop\Programy\FileZilla Client.lnk -> C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\Users\W\Desktop\Programy\GameRanger.lnk -> C:\Users\W\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
Shortcut: C:\Users\W\Desktop\Programy\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation)
Shortcut: C:\Users\W\Desktop\Programy\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO [email protected])
Shortcut: C:\Users\W\Desktop\Programy\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()
Shortcut: C:\Users\W\Desktop\Programy\Steam.lnk -> D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\W\Desktop\Programy\TeamSpeak 3 Client.lnk -> C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\W\Desktop\Programy\WorldPainter.lnk -> C:\Program Files (x86)\WorldPainter\worldpainter.exe (No File)
Shortcut: C:\Users\W\Desktop\Programy\µTorrent.lnk -> C:\Users\W\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\W\Desktop\Gry\Assassin's Creed IV - Black Flag.lnk -> D:\Games\Assassin's Creed IV - Black Flag\Launcher.exe ()
Shortcut: C:\Users\W\Desktop\Gry\Bitwa o Śródziemie™ II.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\lotrbfme2.exe ()
Shortcut: C:\Users\W\Desktop\Gry\GTA San Andreas.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe ()
Shortcut: C:\Users\W\Desktop\Gry\II Wojna Światowa PL.lnk -> D:\Program Files (x86)\II Wojna Światowa\RunPOL.exe (No File)
Shortcut: C:\Users\W\Desktop\Gry\LEGO MARVEL Super Heroes.lnk -> D:\Program Files (x86)\LEGO MARVEL Super Heroes\LEGOMARVEL.exe (Warner Bros. Interactive Entertainment)
Shortcut: C:\Users\W\Desktop\Gry\Skyrim (SKSE).lnk -> D:\Program Files (x86)\Steam\steamapps\common\Skyrim\skse_loader.exe ()
Shortcut: C:\Users\W\Desktop\Gry\Spore.lnk -> D:\Program Files (x86)\Electronic Arts\SPORE\Sporebin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\Users\W\Desktop\Gry\Tropico 5.lnk -> C:\Program Files (x86)\Tropico 5\Tropico5.exe (No File)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk -> C:\Users\W\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\W\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\W\AppData\Local\Microsoft\Windows\GameExplorer\{9D8A796B-A079-4E8B-85D8-1F3CC31665B0}\PlayTasks\0\Zagraj.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\lotrbfme2.exe ()
Shortcut: C:\Users\W\AppData\Local\Microsoft\Windows\GameExplorer\{746969F7-8048-4B97-AFAF-7C45EEDDE215}\PlayTasks\0\Zagraj.lnk -> D:\Program Files (x86)\Steam\steamapps\common\Dark Messiah Might and Magic Multi-Player\mm.exe ()
Shortcut: C:\Users\W\AppData\Local\Microsoft\Windows\GameExplorer\{0786586D-D09B-4FD2-9328-C977F9D1DDE7}\PlayTasks\0\Zagraj.lnk -> C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe ()




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Odinstaluj GTA San Andreas.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe () ->  /design 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Rejestracja elektroniczna.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\Support\EReg.exe (Electronic Arts Inc.) -> "lotrbfme2.exe"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Bitwa o Śródziemie™ II\Szukaj uaktualnień.lnk -> C:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\lotrbfme2.exe () -> GrabPatches
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3\Check For Updates.lnk -> C:\Program Files (x86)\AutoIt3\AutoIt3.exe (AutoIt Team) -> "C:\Program Files (x86)\AutoIt3\Extras\AutoUpdateIt\AutoUpdateIt.au3"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{B35AA340-6BB6-4E8D-9B6F-8CB69AAF64BA}\PlayTasks\0\SPORE™.lnk -> D:\Program Files (x86)\Electronic Arts\SPORE\Sporebin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) ->  -locale:pl-pl
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\W\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\W\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Register Online.url -> hxxp://www.rockstargames.com/register/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Rockstar Games.url -> hxxp://www.rockstargames.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Rockstar North Ltd.url -> hxxp://www.RockstarNorth.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Linki\Cenega Poland.url -> hxxp://www.cenega.pl
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Linki\Kompania Graczy.url -> hxxp://www.cenega.pl/klub
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Linki\Pomoc techniczna.url -> hxxp://www.cenega.pl/pomoc
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\GTA San Andreas\Linki\Sklep internetowy.url -> hxxp://www.cenega.pl/sklep
InternetURL: C:\Users\W\Favorites\Links for Polska\Bezpieczeństwo w trybie online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=142211
InternetURL: C:\Users\W\Favorites\Links for Polska\Bezpieczny Internet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129626
InternetURL: C:\Users\W\Favorites\Links for Polska\Kultura.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129625
InternetURL: C:\Users\W\Favorites\Links for Polska\Pogodynka.pl — oficjalny serwis pogodowy IMGW.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129624
InternetURL: C:\Users\W\Favorites\Links for Polska\Polska.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129622
InternetURL: C:\Users\W\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\W\Favorites\Links\Sugerowane witryny.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\W\Desktop\Gry\Dead Island.url -> steam://rungameid/91310
InternetURL: C:\Users\W\Desktop\Gry\Heroes & Generals.url -> steam://rungameid/227940
InternetURL: C:\Users\W\Desktop\Gry\Robocraft.url -> steam://rungameid/301520
InternetURL: C:\Users\W\Desktop\Gry\The Forest.url -> steam://rungameid/242760

==================== End of log =============================

 

 

 

 

Dziękuję za pomoc

[Aranthor]

Kolejna fixlista usuwająca pozostałości po adware. Po jej uruchomieniu problem powinien ustąpić. Czy tak się stało?

 

 

Co to są BSODy? Nigdy się nie spotkałem z takim pojęciem.

BSOD - Blue Screen Of Death czyli niebieski ekran śmierci. Jego pojawienie się jest zwykle oznaką poważnego błędu z oprogramowaniem lub uszkodzenia sprzętu. Według logów ostatni taki BSOD wystąpił u ciebie 7 lipca. W chwili pojawienia się niebieskiego ekranu obraz na monitorze wygląda mniej więcej tak:

 

 

 

 

Jeśli takie błędy będą się pojawiać często (lub w ogóle pojawiać) 

załóż nowy temat i dołącz do niego pliki z folderu C:\Windows\Minidump.