AdwCleaner i Blue screen oraz sam kursor po uruchomieniu systemu

[GaCeL]

Witam,
 
Gdy włączam komputer to po uruchomieniu jest sam kursor i black screen i trzeba czekać z 2 min żeby włączył się explorer w procesach jest od samego początku explorer odpalony oraz gdy chce usunąć pliki AdwCleaner'em to wywala mi blue screena.



FRST

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Kacper (administrator) on KACPER-KOMPUTER on 21-07-2015 16:46:08
Running from C:\Users\Kacper\Downloads
Loaded Profiles: Kacper (Available Profiles: Kacper)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Gf6s0B3S) C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-15] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9569096 2012-03-11] (COMODO)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [43871968 2015-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [27529ec914c6740d00cad95d649269a0] => C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe [191488 2015-07-18] (Gf6s0B3S) <===== ATTENTION
HKLM-x32\...\Run: [18.exe] => C:\Users\Kacper\AppData\RoamingMicrosoft\System\Services\18.exe
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-509856250-1911961952-590295147-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-509856250-1911961952-590295147-1000\...\Run: [27529ec914c6740d00cad95d649269a0] => C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe [191488 2015-07-18] (Gf6s0B3S) <===== ATTENTION
HKU\S-1-5-21-509856250-1911961952-590295147-1000\...\Run: [18.exe] => C:\Users\Kacper\AppData\RoamingMicrosoft\System\Services\18.exe
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [389840 2012-03-11] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301224 2012-03-11] (COMODO)
Startup: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\27529ec914c6740d00cad95d649269a0.exe [2015-07-21] (Gf6s0B3S)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-05-20] (Internet Download Manager, Tonec Inc.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-07] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-07] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-05-20] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-509856250-1911961952-590295147-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 31.41.82.100 31.41.82.126
Tcpip\..\Interfaces\{3C991986-CA20-4875-B20B-D253E0135CBA}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{934523DE-2F7E-4D5C-AD9D-305E20FAABCC}: [DhcpNameServer] 192.168.100.1 31.41.82.100 31.41.82.126

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-10-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-10-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-07-21]
FF HKU\S-1-5-21-509856250-1911961952-590295147-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Kacper\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Kacper\AppData\Roaming\IDM\idmmzcc5 [2015-07-21]

Chrome:
=======
CHR Profile: C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-07]
CHR Extension: (Material For Chrome) - C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokahbgdhhcjfnjlfeiojfmgnoikpcco [2015-06-29]
CHR Extension: (IDM Integration Module) - C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-06-11]
CHR Extension: (Google Wallet) - C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-07]
CHR Extension: (agar.io mouse wheel zoom out patch) - C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdcijloimlokiikaaeabennlflobbik [2015-07-03]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-06-08]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-05-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-06-08]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-05-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CLPSLS; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [1267000 2011-11-23] (COMODO)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2815496 2012-03-11] (COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-07] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-07] (Dropbox, Inc.)
S2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-06] (DTS, Inc)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1169616 2015-06-04] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-06-04] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [589520 2015-06-04] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S4 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2015-06-08] (The OpenVPN Project)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-06-30] (Electronic Arts)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-06-29] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84816 2014-03-14] (Asmedia Technology)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150706.001\BHDrvx64.sys [1648880 2015-06-17] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [22696 2012-03-11] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-06-08] (DT Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-06-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-06-07] (Symantec Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2015-05-19] (AnchorFree Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150720.001\IDSvia64.sys [692984 2015-06-20] (Symantec Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150720.018\ENG64.SYS [138488 2015-07-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150720.018\EX64.SYS [2146040 2015-07-16] (Symantec Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0081.sys [40704 2015-07-21] (SoftEther Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-06-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2015-05-19] (Anchorfree Inc.)
R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 16:46 - 2015-07-21 16:46 - 00023337 _____ C:\Users\Kacper\Downloads\FRST.txt
2015-07-21 16:45 - 2015-07-21 16:46 - 00000000 ____D C:\FRST
2015-07-21 16:45 - 2015-07-21 16:45 - 02135552 _____ (Farbar) C:\Users\Kacper\Downloads\frst64.exe
2015-07-21 16:33 - 2015-07-21 16:34 - 02248704 _____ C:\Users\Kacper\Downloads\AdwCleaner.exe
2015-07-21 16:30 - 2015-07-21 16:30 - 00000000 ____D C:\Users\Kacper\AppData\Local\NPE
2015-07-21 16:28 - 2015-07-21 16:28 - 00000000 ____D C:\Users\Kacper\AppData\Local\COMODO
2015-07-21 10:54 - 2015-07-21 16:46 - 00020482 _____ C:\Windows\SysWOW64\.tmp
2015-07-21 10:53 - 2015-07-21 16:38 - 00000560 _____ C:\Windows\setupact.log
2015-07-21 10:53 - 2015-07-21 16:37 - 1334153437 _____ C:\Windows\MEMORY.DMP
2015-07-21 10:53 - 2015-07-21 16:37 - 00000000 ____D C:\Windows\Minidump
2015-07-21 10:53 - 2015-07-21 10:53 - 00000000 _____ C:\Windows\setuperr.log
2015-07-21 10:52 - 2015-07-21 16:35 - 00000000 ____D C:\AdwCleaner
2015-07-21 09:27 - 2015-07-21 09:27 - 00004720 _____ C:\Windows\windefendam.log
2015-07-21 09:27 - 2015-07-21 09:27 - 00000020 _____ C:\Windows\capsys184523.log
2015-07-21 08:40 - 2015-07-21 08:46 - 00000000 ____D C:\Program Files (x86)\Hide ALL IP
2015-07-21 08:40 - 2015-07-21 08:43 - 00000000 ____D C:\Extracted
2015-07-21 08:24 - 2010-02-25 17:51 - 00029696 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2015-07-21 08:10 - 2015-07-21 08:10 - 00040704 _____ (SoftEther Corporation) C:\Windows\system32\Drivers\Neo_0081.sys
2015-07-21 08:09 - 2015-07-21 08:09 - 00144104 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2015-07-21 07:45 - 2015-07-21 08:18 - 00000000 ____D C:\Program Files (x86)\Hide My IP 6
2015-07-20 17:20 - 2015-07-20 17:20 - 00000000 ____D C:\ProgramData\GG
2015-07-20 17:19 - 2015-07-21 07:51 - 00000000 ____D C:\Users\Kacper\Desktop\ts3
2015-07-20 15:14 - 2015-07-21 16:37 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\TS3Client
2015-07-20 15:14 - 2015-07-20 15:14 - 00000967 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-07-20 15:14 - 2015-07-20 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-07-20 15:14 - 2015-07-20 15:14 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-07-20 14:05 - 2015-07-20 14:10 - 00001048 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2015-07-20 14:04 - 2015-07-20 14:10 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2015-07-20 14:04 - 2015-07-20 14:04 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Hotspot Shield
2015-07-20 14:04 - 2015-07-20 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2015-07-20 14:04 - 2015-07-20 14:04 - 00000000 ____D C:\ProgramData\Hotspot Shield
2015-07-20 14:04 - 2015-05-19 03:06 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2015-07-20 08:53 - 2015-07-20 09:47 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\MacroCreator
2015-07-20 08:53 - 2015-07-20 08:53 - 00000860 _____ C:\Users\Public\Desktop\Pulover's Macro Creator.lnk
2015-07-20 08:53 - 2015-07-20 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulover's Macro Creator
2015-07-20 08:53 - 2015-07-20 08:53 - 00000000 ____D C:\Program Files\MacroCreator
2015-07-19 13:56 - 2015-07-19 13:56 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\GenArts
2015-07-18 16:02 - 2015-07-20 12:05 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Vesteris
2015-07-18 14:05 - 2014-09-22 14:00 - 02987520 _____ (Python Software Foundation) C:\Windows\SysWOW64\python27.dll
2015-07-18 11:57 - 2015-07-18 15:13 - 00116647 _____ C:\Users\Kacper\Desktop\widgets.psd
2015-07-17 15:06 - 2015-07-17 15:06 - 00000000 ____D C:\Users\Kacper\Documents\My Cheat Tables
2015-07-17 08:25 - 2015-07-17 08:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX
2015-07-17 08:25 - 2015-07-17 08:25 - 00000000 ____D C:\Program Files\Common Files\OFX
2015-07-16 22:25 - 2015-07-16 22:25 - 00058471 _____ C:\Users\Kacper\Documents\ts3_clientui-win64-1407159763-2015-07-16 22_25_02.139712.dmp
2015-07-16 14:45 - 2015-07-16 14:45 - 00000000 ____D C:\Users\Kacper\Documents\FIFA 15
2015-07-14 11:19 - 2015-07-14 11:20 - 00000000 ____D C:\Program Files (x86)\SWF to GIF
2015-07-11 15:32 - 2014-11-14 12:13 - 08203264 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Windows\system32\QtGui4.dll
2015-07-09 14:46 - 2015-07-09 14:46 - 00000963 _____ C:\Users\Kacper\Desktop\RocketDock.lnk
2015-07-09 14:46 - 2015-07-09 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
2015-07-09 14:46 - 2015-07-09 14:46 - 00000000 ____D C:\Program Files (x86)\RocketDock
2015-07-09 14:33 - 2015-07-09 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-09 14:26 - 2015-07-09 14:26 - 00000222 _____ C:\Users\Kacper\Desktop\Grand Theft Auto V.url
2015-07-09 13:33 - 2015-07-21 09:29 - 00000000 ____D C:\Users\Kacper\Documents\Action!
2015-07-08 17:04 - 2015-07-13 19:20 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\OBS
2015-07-08 17:01 - 2015-07-08 17:02 - 00000000 ____D C:\Users\Kacper\AppData\Local\streamtip-alerter
2015-07-08 17:01 - 2015-07-08 17:01 - 00001115 _____ C:\Users\Public\Desktop\Streamtip Alerter.lnk
2015-07-08 17:01 - 2015-07-08 17:01 - 00000000 ____D C:\Users\Kacper\Documents\Streamtip
2015-07-08 17:01 - 2015-07-08 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamtip Alerter
2015-07-08 17:01 - 2015-07-08 17:01 - 00000000 ____D C:\Program Files (x86)\Streamtip Alerter
2015-07-08 16:55 - 2015-07-13 10:37 - 00000000 ____D C:\Program Files (x86)\OBS
2015-07-08 16:55 - 2015-07-08 16:55 - 00000935 _____ C:\Users\Kacper\Desktop\Open Broadcaster Software.lnk
2015-07-08 16:55 - 2015-07-08 16:55 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2015-07-08 16:55 - 2015-07-08 16:55 - 00000000 ____D C:\Program Files\OBS
2015-07-07 19:47 - 2015-07-07 19:47 - 00000000 ____D C:\ProgramData\Sun
2015-07-07 19:47 - 2015-07-07 19:47 - 00000000 ____D C:\ProgramData\Oracle
2015-07-07 09:55 - 2015-07-08 17:47 - 00001671 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk
2015-07-07 09:55 - 2015-07-07 09:55 - 00003518 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Kacper-Komputer-Kacper
2015-07-07 09:55 - 2015-07-07 09:55 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-07 09:55 - 2015-07-07 09:55 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2015-07-07 09:55 - 2015-07-07 09:55 - 00000000 ____D C:\ProgramData\ALM
2015-07-07 09:54 - 2015-07-07 09:54 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-07-07 09:54 - 2015-07-07 09:54 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-07-07 09:54 - 2015-07-07 09:54 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-07-05 22:56 - 2015-07-05 22:56 - 00000000 ____D C:\Users\Kacper\AppData\Local\fabi.me
2015-07-05 16:20 - 2015-07-05 16:20 - 00000893 _____ C:\Users\Public\Desktop\Sizer.lnk
2015-07-05 16:20 - 2015-07-05 16:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sizer
2015-07-05 16:20 - 2015-07-05 16:20 - 00000000 ____D C:\Program Files (x86)\Sizer
2015-07-04 15:14 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-04 15:14 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-03 17:19 - 2015-07-03 17:25 - 113068277 _____ C:\Users\Kacper\Documents\New track 6.mp4
2015-07-03 17:15 - 2015-07-03 17:15 - 00000000 ____D C:\Users\Kacper\AppData\Local\Red Giant
2015-07-03 12:25 - 2015-07-03 12:35 - 486088521 _____ C:\Users\Kacper\Documents\New track 5.mp4
2015-07-02 23:36 - 2015-07-02 23:36 - 00001147 _____ C:\Users\Public\Desktop\FIFA 15.lnk
2015-07-02 23:36 - 2015-07-02 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15
2015-07-02 23:04 - 2015-07-02 23:04 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\LolClient
2015-07-02 22:30 - 2015-07-03 14:09 - 00000196 _____ C:\Users\Kacper\Desktop\Predator Mode.ahk
2015-07-02 11:18 - 2015-07-02 11:18 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Mikrotik
2015-07-01 23:35 - 2015-07-01 23:35 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-07-01 20:15 - 2015-05-14 17:53 - 01674929 _____ (TeamExtreme) C:\Users\Kacper\Desktop\Minecraft TE Launcher.exe
2015-07-01 16:14 - 2015-07-07 10:42 - 00000000 ____D C:\Users\Kacper\Documents\CCleaner
2015-07-01 16:12 - 2015-07-01 16:12 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-01 16:12 - 2015-07-01 16:12 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-01 16:12 - 2015-07-01 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-01 16:12 - 2015-07-01 16:12 - 00000000 ____D C:\Program Files\CCleaner
2015-07-01 13:17 - 2015-07-01 13:17 - 00000000 ____D C:\Users\Kacper\AppData\Local\Apple Computer
2015-07-01 12:45 - 2015-07-01 12:45 - 00000000 ____D C:\Program Files (x86)\Red Giant Link
2015-07-01 12:35 - 2015-07-01 12:35 - 00000000 ____D C:\Users\Kacper\AppData\Local\Downloaded Installations
2015-07-01 12:19 - 2015-07-01 12:19 - 00003672 _____ C:\Windows\System32\Tasks\Red Giant Link
2015-07-01 12:19 - 2015-07-01 12:19 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Red Giant
2015-07-01 12:18 - 2015-07-01 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2015-07-01 12:18 - 2015-07-01 12:58 - 00000000 ____D C:\Program Files (x86)\Red Giant
2015-07-01 12:18 - 2015-07-01 12:19 - 00000000 ____D C:\ProgramData\Red Giant
2015-07-01 12:18 - 2015-07-01 12:18 - 00000000 ____D C:\ProgramData\RedGiant
2015-07-01 12:18 - 2014-07-28 14:10 - 19939328 _____ (Red Giant LLC) C:\Windows\system32\MBLooksUI_x64.dll
2015-07-01 12:18 - 2013-11-21 11:38 - 04893184 _____ C:\Windows\system32\PhotoLooksRenderer_x64.dll
2015-07-01 12:18 - 2013-11-21 11:38 - 04168704 _____ C:\Windows\SysWOW64\PhotoLooksRenderer.dll
2015-07-01 12:07 - 2015-07-17 08:25 - 00000201 _____ C:\Windows\MSUTIL.INI
2015-07-01 12:07 - 2015-07-17 08:25 - 00000000 ____D C:\Program Files (x86)\GenArts
2015-07-01 12:07 - 2015-07-01 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE
2015-07-01 12:07 - 2015-07-01 12:07 - 00000000 ____D C:\ProgramData\GenArts
2015-07-01 12:07 - 2010-02-04 07:58 - 00584376 _____ (Intel Corporation) C:\Windows\system32\libiomp5md.dll
2015-07-01 12:07 - 2010-02-04 07:40 - 00575672 _____ (Intel Corporation) C:\Windows\SysWOW64\libiomp5md.dll
2015-07-01 00:28 - 2015-07-01 00:28 - 00000000 ____D C:\Users\Kacper\AppData\Local\LeagueSharp
2015-07-01 00:23 - 2015-07-06 19:52 - 00000000 ____D C:\Users\Kacper\Desktop\LeagueSharp
2015-06-30 23:42 - 2015-07-01 00:26 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\LSFC1B955B
2015-06-30 23:31 - 2015-07-02 23:12 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-06-30 23:21 - 2015-07-16 14:45 - 00000000 ____D C:\Users\Kacper\AppData\Local\Origin
2015-06-30 23:21 - 2015-07-02 23:10 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Origin
2015-06-30 23:14 - 2015-07-16 14:45 - 00000000 ____D C:\ProgramData\Origin
2015-06-30 23:14 - 2015-07-16 14:45 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-06-30 23:14 - 2015-06-30 23:21 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-30 23:14 - 2015-06-30 23:14 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2015-06-30 23:14 - 2015-06-30 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-06-30 00:03 - 2015-06-30 00:03 - 00000000 ____D C:\Windows\system32\Taskman
2015-06-30 00:01 - 2015-06-30 00:05 - 00000000 ____D C:\Program Files (x86)\7tsp
2015-06-29 23:55 - 2015-06-29 23:55 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0
2015-06-29 23:55 - 2015-06-29 23:55 - 00000000 ____D C:\Program Files\Theme Resource Changer
2015-06-29 23:53 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll.backup
2015-06-29 23:53 - 2009-07-14 03:41 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll.backup
2015-06-29 23:53 - 2009-07-14 03:41 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll.backup
2015-06-29 23:37 - 2015-07-21 16:35 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2015-06-29 23:37 - 2015-06-29 23:39 - 00000000 ____D C:\ProgramData\CPA_VA
2015-06-29 23:36 - 2015-06-29 23:36 - 00001846 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2015-06-29 23:36 - 2015-06-29 23:36 - 00000000 ____D C:\Users\Public\Documents\COMODO
2015-06-29 23:36 - 2015-06-29 23:36 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Apple Computer
2015-06-29 23:35 - 2015-06-29 23:35 - 00000462 _____ C:\Windows\SysWOW64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2015-06-29 23:33 - 2015-06-29 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-06-29 23:33 - 2015-06-29 23:35 - 00001110 _____ C:\Users\Public\Desktop\Comodo Dragon.lnk
2015-06-29 23:33 - 2015-06-29 23:35 - 00000000 ____D C:\Program Files\COMODO
2015-06-29 23:33 - 2015-06-29 23:34 - 00000000 ____D C:\ProgramData\Comodo
2015-06-29 23:33 - 2015-06-29 23:33 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2015-06-29 23:33 - 2015-06-29 23:33 - 00001045 _____ C:\Users\Public\Desktop\COMODO GeekBuddy.lnk
2015-06-29 23:33 - 2015-06-29 23:33 - 00000000 ____D C:\Program Files (x86)\Comodo
2015-06-29 20:11 - 2015-07-06 23:32 - 00000147 _____ C:\Users\Kacper\Desktop\90ms.ahk
2015-06-29 20:11 - 2014-11-10 13:13 - 00000127 _____ C:\Users\Kacper\Desktop\Informatyka.ath
2015-06-29 18:25 - 2015-06-29 19:21 - 00000000 ___HD C:\Windows\usp
2015-06-29 14:59 - 2015-06-29 14:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-06-29 11:43 - 2015-07-18 22:15 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Skype
2015-06-29 11:43 - 2015-06-29 11:43 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-06-29 11:43 - 2015-06-29 11:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-29 11:43 - 2015-06-29 11:43 - 00000000 ____D C:\Users\Kacper\Tracing
2015-06-29 11:43 - 2015-06-29 11:43 - 00000000 ____D C:\Users\Kacper\AppData\Local\Skype
2015-06-29 11:43 - 2015-06-29 11:43 - 00000000 ____D C:\ProgramData\Skype
2015-06-29 11:43 - 2015-06-29 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-29 10:35 - 2015-07-21 08:25 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Audacity
2015-06-29 10:24 - 2015-06-29 10:24 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-06-29 10:24 - 2015-06-29 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-06-29 10:24 - 2015-06-29 10:24 - 00000000 ____D C:\ProgramData\Apple Computer
2015-06-29 10:23 - 2015-06-29 10:23 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-06-29 10:23 - 2015-06-29 10:23 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-06-29 10:23 - 2015-06-29 10:23 - 00000000 ____D C:\Users\Kacper\AppData\Local\Apple
2015-06-29 10:23 - 2015-06-29 10:23 - 00000000 ____D C:\ProgramData\Apple
2015-06-29 10:23 - 2015-06-29 10:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-06-28 21:25 - 2015-07-21 08:46 - 00000000 ____D C:\Users\Kacper\AppData\Local\CrashDumps
2015-06-26 21:16 - 2015-06-26 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2015-06-26 21:16 - 2015-06-26 21:16 - 00000000 ____D C:\Program Files\AutoHotkey
2015-06-26 19:55 - 2015-06-26 20:32 - 00000000 ____D C:\Users\Kacper\IdeaProjects
2015-06-26 19:41 - 2015-06-26 19:41 - 00000000 ____D C:\Users\Kacper\.android
2015-06-26 19:40 - 2015-06-26 19:40 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\JetBrains
2015-06-26 19:39 - 2015-06-26 19:39 - 00000000 ____D C:\Users\Kacper\.IntelliJIdea14
2015-06-26 19:38 - 2015-06-26 19:38 - 00000942 _____ C:\Users\Public\Desktop\IntelliJ IDEA 14.0.lnk
2015-06-26 19:38 - 2015-06-26 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2015-06-26 19:38 - 2015-06-26 19:38 - 00000000 ____D C:\Program Files (x86)\JetBrains
2015-06-26 15:39 - 2015-06-26 15:39 - 00348256 ___RH C:\Users\Kacper\Documents\New track 2.mp4.sfk
2015-06-26 13:26 - 2015-06-26 13:26 - 00054368 ___RH C:\Users\Kacper\Documents\New track 3.mp4.sfk
2015-06-25 23:46 - 2015-06-25 23:56 - 00000000 ____D C:\Users\Kacper\Documents\Camtasia Studio
2015-06-25 23:46 - 2015-06-25 23:46 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\TechSmith
2015-06-25 23:46 - 2015-06-25 23:46 - 00000000 ____D C:\Users\Kacper\AppData\Local\TechSmith
2015-06-25 23:44 - 2015-06-29 10:24 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-06-25 23:44 - 2015-06-25 23:44 - 00001168 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2015-06-25 23:44 - 2015-06-25 23:44 - 00000000 ____D C:\ProgramData\TechSmith
2015-06-25 23:44 - 2015-06-25 23:44 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2015-06-25 23:44 - 2015-06-25 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-06-25 23:44 - 2015-06-25 23:44 - 00000000 ____D C:\Program Files (x86)\TechSmith
2015-06-24 09:15 - 2015-06-24 09:15 - 00000000 ____D C:\ProgramData\TEMP
2015-06-23 23:03 - 2015-06-23 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Romain's Software
2015-06-23 23:03 - 2015-06-23 23:03 - 00000000 ____D C:\Program Files (x86)\Attribute Changer
2015-06-23 22:58 - 2015-06-23 22:58 - 00001012 _____ C:\Users\Kacper\Desktop\Total Commander 64 bit.lnk
2015-06-23 22:58 - 2015-06-23 22:58 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-06-23 22:58 - 2015-06-23 22:58 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\GHISLER
2015-06-23 22:58 - 2015-06-23 22:58 - 00000000 ____D C:\Program Files\Total CMD
2015-06-22 22:50 - 2015-06-22 22:50 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Mael
2015-06-22 22:46 - 2015-06-22 22:47 - 00000000 ____D C:\Program Files (x86)\HxD
2015-06-22 22:46 - 2015-06-22 22:46 - 00000881 _____ C:\Users\Public\Desktop\HxD.lnk
2015-06-22 22:46 - 2015-06-22 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 16:45 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-21 16:45 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-21 16:44 - 2011-04-12 15:21 - 00739694 _____ C:\Windows\system32\perfh015.dat
2015-07-21 16:44 - 2011-04-12 15:21 - 00155268 _____ C:\Windows\system32\perfc015.dat
2015-07-21 16:44 - 2009-07-14 07:13 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-21 16:40 - 2015-06-07 16:07 - 00000000 ___RD C:\Users\Kacper\Dropbox
2015-07-21 16:40 - 2015-06-07 16:04 - 00000000 ____D C:\Users\Kacper\AppData\Local\Dropbox
2015-07-21 16:40 - 2015-06-07 15:43 - 00444869 _____ C:\Windows\WindowsUpdate.log
2015-07-21 16:38 - 2015-06-07 15:44 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-21 16:37 - 2015-06-07 16:04 - 00001148 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-07-21 16:37 - 2015-06-07 15:50 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-21 16:37 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-21 16:23 - 2015-06-07 15:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-21 16:23 - 2015-06-07 15:50 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-07-21 16:18 - 2015-06-07 16:04 - 00001152 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-07-21 16:14 - 2015-06-07 17:01 - 00000000 ____D C:\Windows\pss
2015-07-21 16:02 - 2015-06-07 16:15 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-21 16:01 - 2015-06-07 15:44 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-21 09:29 - 2015-06-07 16:36 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\.minecraft
2015-07-21 08:46 - 2015-06-11 21:43 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\IDM
2015-07-21 08:46 - 2015-06-07 16:40 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\uTorrent
2015-07-21 08:23 - 2015-06-07 16:45 - 00000000 ____D C:\Users\Kacper\Downloads\Torrenty
2015-07-21 08:13 - 2015-06-11 21:43 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\DMCache
2015-07-21 07:52 - 2015-06-07 20:12 - 00000000 ____D C:\Users\Kacper\AppData\Local\screenSHU
2015-07-21 07:51 - 2015-06-08 16:03 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-21 07:48 - 2015-06-08 16:11 - 00000000 ____D C:\Users\Kacper\AppData\Local\Adobe
2015-07-21 07:40 - 2015-06-07 18:59 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\foobar2000
2015-07-20 21:32 - 2015-06-16 14:16 - 00000132 _____ C:\Users\Kacper\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
2015-07-20 21:02 - 2015-06-07 20:48 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\Adobe
2015-07-20 20:43 - 2015-06-11 21:43 - 00000000 ____D C:\Users\Kacper\Downloads\Compressed
2015-07-20 18:11 - 2015-06-07 17:38 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\AIMP3
2015-07-20 18:03 - 2015-06-07 20:47 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\GG
2015-07-20 17:20 - 2015-06-07 20:47 - 00000000 ____D C:\Users\Kacper\AppData\Local\GG
2015-07-18 22:42 - 2015-06-08 06:34 - 00000000 ____D C:\Program Files\Fraps
2015-07-18 21:22 - 2009-07-14 06:45 - 05206256 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-18 16:41 - 2015-06-07 15:43 - 00146864 _____ C:\Users\Kacper\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-18 14:00 - 2015-06-11 21:43 - 00000000 ____D C:\Users\Kacper\Downloads\Video
2015-07-18 12:13 - 2015-06-07 16:04 - 00004148 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-07-18 12:13 - 2015-06-07 16:04 - 00003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-07-16 07:56 - 2015-06-07 15:44 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 07:56 - 2015-06-07 15:44 - 00003792 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-14 18:35 - 2015-06-08 21:58 - 00000000 ____D C:\Users\Kacper\AppData\Local\Mirillis
2015-07-14 17:56 - 2015-06-07 15:44 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-09 14:34 - 2015-06-07 16:04 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-07-08 08:34 - 2015-06-08 16:11 - 00000000 ____D C:\ProgramData\Adobe
2015-07-07 19:47 - 2015-06-07 16:27 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-07 19:47 - 2015-06-07 16:27 - 00000000 ____D C:\Program Files\Java
2015-07-07 11:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-07 09:55 - 2015-06-08 16:19 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-07-07 09:55 - 2015-06-08 16:13 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-07 09:54 - 2015-06-08 16:18 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-07-07 09:54 - 2015-06-08 16:14 - 00000000 ____D C:\Program Files\Adobe
2015-07-07 09:54 - 2015-06-08 16:14 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-07 01:24 - 2015-06-07 16:19 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk
2015-07-06 14:50 - 2015-06-19 18:30 - 00000000 ____D C:\Users\Kacper\AppData\Local\LooksBuilder
2015-07-04 15:15 - 2015-06-07 15:50 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-04 15:15 - 2015-06-07 15:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-03 17:26 - 2015-06-07 15:42 - 00000000 ____D C:\Users\Kacper
2015-07-02 23:36 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-01 23:49 - 2015-06-07 15:55 - 00000000 ____D C:\ProgramData\Norton
2015-07-01 16:13 - 2015-06-08 06:32 - 00000000 ____D C:\Users\Kacper\AppData\Roaming\DAEMON Tools Pro
2015-07-01 16:13 - 2015-06-07 16:37 - 00000000 ____D C:\Windows\Panther
2015-07-01 12:18 - 2015-06-19 18:29 - 00000000 ____D C:\Program Files (x86)\LooksBuilder
2015-07-01 12:18 - 2015-06-08 06:38 - 00000000 ____D C:\Program Files\Sony
2015-06-30 16:19 - 2015-06-13 16:03 - 00000000 ____D C:\Program Files\Client
2015-06-30 13:32 - 2015-06-18 13:12 - 00000000 ____D C:\Program Files (x86)\Counter Strike 1.6 PRO
2015-06-30 00:03 - 2010-11-21 05:24 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2015-06-30 00:03 - 2010-11-21 05:24 - 00614912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2015-06-30 00:03 - 2010-11-21 05:24 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2015-06-30 00:03 - 2010-11-21 05:24 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-06-30 00:03 - 2010-11-21 05:23 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
2015-06-30 00:03 - 2010-11-21 05:23 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-06-30 00:03 - 2009-07-14 01:57 - 40884224 _____ (Microsoft Corporation) C:\Windows\system32\imageres.dll
2015-06-30 00:03 - 2009-07-14 01:57 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\imagesp1.dll
2015-06-30 00:03 - 2009-07-14 01:41 - 01033216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagesp1.dll
2015-06-30 00:02 - 2010-11-21 05:24 - 02886144 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-06-30 00:02 - 2009-07-14 01:42 - 40884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imageres.dll
2015-06-29 23:53 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2015-06-29 23:53 - 2009-07-14 01:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-06-29 23:53 - 2009-07-14 01:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2015-06-26 21:16 - 2011-04-12 15:32 - 00000000 ____D C:\Windows\ShellNew
2015-06-24 13:36 - 2015-06-07 15:50 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-24 13:36 - 2015-06-07 15:50 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-24 13:36 - 2015-06-07 15:50 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-24 13:36 - 2015-06-07 15:50 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

==================== Files in the root of some directories =======

2015-06-16 14:16 - 2015-07-20 21:32 - 0000132 _____ () C:\Users\Kacper\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
2015-06-07 21:25 - 2015-06-07 21:25 - 0000000 ____H () C:\Users\Kacper\AppData\Local\BIT3CF2.tmp
2015-06-07 21:24 - 2015-06-07 21:26 - 0000000 _____ () C:\Users\Kacper\AppData\Local\{5824147F-9224-43E0-A80F-808CF7DE4ABE}
2015-06-07 15:57 - 2015-06-07 15:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe


Some files in TEMP:
====================
C:\Users\Kacper\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprov2ji.dll
C:\Users\Kacper\AppData\Local\Temp\ggdrive-menu.exe
C:\Users\Kacper\AppData\Local\Temp\ggdrive-overlay.exe
C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe
C:\Users\Kacper\AppData\Local\Temp\installstats.exe
C:\Users\Kacper\AppData\Local\Temp\Quarantine.exe
C:\Users\Kacper\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2010-11-21 05:24] - [2015-06-30 00:02] - 2886144 ____A (Microsoft Corporation) DD7B04524F61A30C11F69E873D2BDF30

C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-14 15:03

==================== End of log ============================

 

ADDITION

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Kacper at 2015-07-21 16:46:21
Running from C:\Users\Kacper\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-509856250-1911961952-590295147-500 - Administrator - Disabled)
Gość (S-1-5-21-509856250-1911961952-590295147-501 - Limited - Disabled)
Kacper (S-1-5-21-509856250-1911961952-590295147-1000 - Administrator - Enabled) => C:\Users\Kacper

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: COMODO Antivirus (Enabled - Up to date) {458BB331-2324-0753-3D5F-1472EB102AC0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-509856250-1911961952-590295147-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.25.3 - Mirillis)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Reader 9 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1495, 03.06.2015 - AIMP DevTeam)
Aktualizacje NVIDIA 2.4.5.57 (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.15.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0001 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Attribute Changer 7.11 (HKLM-x32\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 7.11 - Romain Petges)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
AutoHotkey 1.1.22.02 (HKLM\...\AutoHotkey) (Version: 1.1.22.02 - Lexikos)
Camtasia Studio 8 (HKLM-x32\...\{474DFABF-E55B-4905-ABAA-40791A6AC77F}) (Version: 8.4.4.1859 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
CINEMA 4D 15.008 (HKLM\...\MAXON12664043) (Version: 15.008 - MAXON Computer GmbH) <==== ATTENTION
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 15.0 - COMODO)
COMODO GeekBuddy (HKLM-x32\...\COMODO GeekBuddy) (Version: 3.3.217083.59 - COMODO)
COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.10.31649.2253 - COMODO Security Solutions Inc.)
Counter Strike 1.6 PRO (HKU\S-1-5-21-509856250-1911961952-590295147-1000\...\Counter Strike 1.6 PRO 1.0) (Version: 1.0 - Cs-Classic)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version: - )
GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version: - )
GG (HKU\S-1-5-21-509856250-1911961952-590295147-1000\...\GG) (Version: 12 - GG Network S.A.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Hotspot Shield 4.15.3 (HKLM-x32\...\HotspotShield) (Version: 4.15.3 - AnchorFree Inc.)
HxD Hex Editor wersja 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
IntelliJ IDEA 14.0 (HKLM-x32\...\IntelliJ IDEA 14.0) (Version: 139.224.1 - JetBrains s.r.o.)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Magic Bullet PhotoLooks (HKLM-x32\...\Magic Bullet PhotoLooks) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NBTExplorer (HKLM-x32\...\{FC4C8FDD-384C-471F-9E9A-C25B57ABE7A8}) (Version: 2.7.6.0 - Justin Aquadro)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.48 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenFM (HKU\S-1-5-21-509856250-1911961952-590295147-1000\...\OpenFM) (Version: 2 - GG Network S.A.)
OpenVPN 2.3.7-I001 (HKLM\...\OpenVPN) (Version: 2.3.7-I001 - )
Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.14 - Intel(R) Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
Panel sterowania NVIDIA 344.48 (Version: 344.48 - NVIDIA Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Pulover's Macro Creator wersja 4.1.3 (HKLM\...\{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1) (Version: 4.1.3 - Rodolfo U. Batista)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7233 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version: - )
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamtip Alerter (HKLM-x32\...\{946E75BA-B3DA-470C-80EC-66AE17107334}_is1) (Version: 0.2.2 - NightDev, LLC)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Fortress Classic (HKLM-x32\...\Steam App 20) (Version: - Valve)
Team Render Client 15.008 (HKLM\...\MAXON6AAF2891) (Version: 15.008 - MAXON Computer GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Theme Resource Changer X64 v1.0 (HKLM\...\Theme Resource Changer X64 v1.0) (Version: - Bad Ass Apps)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Trapcode Particular 64 bit (HKLM-x32\...\InstallShield_{9497360C-4C41-4E05-81C0-BE56DF2ADFE8}) (Version: 2.1.1 - Red Giant Software)
Trapcode Particular 64 bit (Version: 2.1.1 - Red Giant Software) Hidden
Trapcode Suite v12.1.7 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.7 - Red Giant, LLC)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
WinHTTrack Website Copier 3.48-21 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.8-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-509856250-1911961952-590295147-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Kacper\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Restore Points =========================

21-07-2015 16:23:11 Configured GPUTweakStreaming

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-20 14:07 - 00001316 ____A C:\Windows\system32\Drivers\etc\hosts
212.77.98.9 o2.pl
212.77.98.9 www.o2.pl
212.77.98.9 poczta.o2.pl
212.77.98.9 www.poczta.o2.pl
127.0.0.1 anchorfree.net
127.0.0.1 rss2search.com
127.0.0.1 techbrowsing.com
127.0.0.1 box.anchorfree.net
127.0.0.1 www.mefeedia.com
127.0.0.3 www.anchorfree.net
127.0.0.2 www.mefeedia.com
127.0.0.1 anchorfree.us
127.0.0.1 a433.com
127.0.0.3 anchorfree.net
127.0.0.1 rpt.anchorfree.net
127.0.0.1 delivery.anchorfree.us/land.php
127.0.0.1 hsselite.com
127.0.0.1 www.hsselite.com


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {003AF85D-3E87-49F0-9F3F-1C416D8370A5} - System32\Tasks\AdobeAAMUpdater-1.0-Kacper-Komputer-Kacper => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {02227664-86C0-4187-AA13-8BC99700EF37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {2C46D33A-E168-4311-88D8-D00795940ECB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2E2F050E-DEC0-4DAE-839A-F17C25BCDA81} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4551C911-407C-4099-BFC0-E9B4031EF400} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-07] (Dropbox, Inc.)
Task: {4CF3C80D-9376-4C16-A784-8966DA432CBB} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {6C206CE7-717A-487A-ADB0-448C86EC791F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-07-09] (Symantec Corporation)
Task: {8ABBEC4F-BE6E-482F-8833-A62EBD13B68A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-07] (Google Inc.)
Task: {90B8B025-A575-401B-AB05-5AAA7C569634} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B4402E0A-CE2A-4D99-AF11-409D9594003E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-07] (Google Inc.)
Task: {D826E2A9-CE7A-4157-B0D7-73F83F95E66A} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2015-06-04] ()
Task: {F15CDEB0-8C74-4FA4-8D52-4DE72433B683} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-07] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2011-12-19 18:59 - 2011-12-19 18:59 - 00071496 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-06-07 15:49 - 2014-10-16 16:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-04 00:59 - 2015-06-04 00:59 - 00589520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-07-09 14:46 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2015-06-04 00:57 - 2015-06-04 00:57 - 01749200 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2015-07-09 14:46 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-06-08 16:03 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-04 01:19 - 2015-06-04 01:19 - 00616144 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.4.15.3.dll
2015-04-25 03:03 - 2015-04-25 03:03 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
2009-03-27 22:02 - 2009-03-27 22:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
2009-03-27 22:02 - 2009-03-27 22:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
2015-06-08 06:32 - 2015-06-07 23:31 - 00107520 ____R () C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
2015-07-21 16:40 - 2015-07-21 16:40 - 00043008 _____ () c:\users\kacper\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprov2ji.dll
2015-06-07 16:06 - 2015-03-19 09:15 - 00750080 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-06-07 16:06 - 2015-03-19 09:15 - 00047616 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2015-06-07 16:06 - 2015-03-19 09:15 - 00865280 _____ () C:\Program Files (x86)\Dropbox\Client\plugins\platforms\qwindows.dll
2015-06-07 16:06 - 2015-03-19 09:15 - 00200704 _____ () C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qjpeg.dll
2015-06-07 16:06 - 2015-03-19 09:15 - 00010240 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-07 16:06 - 2015-03-19 09:15 - 00726016 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-07 16:06 - 2015-03-19 09:15 - 00010240 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-06-07 16:48 - 2011-03-02 12:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext32.dll
2015-07-14 17:56 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 17:56 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Kacper\Desktop\Minecraft TE Launcher.exe:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CLPSLS => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-509856250-1911961952-590295147-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.100.1 - 31.41.82.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ASGT => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\startupfolder: C:^Users^Kacper^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^27529ec914c6740d00cad95d649269a0.exe => C:\Windows\pss\27529ec914c6740d00cad95d649269a0.exe.Startup
MSCONFIG\startupreg: 18.exe => C:\Users\Kacper\AppData\RoamingMicrosoft\System\Services\18.exe
MSCONFIG\startupreg: 27529ec914c6740d00cad95d649269a0 => "C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe" ..
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: COMODO => C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
MSCONFIG\startupreg: CPA => C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: GG => "C:\Users\Kacper\AppData\Local\GG\Application\gghub.exe"
MSCONFIG\startupreg: Hide ALL IP => "C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe"
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: screenSHU => "C:\Program Files (x86)\screenSHU\screenSHU.exe" --hidden
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{25AD0CE2-61F7-4C73-A39D-D51EF2F8659A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{31230E9C-C9EE-4D1C-8221-30DEEC320B5E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{288EA761-4FAB-4393-86B4-A08874DC4B6E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{23C2F60B-56EE-4126-8917-616646414F42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FA33B132-61AA-4843-9C31-0FE0E97F155E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EDB3A25F-13E9-4110-86FF-23DC2DFADF37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C44D5E42-E075-43C3-8853-E425E48B3DB7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5FB7BF57-54A9-4415-9051-D23AE698921A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{939D2BF5-E10A-4635-AD21-9F9E0B257E89}] => (Allow) C:\Users\Kacper\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C6BCB49C-343C-4D91-84B6-63E527699536}] => (Allow) C:\Users\Kacper\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B3B53EB3-2032-462B-9C25-A977D8D0ADB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C4EA4251-3551-4ED1-9858-F6E96715C24B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D451D628-2D17-443E-8038-12EBCD6334D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F1792A34-9909-4C8B-BCEF-F23FF5F3D185}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{25652C75-5662-4D40-A6FD-F70339A5C002}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{3830314F-FB30-4780-B6D2-7A144E0A1B10}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{E722E005-C931-45F5-8ED0-79CDA1513500}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{88A343F9-DBFC-4E28-8793-DC9541B89A36}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{755E9FF2-D300-4F59-8B87-EAACBFE0004C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{B7F0AFF9-6ABB-40C3-8789-73B61E621C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [TCP Query User{A9087ECE-CF6A-4CFC-8C0D-D0F616AC471E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D2EA5251-6C17-4910-9D30-EA40D34F3683}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{E24A7C12-BFE2-4934-BC71-4D368ABECFA7}] => (Allow) LPort=8317
FirewallRules: [{E7AF304C-D79A-4061-B11B-3F7A5BD08EAB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{CD4FA49F-F451-4C13-9F8B-D355C92BE5F1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B6D5C48E-478D-4D69-8566-BE761BA1E183}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{F7516D85-6367-4A5D-8149-C07609C7D6A2}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{BC9FC264-67D0-436F-A3CD-0A6F9F3B0FC7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{D53ECE43-0FF5-4250-A24C-A2ACCE84696E}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{27E16B87-070B-4255-B70D-65B399C40E2F}] => (Allow) D:\Program Files\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{03E8F5EB-F31B-4A20-AB28-AA530ADF2A77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0AA019A7-C020-461D-AB8E-2E92B9895442}] => (Allow) C:\Program Files (x86)\Hide My IP 6\HideMyIP.exe
FirewallRules: [{9E736F07-C11F-4271-879D-4612640FA4AC}] => (Allow) C:\Program Files (x86)\Hide My IP 6\HideMyIpSrv.exe
FirewallRules: [{38962F9C-93C3-4E8B-86EC-85ACCDC9ACAA}] => (Allow) D:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{597F7E04-4144-419E-8C12-5E2BC5676169}] => (Allow) D:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{449F19FD-A527-41C3-84EA-20E6B780FC86}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{61401790-FE00-4039-98AB-FE82822BCA5C}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{6524DB55-F3EB-456E-A155-599807A93618}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{8A8ED938-D845-4A00-A7F7-073B587ADC11}] => (Allow) D:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{9C39002B-8DB1-4E81-95EB-A7E5283780A0}] => (Allow) C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe
FirewallRules: [{8B2BDC6C-1987-460B-A6CD-63200AF2F9B9}] => (Allow) C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Kontroler PCI Simple Communications
Description: Kontroler PCI Simple Communications
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2015 04:39:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2015 04:38:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).

Error: (07/21/2015 04:38:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).

Error: (07/21/2015 04:38:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).

Error: (07/21/2015 04:17:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2015 04:15:50 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).

Error: (07/21/2015 04:15:50 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).

Error: (07/21/2015 04:15:50 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).

Error: (07/21/2015 10:55:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2015 08:44:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: SnD HIDEALLIP 2015 Universal Patcher.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x2a425e19
Nazwa modułu powodującego błąd: SnD HIDEALLIP 2015 Universal Patcher.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x2a425e19
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00008d1b
Identyfikator procesu powodującego błąd: 0x2248
Godzina uruchomienia aplikacji powodującej błąd: 0xSnD HIDEALLIP 2015 Universal Patcher.exe0
Ścieżka aplikacji powodującej błąd: SnD HIDEALLIP 2015 Universal Patcher.exe1
Ścieżka modułu powodującego błąd: SnD HIDEALLIP 2015 Universal Patcher.exe2
Identyfikator raportu: SnD HIDEALLIP 2015 Universal Patcher.exe3


System errors:
=============
Error: (07/21/2015 04:45:09 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)

Error: (07/21/2015 04:45:09 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)

Error: (07/21/2015 04:43:10 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)

Error: (07/21/2015 04:43:10 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)

Error: (07/21/2015 04:40:30 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)

Error: (07/21/2015 04:40:30 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)

Error: (07/21/2015 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)

Error: (07/21/2015 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)

Error: (07/21/2015 04:40:20 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)

Error: (07/21/2015 04:40:20 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyUruchom{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)


Microsoft Office:
=========================
Error: (07/21/2015 04:39:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2015 04:38:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (07/21/2015 04:38:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (07/21/2015 04:38:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (07/21/2015 04:17:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2015 04:15:50 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (07/21/2015 04:15:50 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (07/21/2015 04:15:50 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (07/21/2015 10:55:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2015 08:44:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SnD HIDEALLIP 2015 Universal Patcher.exe0.0.0.02a425e19SnD HIDEALLIP 2015 Universal Patcher.exe0.0.0.02a425e19c000000500008d1b224801d0c380ac5fb0c2C:\Extracted\SnD HIDEALLIP 2015 Universal Patcher.exeC:\Extracted\SnD HIDEALLIP 2015 Universal Patcher.exeec1b83f4-2f73-11e5-8809-7824af42e90d


CodeIntegrity Errors:
===================================
Date: 2015-07-21 16:38:48.577
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-21 16:16:55.723
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-21 15:58:36.112
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-21 10:53:56.699
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-21 08:09:45.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-21 07:39:53.200
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-20 23:20:13.440
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-20 23:13:08.340
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-20 08:37:24.608
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-07-19 21:50:47.636
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 33%
Total physical RAM: 8133.2 MB
Available physical RAM: 5411.38 MB
Total Virtual: 16264.6 MB
Available Virtual: 13182.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:2.33 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:846.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8AC83197)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 623C052F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================

 

SHORTCUT

 

Users shortcut scan result (x64) Version:20-07-2015
Ran by Kacper at 2015-07-21 16:46:38
Running from C:\Users\Kacper\Downloads
Boot Mode: Normal
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2014.lnk -> C:\Program Files\Adobe\Adobe After Effects CC 2014\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk -> C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2014.lnk -> C:\Program Files\Adobe\Adobe Premiere Pro CC 2014\Adobe Premiere Pro.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-A90000000001}\SC_Reader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk -> C:\Program Files (x86)\foobar2000\foobar2000.exe (Piotr Pawlowski)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk -> C:\Program Files\Sublime Text 2\sublime_text.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Uninstall XAMPP.lnk -> C:\Xampp\uninstall.exe (Bitnami)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP Control Panel.lnk -> C:\Xampp\xampp-control.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP htdocs folder.lnk -> C:\Xampp\htdocs ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\Documentation.lnk -> C:\Program Files\WinHTTrack\httrack-doc.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\WinHTTrack Website Copier.lnk -> C:\Program Files\WinHTTrack\WinHTTrack.exe (HTTrack)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 8.lnk -> C:\Windows\Installer\{474DFABF-E55B-4905-ABAA-40791A6AC77F}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Studio 8.lnk -> C:\Windows\Installer\{474DFABF-E55B-4905-ABAA-40791A6AC77F}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows\Utilities\Add a new TAP virtual ethernet adapter.lnk -> C:\Program Files\TAP-Windows\bin\addtap.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows\Utilities\Delete ALL TAP virtual ethernet adapters.lnk -> C:\Program Files\TAP-Windows\bin\deltapall.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamtip Alerter\Streamtip Alerter.lnk -> C:\Program Files (x86)\Streamtip Alerter\streamtip-alerter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 (64-bit).lnk -> C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe (Sony Creative Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 Readme.lnk -> C:\Program Files\Sony\Vegas Pro 13.0\Readme\Vegas_readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sizer\Sizer.lnk -> C:\Program Files (x86)\Sizer\sizer.exe (Brian Apps Products)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint\Microsoft SharePoint Workspace 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Romain's Software\User Guide.lnk -> C:\Program Files (x86)\Attribute Changer\ac.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\Deinstalacja programu RocketDock.lnk -> C:\Program Files (x86)\RocketDock\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\PunkSoftware.com.lnk -> C:\Program Files (x86)\RocketDock\PunkSoftware.com.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\RocketDock Documentation.lnk -> C:\Program Files (x86)\RocketDock\Help\English\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock\RocketDock.lnk -> C:\Program Files (x86)\RocketDock\RocketDock.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Red Giant Link.lnk -> C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Uninstall Color Suite.lnk -> C:\Program Files (x86)\Red Giant\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Uninstall Trapcode Suite.lnk -> C:\Program Files (x86)\Red Giant\unins001.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\O programie QuickTime.lnk -> C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulover's Macro Creator\Deinstalacja programu Pulover's Macro Creator.lnk -> C:\Program Files\MacroCreator\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulover's Macro Creator\Pulover's Macro Creator.lnk -> C:\Program Files\MacroCreator\MacroCreator.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Narzędzie zgłaszania błędów Origin.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Usuń Origin.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Electronic Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\OpenVPN GUI.lnk -> C:\Program Files\OpenVPN\bin\openvpn-gui.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Uninstall OpenVPN.lnk -> C:\Program Files\OpenVPN\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN configuration file directory.lnk -> C:\Program Files\OpenVPN\config ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN log file directory.lnk -> C:\Program Files\OpenVPN\log ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN Sample Configuration Files.lnk -> C:\Program Files\OpenVPN\sample-config ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Manual Page.lnk -> C:\Program Files\OpenVPN\doc\openvpn.8.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Windows Notes.lnk -> C:\Program Files\OpenVPN\doc\INSTALL-win32.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Norton Internet Security.lnk -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\uistub.exe (Symantec Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBTExplorer\NBTExplorer.lnk -> C:\Program Files (x86)\NBTExplorer\NBTExplorer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis\Action!\Action!.lnk -> C:\Program Files (x86)\Mirillis\Action!\Action.exe (Mirillis Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Filler 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft SharePoint Workspace 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Language Preferences.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON\CINEMA 4D 64 Bit.lnk -> C:\Program Files\MAXON\CINEMA 4D R15\CINEMA 4D 64 Bit.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON\Team Render Client 64 Bit.lnk -> C:\Program Files\MAXON\Team Render Client R15\Team Render Client 64 Bit.exe (MAXON Computer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Gaming Software 8.58.lnk -> C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains\IntelliJ IDEA 14.0.lnk -> C:\Program Files (x86)\JetBrains\IntelliJ IDEA 14.0\bin\idea.exe (JetBrains s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk -> C:\Program Files\Java\jdk1.7.0_79\bin\jmc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk -> C:\Program Files (x86)\Internet Download Manager\grabber.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk -> C:\Program Files (x86)\Internet Download Manager\idman.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk -> C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk -> C:\Program Files (x86)\Internet Download Manager\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk -> C:\Program Files (x86)\Internet Download Manager\tutor.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk -> C:\Program Files (x86)\Internet Download Manager\Uninstall.exe (Tonec Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor\Changelog.lnk -> C:\Program Files (x86)\HxD\changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor\HxD.lnk -> C:\Program Files (x86)\HxD\HxD.exe (Maël Hörz)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor\License.lnk -> C:\Program Files (x86)\HxD\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor\Readme.lnk -> C:\Program Files (x86)\HxD\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield\Hotspot Shield.lnk -> C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe (AnchorFree Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield\Uninstall Hotspot Shield.lnk -> C:\Program Files (x86)\Hotspot Shield\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX\Sapphire Flare Designer.lnk -> C:\Program Files (x86)\GenArts\SapphireOFX\flare-editor\flare_editor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX\Sapphire OFX Online Help (HTML).lnk -> C:\Program Files (x86)\GenArts\SapphireOFX\docs\intro.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX\Sapphire OFX Online Help (PDF).lnk -> C:\Program Files (x86)\GenArts\SapphireOFX\docs\Sapphire-Users-Guide-OFX.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX\Uninstall Sapphire OFX.lnk -> C:\Program Files (x86)\GenArts\SapphireOFX\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Sapphire AE Online Help (HTML).lnk -> C:\Program Files (x86)\GenArts\SapphireAE\docs\intro.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Sapphire AE Online Help (PDF).lnk -> C:\Program Files (x86)\GenArts\SapphireAE\docs\Sapphire-Users-Guide-AE.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Sapphire Flare Designer.lnk -> C:\Program Files (x86)\GenArts\SapphireAE\flare-editor\flare_editor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Uninstall Sapphire AE.lnk -> C:\Program Files (x86)\GenArts\SapphireAE\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk -> C:\Program Files\Fraps\fraps.exe (Beepa P/L)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk -> C:\Program Files\Fraps\uninstall.exe (Beepa Pty Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15\FIFA 15.lnk -> C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15\Plik Przeczytaj.lnk -> C:\Program Files (x86)\Origin Games\FIFA 15\Support\readme\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15\Pomoc techniczna.lnk -> C:\Program Files (x86)\Origin Games\FIFA 15\Support\EA Help\Pomoc techniczna.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15\Umowa użytkownika FIFA 15.lnk -> C:\Program Files (x86)\Origin Games\FIFA 15\Support\eula\pl_PL_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk -> C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe (DT Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk -> C:\Program Files (x86)\DAEMON Tools Pro\DTImgEditor.exe (DT Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\Dragon\Comodo Dragon.lnk -> C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\Dragon\Uninstall Comodo Dragon.lnk -> C:\Program Files (x86)\Comodo\Dragon\uninstall.exe (COMODO)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO Internet Security\COMODO Internet Security.lnk -> C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO GeekBuddy\COMODO GeekBuddy.lnk -> C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO GeekBuddy\Uninstall COMODO GeekBuddy.lnk -> C:\Program Files\COMODO\COMODO GeekBuddy\uninstall.exe (COMODO)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (32-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-i386.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine help.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine tutorial.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Reset settings.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Uninstall Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Kernel stuff\Unload kernel module.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey Help File.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey Setup.lnk -> C:\Program Files\AutoHotkey\Installer.ahk ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoIt3 Window Spy.lnk -> C:\Program Files\AutoHotkey\AU3_Spy.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Convert .ahk to .exe.lnk -> C:\Program Files\AutoHotkey\Compiler\Ahk2Exe.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Website.lnk -> C:\Program Files\AutoHotkey\AutoHotkey Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2015\Ashampoo Burning Studio 2015 .lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2015\burningstudio2015.exe (Ashampoo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2015\Help.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2015\lang\BurningStudio-en-us.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2015\Readme.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2015\readme_en_us.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 2015\Uninstall Ashampoo Burning Studio 2015.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2015\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Advanced Tag Editor.lnk -> C:\Program Files (x86)\AIMP3\AIMP3ate.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Audio Converter.lnk -> C:\Program Files (x86)\AIMP3\AIMP3ac.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Audio Library.lnk -> C:\Program Files (x86)\AIMP3\AIMP3lib.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3 Home Page.lnk -> C:\Program Files (x86)\AIMP3\AIMP3.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\AIMP3.lnk -> C:\Program Files (x86)\AIMP3\AIMP3.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\History.lnk -> C:\Program Files (x86)\AIMP3\history.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\License.lnk -> C:\Program Files (x86)\AIMP3\license.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3\Uninstall.lnk -> C:\Program Files (x86)\AIMP3\Uninstall.exe (AIMP DevTeam)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\Links\.minecraft.lnk -> C:\Users\Kacper\AppData\Roaming\.minecraft ()
Shortcut: C:\Users\Kacper\Links\Desktop.lnk -> C:\Users\Kacper\Desktop ()
Shortcut: C:\Users\Kacper\Links\Downloads.lnk -> C:\Users\Kacper\Downloads ()
Shortcut: C:\Users\Kacper\Links\Dropbox.lnk -> C:\Users\Kacper\Dropbox ()
Shortcut: C:\Users\Kacper\Links\Inne.lnk -> D:\Inne ()
Shortcut: C:\Users\Kacper\Links\Nuta.lnk -> D:\Inne\Media\Nuta ()
Shortcut: C:\Users\Kacper\Links\Serwer Bukkit.lnk -> D:\Inne\Serwer Bukkit ()
Shortcut: C:\Users\Kacper\Links\Youtube.lnk -> D:\Inne\Media\Youtube ()
Shortcut: C:\Users\Kacper\Favorites\GG dysk.lnk -> C:\Users\Kacper\GG dysk ()
Shortcut: C:\Users\Kacper\Desktop\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\Kacper\Desktop\Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe ()
Shortcut: C:\Users\Kacper\Desktop\GG.lnk -> C:\Users\Kacper\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Kacper\Desktop\HTTrack Website Copier.lnk -> C:\Program Files\WinHTTrack\WinHTTrack.exe (HTTrack)
Shortcut: C:\Users\Kacper\Desktop\Internet Download Manager.lnk -> C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
Shortcut: C:\Users\Kacper\Desktop\IrfanView.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\Kacper\Desktop\Minecraft.lnk -> C:\Program Files\Minecraft\Minecraft.exe (Mojang)
Shortcut: C:\Users\Kacper\Desktop\Open Broadcaster Software.lnk -> C:\Program Files (x86)\OBS\OBS.exe ()
Shortcut: C:\Users\Kacper\Desktop\OpenFM.lnk -> C:\Users\Kacper\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Kacper\Desktop\RocketDock.lnk -> C:\Program Files (x86)\RocketDock\RocketDock.exe ()
Shortcut: C:\Users\Kacper\Desktop\screenSHU.lnk -> C:\Program Files (x86)\screenSHU\screenSHU.exe ()
Shortcut: C:\Users\Kacper\Desktop\Total Commander 64 bit.lnk -> C:\Program Files\Total CMD\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\Kacper\Desktop\µTorrent.lnk -> C:\Users\Kacper\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Kacper\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Kacper\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Kacper\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\screenSHU.lnk -> C:\Program Files (x86)\screenSHU\screenSHU.exe ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit.lnk -> C:\Program Files\Total CMD\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander Help.lnk -> C:\Program Files\Total CMD\TOTALCMD.CHM ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Uninstall or Repair Total Commander.lnk -> C:\Program Files\Total CMD\TCUNIN64.EXE ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (32bit).lnk -> C:\Program Files (x86)\OBS\OBS.exe ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (64bit).lnk -> C:\Program Files\OBS\OBS.exe ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Uninstall.lnk -> C:\Program Files (x86)\OBS\uninstall.exe ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files (x86)\IrfanView\i_about.txt ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files (x86)\IrfanView\i_languages.txt ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files (x86)\IrfanView\i_plugins.txt ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files (x86)\IrfanView\i_options.txt ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 4.38.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files (x86)\IrfanView\i_view32.chm ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Uninstall IrfanView.lnk -> C:\Program Files (x86)\IrfanView\iv_uninstall.exe (Irfan Skiljan, IrfanView)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files (x86)\IrfanView\i_changes.txt ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk -> C:\Program Files (x86)\Internet Download Manager\grabber.chm ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk -> C:\Program Files (x86)\Internet Download Manager\idman.chm ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk -> C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk -> C:\Program Files (x86)\Internet Download Manager\license.txt ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk -> C:\Program Files (x86)\Internet Download Manager\tutor.chm ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk -> C:\Program Files (x86)\Internet Download Manager\Uninstall.exe (Tonec Inc.)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter Strike 1.6 PRO\Uninstall Counter Strike 1.6 PRO.lnk -> C:\Program Files (x86)\Counter Strike 1.6 PRO\Uninst0.exe (n/a)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Kacper\Dropbox ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk -> C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Kacper\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GG.lnk -> C:\Users\Kacper\AppData\Local\GG\Application\ggapp.exe (GG Network S.A.)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sublime Text 2.lnk -> C:\Program Files\Sublime Text 2\sublime_text.exe ()
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Kacper\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Kacper\AppData\Local\OpenFM\Application\openfm.lnk -> C:\Users\Kacper\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Kacper\AppData\Local\GG\Application.old\gg.lnk -> C:\Users\Kacper\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Kacper\AppData\Local\GG\Application\gg.lnk -> C:\Users\Kacper\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Public\Desktop\Action!.lnk -> C:\Program Files (x86)\Mirillis\Action!\Action.exe (Mirillis Ltd.)
Shortcut: C:\Users\Public\Desktop\Adobe Reader 9.lnk -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\AIMP3.lnk -> C:\Program Files (x86)\AIMP3\AIMP3.exe (AIMP DevTeam)
Shortcut: C:\Users\Public\Desktop\Ashampoo Burning Studio 2015.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2015\burningstudio2015.exe (Ashampoo)
Shortcut: C:\Users\Public\Desktop\Camtasia Studio 8.lnk -> C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe (TechSmith Corporation)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\Comodo Dragon.lnk -> C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo)
Shortcut: C:\Users\Public\Desktop\COMODO GeekBuddy.lnk -> C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
Shortcut: C:\Users\Public\Desktop\COMODO Internet Security.lnk -> C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
Shortcut: C:\Users\Public\Desktop\DAEMON Tools Pro.lnk -> C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe (DT Soft Ltd)
Shortcut: C:\Users\Public\Desktop\FIFA 15.lnk -> C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe (Electronic Arts)
Shortcut: C:\Users\Public\Desktop\foobar2000.lnk -> C:\Program Files (x86)\foobar2000\foobar2000.exe (Piotr Pawlowski)
Shortcut: C:\Users\Public\Desktop\Fraps.lnk -> C:\Program Files\Fraps\fraps.exe (Beepa P/L)
Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Hotspot Shield.lnk -> C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe (AnchorFree Inc.)
Shortcut: C:\Users\Public\Desktop\HxD.lnk -> C:\Program Files (x86)\HxD\HxD.exe (Maël Hörz)
Shortcut: C:\Users\Public\Desktop\IntelliJ IDEA 14.0.lnk -> C:\Program Files (x86)\JetBrains\IntelliJ IDEA 14.0\bin\idea.exe (JetBrains s.r.o.)
Shortcut: C:\Users\Public\Desktop\League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.exe ()
Shortcut: C:\Users\Public\Desktop\Norton Internet Security.lnk -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\uistub.exe (Symantec Corporation)
Shortcut: C:\Users\Public\Desktop\OpenVPN GUI.lnk -> C:\Program Files\OpenVPN\bin\openvpn-gui.exe ()
Shortcut: C:\Users\Public\Desktop\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Public\Desktop\Pulover's Macro Creator.lnk -> C:\Program Files\MacroCreator\MacroCreator.exe ()
Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Sizer.lnk -> C:\Program Files (x86)\Sizer\sizer.exe (Brian Apps Products)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\Streamtip Alerter.lnk -> C:\Program Files (x86)\Streamtip Alerter\streamtip-alerter.exe ()
Shortcut: C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe (Adobe Systems Incorporated) -> --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\copying.lnk -> C:\Windows\notepad.exe (Microsoft Corporation) -> C:\Program Files\WinHTTrack\copying
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\greetings.txt.lnk -> C:\Windows\notepad.exe (Microsoft Corporation) -> C:\Program Files\WinHTTrack\greetings.txt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\history.txt.lnk -> C:\Windows\notepad.exe (Microsoft Corporation) -> C:\Program Files\WinHTTrack\history.txt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\license.txt.lnk -> C:\Windows\notepad.exe (Microsoft Corporation) -> C:\Program Files\WinHTTrack\license.txt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\readme.lnk -> C:\Windows\notepad.exe (Microsoft Corporation) -> C:\Program Files\WinHTTrack\readme
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sizer\Uninstall Sizer.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {DE43AA92-E8C0-4620-AFE2-FBD623C71643}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Odinstaluj QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Utilities\Generate a static OpenVPN key.lnk -> C:\Program Files\OpenVPN\bin\openvpn.exe (The OpenVPN Project) -> --pause-exit --verb 3 --genkey --secret "C:\Program Files\OpenVPN\config\key.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\LiveUpdate.lnk -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\uistub.exe (Symantec Corporation) -> /lu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Support.lnk -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\symerr.exe (Symantec Corporation) -> /support
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Uninstall Norton Internet Security.lnk -> C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\21.7.0.11\inststub.exe (Symantec Corporation) -> /X /shortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBTExplorer\Uninstall NBTExplorer.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {FC4C8FDD-384C-471F-9E9A-C25B57ABE7A8}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft InfoPath Designer 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe () -> /design
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet PhotoLooks\Remove Magic Bullet PhotoLooks.lnk -> C:\Windows\unvise32.exe (MindVision Software) -> C:\PROGRA~1\Adobe\ADOBEP~1\Plug-ins\MBPHOT~1.LOG
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX\Check for Sapphire OFX Updates.lnk -> C:\Program Files (x86)\GenArts\SapphireOFX\genarts-frontend.exe (GenArts, Inc.) -> -update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX\Install Sapphire OFX RLM License.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> C:\Program Files (x86)\GenArts\rlm\Sapphire-OFX.lic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX\Install Sapphire OFX Serial Number.lnk -> C:\Program Files (x86)\GenArts\SapphireOFX\genarts-frontend.exe (GenArts, Inc.) -> -license-install
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Check for Sapphire AE Updates.lnk -> C:\Program Files (x86)\GenArts\SapphireAE\genarts-frontend.exe (GenArts, Inc.) -> -update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Install Sapphire AE RLM License.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> C:\Program Files (x86)\GenArts\rlm\SapphireAE.lic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE\Install Sapphire AE Serial Number.lnk -> C:\Program Files (x86)\GenArts\SapphireAE\genarts-frontend.exe (GenArts, Inc.) -> -license-install
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO Internet Security\Dodaj lub usuń komponenty.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /I{D6AB1F5B-FED6-49a9-9747-327BD28FB3C7}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\main.lua.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> C:\Program Files (x86)\Cheat Engine 6.4\main.lua
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Kacper\Desktop\Counter Strike 1.6 PRO.lnk -> C:\Program Files (x86)\Counter Strike 1.6 PRO\ Counter Strike 1.6\hl.exe (Valve) -> -steam -game cstrike -noipx -nojoy -noforcemparms -noforcemaccel
ShortcutWithArgument: C:\Users\Kacper\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0\Uninstall Theme Resource Changer X64 v1.0.lnk -> C:\Program Files\Theme Resource Changer\Uninstall-ThemeResourceChangerX64.exe (Bad Ass Apps) -> C:\Program Files\Theme Resource Changer\SSEun.dat
ShortcutWithArgument: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter Strike 1.6 PRO\Counter Strike 1.6 PRO.lnk -> C:\Program Files (x86)\Counter Strike 1.6 PRO\ Counter Strike 1.6\hl.exe (Valve) -> -steam -game cstrike -noipx -nojoy -noforcemparms -noforcemaccel
ShortcutWithArgument: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Bitnami for XAMPP.url -> https://bitnami.com/stack/xampp?utm_source=bitnami&utm_medium=installer&utm_campaign=XAMPP%2BInstaller
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Romain's Software\Petges.lu.url -> hxxp://www.petges.lu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulover's Macro Creator\Strona WWW programu Pulover's Macro Creator.url -> hxxp://www.macrocreator.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN HOWTO.url -> hxxp://openvpn.net/howto.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Support.url -> https://community.openvpn.net/openvpn/wiki/GettingHelp'>https://community.openvpn.net/openvpn/wiki/GettingHelp
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Web Site.url -> hxxp://openvpn.net/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Wiki.url -> https://community.openvpn.net/openvpn/wiki/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor\Website.url -> hxxp://mh-nexus.de/hxd/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 0
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Online Help.URL -> hxxp://www.daemonpro.com/help/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\Kacper\Favorites\Windows Live\Galeria gadżetów Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkID=70742
InternetURL: C:\Users\Kacper\Favorites\Windows Live\Poczta usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Kacper\Favorites\Windows Live\Programy usługi Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Kacper\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Kacper\Favorites\MSN — witryny sieci Web\MSN Gospodarka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Kacper\Favorites\MSN — witryny sieci Web\MSN Rozrywka.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Kacper\Favorites\MSN — witryny sieci Web\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Kacper\Favorites\MSN — witryny sieci Web\MSN Technologie.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Kacper\Favorites\MSN — witryny sieci Web\MSN Wideo.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Kacper\Favorites\MSN — witryny sieci Web\Portal MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\Centrum bezpieczeństwa Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkID=72887
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\Dodatki programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\Microsoft Office Online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72885
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\Microsoft Technet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72886
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\Microsoft w Polsce.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\Oryginalne oprogramowanie firmy Microsoft.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72900
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\Strona główna programu Internet Explorer.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\Strona główna systemu Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\Technologia RSS.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72889
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\W domu.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Kacper\Favorites\Microsoft — witryny sieci Web\W pracy.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72407
InternetURL: C:\Users\Kacper\Favorites\Links for Polska\Bezpieczeństwo w trybie online.url -> hxxp://go.microsoft.com/fwlink/?LinkId=142211
InternetURL: C:\Users\Kacper\Favorites\Links for Polska\Bezpieczny Internet.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129626
InternetURL: C:\Users\Kacper\Favorites\Links for Polska\Kultura.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129625
InternetURL: C:\Users\Kacper\Favorites\Links for Polska\Pogodynka.pl — oficjalny serwis pogodowy IMGW.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129624
InternetURL: C:\Users\Kacper\Favorites\Links for Polska\Polska.pl.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129622
InternetURL: C:\Users\Kacper\Favorites\Links\Galeria obiektów Web Slice.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Kacper\Favorites\Links\Sugerowane witryny.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Kacper\Desktop\Counter-Strike Global Offensive.url -> steam://rungameid/730
InternetURL: C:\Users\Kacper\Desktop\Grand Theft Auto V.url -> steam://rungameid/271590
InternetURL: C:\Users\Kacper\Desktop\Team Fortress Classic.url -> steam://rungameid/20
InternetURL: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> steam://rungameid/730
InternetURL: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Team Fortress Classic.url -> steam://rungameid/20

==================== End of log =============================

 

FSS

 

Farbar Service Scanner Version: 17-01-2015
Ran by Kacper (administrator) on 21-07-2015 at 16:51:02
Running from "C:\Users\Kacper\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

OTL

 

OTL logfile created on: 2015-07-21 16:49:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kacper\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,94 Gb Total Physical Memory | 5,45 Gb Available Physical Memory | 68,56% Memory free
15,88 Gb Paging File | 13,07 Gb Available in Paging File | 82,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 2,33 Gb Free Space | 1,95% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 846,88 Gb Free Space | 90,91% Space Free | Partition Type: NTFS

Computer Name: KACPER-KOMPUTER | User Name: Kacper | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015-07-21 16:49:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kacper\Downloads\OTL.exe
PRC - [2015-07-18 12:36:06 | 000,191,488 | ---- | M] (Gf6s0B3S) -- C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe
PRC - [2015-07-13 23:55:16 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015-06-26 20:31:18 | 043,871,968 | ---- | M] (Dropbox, Inc.) -- C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
PRC - [2015-06-24 13:37:29 | 002,754,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015-06-24 13:37:26 | 001,868,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015-06-04 01:00:18 | 001,169,616 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
PRC - [2015-06-04 00:59:24 | 000,589,520 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2015-06-04 00:59:04 | 002,449,616 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
PRC - [2015-03-07 08:42:49 | 000,276,336 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe
PRC - [2014-10-16 14:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-10-23 10:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2010-11-21 05:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015-07-21 16:40:02 | 000,043,008 | ---- | M] () -- c:\users\kacper\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprov2ji.dll
MOD - [2015-07-13 23:55:14 | 001,281,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
MOD - [2015-07-13 23:55:13 | 000,080,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
MOD - [2015-06-24 13:37:29 | 000,011,920 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2015-06-07 23:31:06 | 000,107,520 | R--- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
MOD - [2015-06-04 00:57:00 | 001,749,200 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
MOD - [2015-03-19 09:15:28 | 000,865,280 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\plugins\platforms\qwindows.dll
MOD - [2015-03-19 09:15:28 | 000,750,080 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
MOD - [2015-03-19 09:15:28 | 000,726,016 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2015-03-19 09:15:28 | 000,200,704 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qjpeg.dll
MOD - [2015-03-19 09:15:28 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\libEGL.dll
MOD - [2015-03-19 09:15:28 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
MOD - [2015-03-19 09:15:28 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
MOD - [2011-04-12 15:21:14 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll
MOD - [2011-04-12 15:21:13 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011-04-12 15:21:12 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_pl_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
MOD - [2011-03-02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt32.dll
MOD - [2010-11-21 05:51:49 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\08d608378aa405adc844f3cf36974b8c\Microsoft.VisualBasic.ni.dll
MOD - [2010-11-21 05:48:49 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010-11-21 05:48:42 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010-11-21 05:48:25 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010-11-21 05:48:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010-11-21 05:48:21 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010-11-21 05:48:14 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2010-01-21 01:34:10 | 008,793,952 | ---- | M] () -- C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-09 20:18:18 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2015-06-24 13:37:26 | 001,152,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:[b]64bit:[/b] - [2015-06-24 13:37:25 | 023,007,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:[b]64bit:[/b] - [2015-06-08 09:01:16 | 000,038,200 | ---- | M] (The OpenVPN Project) [Disabled | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV:[b]64bit:[/b] - [2014-03-11 16:31:58 | 000,260,360 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2013-10-06 18:26:58 | 000,240,576 | ---- | M] (DTS, Inc) [Auto | Stopped] -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe -- (DTSAudioSvc)
SRV:[b]64bit:[/b] - [2012-03-11 21:13:24 | 002,815,496 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:[b]64bit:[/b] - [2011-11-23 12:27:10 | 001,267,000 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2015-06-30 23:21:13 | 002,004,488 | ---- | M] (Electronic Arts) [Disabled | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015-06-24 13:37:26 | 001,868,432 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015-06-07 16:04:26 | 000,134,512 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdatem)
SRV - [2015-06-07 16:04:26 | 000,134,512 | ---- | M] (Dropbox, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdate)
SRV - [2015-06-04 20:56:54 | 000,837,312 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015-06-04 01:06:52 | 000,096,600 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
SRV - [2015-06-04 01:00:18 | 001,169,616 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe -- (hshld)
SRV - [2015-06-04 00:59:24 | 000,589,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2015-06-03 16:42:38 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015-03-07 08:42:49 | 000,276,336 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe -- (NIS)
SRV - [2014-10-16 14:27:09 | 000,410,952 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-04-11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2015-07-21 08:10:31 | 000,040,704 | ---- | M] (SoftEther Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Neo_0081.sys -- (Neo_VPN)
DRV:[b]64bit:[/b] - [2015-06-24 13:37:25 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:[b]64bit:[/b] - [2015-06-08 06:32:02 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2015-06-07 15:55:50 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2015-05-20 14:55:54 | 000,197,616 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:[b]64bit:[/b] - [2015-05-19 05:29:01 | 000,046,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:[b]64bit:[/b] - [2015-05-19 03:09:00 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2015-05-19 03:06:48 | 000,044,744 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:[b]64bit:[/b] - [2014-10-16 18:54:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2014-08-26 04:26:58 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1507000.00B\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2014-08-26 04:26:57 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1507000.00B\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2014-08-26 04:20:22 | 000,876,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1507000.00B\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2014-08-26 04:20:22 | 000,037,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1507000.00B\srtspx64.sys -- (SRTSPX)
DRV:[b]64bit:[/b] - [2014-08-06 21:48:16 | 000,266,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1507000.00B\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2014-03-14 11:38:22 | 000,084,816 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asstor64.sys -- (asstor64)
DRV:[b]64bit:[/b] - [2014-03-14 05:23:30 | 000,487,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1d62x64.sys -- (e1dexpress)
DRV:[b]64bit:[/b] - [2014-01-09 01:26:50 | 000,423,128 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:[b]64bit:[/b] - [2014-01-09 01:26:48 | 000,138,456 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:[b]64bit:[/b] - [2013-09-26 04:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1507000.00B\ccsetx64.sys -- (ccSet_NIS)
DRV:[b]64bit:[/b] - [2013-09-10 04:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1507000.00B\symds64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2013-07-11 08:57:16 | 000,041,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vbaudio_cable64_win7.sys -- (VBAudioVACMME)
DRV:[b]64bit:[/b] - [2013-05-30 18:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:[b]64bit:[/b] - [2012-03-11 21:13:40 | 000,022,696 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:[b]64bit:[/b] - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-02-25 17:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2009-11-24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:[b]64bit:[/b] - [2009-11-24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2015-07-16 17:20:22 | 002,146,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150720.018\EX64.SYS -- (NAVEX15)
DRV - [2015-07-16 17:20:22 | 000,138,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150720.018\ENG64.SYS -- (NAVENG)
DRV - [2015-06-25 11:16:30 | 000,498,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2015-06-20 10:43:27 | 000,692,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150720.001\IDSvia64.sys -- (IDSVia64)
DRV - [2015-06-17 02:51:09 | 001,648,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150706.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2015-06-07 00:43:20 | 000,145,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-509856250-1911961952-590295147-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-509856250-1911961952-590295147-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-509856250-1911961952-590295147-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2015-07-21 16:37:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Kacper\AppData\Roaming\IDM\idmmzcc5 [2015-07-21 10:53:55 | 000,000,000 | ---D | M]

[2015-06-09 18:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kacper\AppData\Roaming\mozilla\Extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\
CHR - Extension: No name found = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokahbgdhhcjfnjlfeiojfmgnoikpcco\1.3.1_0\
CHR - Extension: No name found = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek\6.23.11_0\
CHR - Extension: No name found = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_1\
CHR - Extension: No name found = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdcijloimlokiikaaeabennlflobbik\0.1.0_0\

O1 HOSTS File: ([2015-07-20 14:07:34 | 000,001,316 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 212.77.98.9 o2.pl
O1 - Hosts: 212.77.98.9 www.o2.pl
O1 - Hosts: 212.77.98.9 poczta.o2.pl
O1 - Hosts: 212.77.98.9 www.poczta.o2.pl
O1 - Hosts: 127.0.0.1 anchorfree.net
O1 - Hosts: 127.0.0.1 rss2search.com
O1 - Hosts: 127.0.0.1 techbrowsing.com
O1 - Hosts: 127.0.0.1 box.anchorfree.net
O1 - Hosts: 127.0.0.1 www.mefeedia.com
O1 - Hosts: 127.0.0.3 www.anchorfree.net
O1 - Hosts: 127.0.0.2 www.mefeedia.com
O1 - Hosts: 127.0.0.1 anchorfree.us
O1 - Hosts: 127.0.0.1 a433.com
O1 - Hosts: 127.0.0.3 anchorfree.net
O1 - Hosts: 127.0.0.1 rpt.anchorfree.net
O1 - Hosts: 127.0.0.1 delivery.anchorfree.us/land.php
O1 - Hosts: 127.0.0.1 hsselite.com
O1 - Hosts: 127.0.0.1 www.hsselite.com
O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:[b]64bit:[/b] - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll (Symantec Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll (Symantec Corporation)
O3:[b]64bit:[/b] - HKU\S-1-5-21-509856250-1911961952-590295147-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-509856250-1911961952-590295147-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll (Symantec Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [18.exe] C:\Users\Kacper\AppData\RoamingMicrosoft\System\Services\18.exe File not found
O4 - HKLM..\Run: [27529ec914c6740d00cad95d649269a0] C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe (Gf6s0B3S)
O4 - HKLM..\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-509856250-1911961952-590295147-1000..\Run: [18.exe] C:\Users\Kacper\AppData\RoamingMicrosoft\System\Services\18.exe File not found
O4 - HKU\S-1-5-21-509856250-1911961952-590295147-1000..\Run: [27529ec914c6740d00cad95d649269a0] C:\Users\Kacper\AppData\Local\Temp\hkcmd.exe (Gf6s0B3S)
O4 - HKU\S-1-5-21-509856250-1911961952-590295147-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\27529ec914c6740d00cad95d649269a0.exe (Gf6s0B3S)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1 31.41.82.100 31.41.82.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C991986-CA20-4875-B20B-D253E0135CBA}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{934523DE-2F7E-4D5C-AD9D-305E20FAABCC}: DhcpNameServer = 192.168.100.1 31.41.82.100 31.41.82.126
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:[b]64bit:[/b] - SharedTaskScheduler: {F791A188-699D-4FD4-955A-EB59E89B1907} - Theme Resource Changer - \Program Files\Theme Resource Changer\ThemeResourceChanger.dll ()
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015-07-21 16:45:11 | 000,000,000 | ---D | C] -- C:\FRST
[2015-07-21 16:30:08 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\NPE
[2015-07-21 16:28:00 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\COMODO
[2015-07-21 10:53:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015-07-21 10:52:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015-07-21 08:43:35 | 000,191,488 | ---- | C] (Gf6s0B3S) -- C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\27529ec914c6740d00cad95d649269a0.exe
[2015-07-21 08:40:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hide ALL IP
[2015-07-21 08:40:34 | 000,000,000 | ---D | C] -- C:\Extracted
[2015-07-21 08:24:02 | 000,029,696 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys
[2015-07-21 08:10:31 | 000,040,704 | ---- | C] (SoftEther Corporation) -- C:\Windows\SysNative\drivers\Neo_0081.sys
[2015-07-21 08:09:44 | 000,144,104 | ---- | C] (SoftEther VPN Project at University of Tsukuba, Japan.) -- C:\Windows\SysNative\vpncmd.exe
[2015-07-21 07:45:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hide My IP 6
[2015-07-20 17:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2015-07-20 17:19:20 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\ts3
[2015-07-20 15:14:31 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\TS3Client
[2015-07-20 15:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2015-07-20 15:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2015-07-20 14:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2015-07-20 14:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield
[2015-07-20 14:04:26 | 000,044,744 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2015-07-20 14:04:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield
[2015-07-20 14:04:24 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Hotspot Shield
[2015-07-20 08:53:47 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\MacroCreator
[2015-07-20 08:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulover's Macro Creator
[2015-07-20 08:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\MacroCreator
[2015-07-19 13:56:38 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\GenArts
[2015-07-18 16:02:49 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Vesteris
[2015-07-18 14:05:37 | 002,987,520 | ---- | C] (Python Software Foundation) -- C:\Windows\SysWow64\python27.dll
[2015-07-17 15:06:49 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\My Cheat Tables
[2015-07-17 08:25:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX
[2015-07-17 08:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\OFX
[2015-07-17 08:25:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\OFX
[2015-07-16 14:45:03 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\FIFA 15
[2015-07-14 11:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SWF to GIF
[2015-07-11 15:32:21 | 008,203,264 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Windows\SysNative\QtGui4.dll
[2015-07-09 14:46:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2015-07-09 14:46:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock
[2015-07-09 14:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[2015-07-09 13:33:04 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\Action!
[2015-07-08 22:22:30 | 000,000,000 | R--D | C] -- C:\Users\Kacper\Documents\Pictures
[2015-07-08 17:04:04 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\OBS
[2015-07-08 17:01:20 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\Streamtip
[2015-07-08 17:01:15 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\streamtip-alerter
[2015-07-08 17:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamtip Alerter
[2015-07-08 17:01:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Streamtip Alerter
[2015-07-08 16:55:07 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
[2015-07-08 16:55:07 | 000,000,000 | ---D | C] -- C:\Program Files\OBS
[2015-07-08 16:55:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OBS
[2015-07-07 19:47:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2015-07-07 19:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015-07-07 19:47:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015-07-07 09:55:58 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015-07-07 09:55:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2015-07-07 09:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2015-07-07 09:54:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2015-07-05 22:56:49 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\fabi.me
[2015-07-05 16:20:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sizer
[2015-07-05 16:20:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sizer
[2015-07-04 15:14:46 | 000,057,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2015-07-04 15:14:46 | 000,046,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2015-07-03 17:15:24 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\Red Giant
[2015-07-02 23:36:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2015-07-02 23:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15
[2015-07-02 23:04:51 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\LolClient
[2015-07-02 11:18:43 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Mikrotik
[2015-07-01 20:15:02 | 001,674,929 | ---- | C] (TeamExtreme) -- C:\Users\Kacper\Desktop\Minecraft TE Launcher.exe
[2015-07-01 16:14:01 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\CCleaner
[2015-07-01 16:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015-07-01 16:12:33 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015-07-01 13:17:43 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\Apple Computer
[2015-07-01 12:45:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Giant Link
[2015-07-01 12:35:03 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\Downloaded Installations
[2015-07-01 12:19:01 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Red Giant
[2015-07-01 12:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Red Giant
[2015-07-01 12:18:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
[2015-07-01 12:18:51 | 019,939,328 | ---- | C] (Red Giant LLC) -- C:\Windows\SysNative\MBLooksUI_x64.dll
[2015-07-01 12:18:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Giant
[2015-07-01 12:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\RedGiant
[2015-07-01 12:07:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire AE
[2015-07-01 12:07:48 | 000,584,376 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\libiomp5md.dll
[2015-07-01 12:07:45 | 000,575,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libiomp5md.dll
[2015-07-01 12:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\GenArts
[2015-07-01 12:07:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GenArts
[2015-07-01 00:28:38 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\LeagueSharp
[2015-07-01 00:26:18 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2015-07-01 00:23:12 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\LeagueSharp
[2015-06-30 23:42:15 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\LSFC1B955B
[2015-06-30 23:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2015-06-30 23:21:43 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Origin
[2015-06-30 23:21:29 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\Origin
[2015-06-30 23:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2015-06-30 23:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2015-06-30 23:14:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2015-06-30 23:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2015-06-30 00:03:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Taskman
[2015-06-30 00:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7tsp
[2015-06-30 00:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\local
[2015-06-29 23:55:55 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Theme Resource Changer X64 v1.0
[2015-06-29 23:55:47 | 000,000,000 | ---D | C] -- C:\Program Files\Theme Resource Changer
[2015-06-29 23:53:50 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll.backup
[2015-06-29 23:53:49 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll.backup
[2015-06-29 23:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2015-06-29 23:36:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2015-06-29 23:36:41 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Apple Computer
[2015-06-29 23:33:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2015-06-29 23:33:35 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2015-06-29 23:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2015-06-29 23:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2015-06-29 23:33:30 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2015-06-29 18:25:47 | 000,000,000 | -H-D | C] -- C:\Windows\usp
[2015-06-29 11:43:45 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Tracing
[2015-06-29 11:43:25 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Skype
[2015-06-29 11:43:25 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\Skype
[2015-06-29 11:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015-06-29 11:43:21 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2015-06-29 11:43:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015-06-29 11:43:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2015-06-29 10:35:34 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Audacity
[2015-06-29 10:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2015-06-29 10:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2015-06-29 10:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2015-06-29 10:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2015-06-29 10:23:50 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\Apple
[2015-06-29 10:23:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2015-06-28 21:25:12 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\CrashDumps
[2015-06-26 21:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
[2015-06-26 21:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\AutoHotkey
[2015-06-26 19:55:36 | 000,000,000 | ---D | C] -- C:\Users\Kacper\IdeaProjects
[2015-06-26 19:41:23 | 000,000,000 | ---D | C] -- C:\Users\Kacper\.android
[2015-06-26 19:40:51 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\JetBrains
[2015-06-26 19:39:43 | 000,000,000 | ---D | C] -- C:\Users\Kacper\.IntelliJIdea14
[2015-06-26 19:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
[2015-06-26 19:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JetBrains
[2015-06-25 23:46:56 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\TechSmith
[2015-06-25 23:46:54 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\Camtasia Studio
[2015-06-25 23:46:53 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\TechSmith
[2015-06-25 23:44:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
[2015-06-25 23:44:52 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1995-08.com.techsmith
[2015-06-25 23:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2015-06-25 23:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2015-06-25 23:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2015-06-25 23:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2015-06-24 14:18:47 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\ElevatedDiagnostics
[2015-06-24 09:15:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2015-06-23 23:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Romain's Software
[2015-06-23 23:03:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Attribute Changer
[2015-06-23 22:58:46 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2015-06-23 22:58:46 | 000,000,000 | ---D | C] -- C:\Program Files\Total CMD
[2015-06-23 22:58:46 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\GHISLER
[2015-06-22 22:50:18 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Mael
[2015-06-22 22:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor
[2015-06-22 22:46:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HxD
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Kacper\AppData\Local\*.tmp files -> C:\Users\Kacper\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015-07-21 16:47:53 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2015-07-21 16:45:04 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015-07-21 16:45:04 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015-07-21 16:44:13 | 001,668,226 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015-07-21 16:44:13 | 000,739,694 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2015-07-21 16:44:13 | 000,653,526 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015-07-21 16:44:13 | 000,155,268 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2015-07-21 16:44:13 | 000,121,398 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015-07-21 16:38:01 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015-07-21 16:37:57 | 000,001,148 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskMachineCore.job
[2015-07-21 16:37:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015-07-21 16:37:54 | 2101,239,807 | -HS- | M] () -- C:\hiberfil.sys
[2015-07-21 16:37:54 | 1334,153,437 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2015-07-21 16:18:35 | 000,001,152 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskMachineUA.job
[2015-07-21 16:01:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015-07-21 08:10:31 | 000,040,704 | ---- | M] (SoftEther Corporation) -- C:\Windows\SysNative\drivers\Neo_0081.sys
[2015-07-21 08:09:44 | 000,144,104 | ---- | M] (SoftEther VPN Project at University of Tsukuba, Japan.) -- C:\Windows\SysNative\vpncmd.exe
[2015-07-20 21:32:53 | 000,000,132 | ---- | M] () -- C:\Users\Kacper\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
[2015-07-20 15:14:29 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2015-07-20 14:10:12 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2015-07-20 08:53:42 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\Pulover's Macro Creator.lnk
[2015-07-18 21:22:37 | 005,206,256 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015-07-18 15:13:40 | 000,116,647 | ---- | M] () -- C:\Users\Kacper\Desktop\widgets.psd
[2015-07-18 12:36:06 | 000,191,488 | ---- | M] (Gf6s0B3S) -- C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\27529ec914c6740d00cad95d649269a0.exe
[2015-07-17 08:25:36 | 000,000,201 | ---- | M] () -- C:\Windows\MSUTIL.INI
[2015-07-16 22:25:02 | 000,058,471 | ---- | M] () -- C:\Users\Kacper\Documents\ts3_clientui-win64-1407159763-2015-07-16 22_25_02.139712.dmp
[2015-07-14 17:56:26 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015-07-09 14:46:45 | 000,000,963 | ---- | M] () -- C:\Users\Kacper\Desktop\RocketDock.lnk
[2015-07-09 14:26:54 | 000,000,222 | ---- | M] () -- C:\Users\Kacper\Desktop\Grand Theft Auto V.url
[2015-07-08 17:01:13 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Streamtip Alerter.lnk
[2015-07-08 16:55:07 | 000,000,935 | ---- | M] () -- C:\Users\Kacper\Desktop\Open Broadcaster Software.lnk
[2015-07-07 19:47:23 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2015-07-06 23:32:07 | 000,000,147 | ---- | M] () -- C:\Users\Kacper\Desktop\90ms.ahk
[2015-07-05 16:20:40 | 000,000,893 | ---- | M] () -- C:\Users\Public\Desktop\Sizer.lnk
[2015-07-04 15:15:12 | 000,001,377 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2015-07-03 17:25:13 | 113,068,277 | ---- | M] () -- C:\Users\Kacper\Documents\New track 6.mp4
[2015-07-03 14:09:23 | 000,000,196 | ---- | M] () -- C:\Users\Kacper\Desktop\Predator Mode.ahk
[2015-07-03 12:35:29 | 486,088,521 | ---- | M] () -- C:\Users\Kacper\Documents\New track 5.mp4
[2015-07-02 23:36:53 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 15.lnk
[2015-07-01 16:12:34 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015-06-30 23:14:00 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2015-06-30 00:03:39 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2015-06-30 00:03:33 | 000,373,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2015-06-30 00:03:29 | 000,336,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2015-06-30 00:03:24 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe
[2015-06-30 00:03:20 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe
[2015-06-30 00:03:08 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagesp1.dll
[2015-06-30 00:03:05 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imagesp1.dll
[2015-06-30 00:03:01 | 040,884,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imageres.dll
[2015-06-30 00:02:58 | 040,884,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imageres.dll
[2015-06-30 00:02:53 | 002,886,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2015-06-29 23:53:50 | 002,851,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2015-06-29 23:53:49 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2015-06-29 23:36:45 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2015-06-29 23:35:22 | 000,000,462 | ---- | M] () -- C:\Windows\SysWow64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2015-06-29 23:35:12 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2015-06-29 23:33:36 | 000,001,045 | ---- | M] () -- C:\Users\Public\Desktop\COMODO GeekBuddy.lnk
[2015-06-29 23:33:30 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2015-06-29 14:59:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2015-06-29 11:43:22 | 000,002,699 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2015-06-29 10:24:03 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2015-06-26 19:38:54 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\IntelliJ IDEA 14.0.lnk
[2015-06-26 15:39:30 | 000,348,256 | RH-- | M] () -- C:\Users\Kacper\Documents\New track 2.mp4.sfk
[2015-06-26 13:26:40 | 000,054,368 | RH-- | M] () -- C:\Users\Kacper\Documents\New track 3.mp4.sfk
[2015-06-25 23:44:53 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2015-06-24 13:36:43 | 001,320,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2015-06-24 13:36:42 | 001,316,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2015-06-24 13:36:31 | 001,571,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2015-06-24 13:36:30 | 001,756,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2015-06-23 22:58:47 | 000,001,012 | ---- | M] () -- C:\Users\Kacper\Desktop\Total Commander 64 bit.lnk
[2015-06-22 22:46:41 | 000,000,881 | ---- | M] () -- C:\Users\Public\Desktop\HxD.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Kacper\AppData\Local\*.tmp files -> C:\Users\Kacper\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015-07-21 10:53:49 | 1334,153,437 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2015-07-20 15:14:29 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2015-07-20 14:05:00 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2015-07-20 08:53:42 | 000,000,860 | ---- | C] () -- C:\Users\Public\Desktop\Pulover's Macro Creator.lnk
[2015-07-18 11:57:38 | 000,116,647 | ---- | C] () -- C:\Users\Kacper\Desktop\widgets.psd
[2015-07-16 22:25:02 | 000,058,471 | ---- | C] () -- C:\Users\Kacper\Documents\ts3_clientui-win64-1407159763-2015-07-16 22_25_02.139712.dmp
[2015-07-09 14:46:45 | 000,000,963 | ---- | C] () -- C:\Users\Kacper\Desktop\RocketDock.lnk
[2015-07-09 14:26:52 | 000,000,222 | ---- | C] () -- C:\Users\Kacper\Desktop\Grand Theft Auto V.url
[2015-07-08 17:01:13 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Streamtip Alerter.lnk
[2015-07-08 16:55:07 | 000,000,935 | ---- | C] () -- C:\Users\Kacper\Desktop\Open Broadcaster Software.lnk
[2015-07-07 09:55:01 | 000,001,671 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk
[2015-07-07 09:54:47 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2015-07-05 16:20:40 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\Sizer.lnk
[2015-07-03 17:19:40 | 113,068,277 | ---- | C] () -- C:\Users\Kacper\Documents\New track 6.mp4
[2015-07-03 12:25:23 | 486,088,521 | ---- | C] () -- C:\Users\Kacper\Documents\New track 5.mp4
[2015-07-02 23:36:53 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 15.lnk
[2015-07-02 22:30:23 | 000,000,196 | ---- | C] () -- C:\Users\Kacper\Desktop\Predator Mode.ahk
[2015-07-01 16:12:34 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015-07-01 12:18:53 | 004,893,184 | ---- | C] () -- C:\Windows\SysNative\PhotoLooksRenderer_x64.dll
[2015-07-01 12:18:53 | 004,168,704 | ---- | C] () -- C:\Windows\SysWow64\PhotoLooksRenderer.dll
[2015-07-01 12:07:39 | 000,000,201 | ---- | C] () -- C:\Windows\MSUTIL.INI
[2015-06-30 23:14:00 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2015-06-29 23:37:15 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2015-06-29 23:36:45 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2015-06-29 23:35:22 | 000,000,462 | ---- | C] () -- C:\Windows\SysWow64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2015-06-29 23:33:36 | 000,001,045 | ---- | C] () -- C:\Users\Public\Desktop\COMODO GeekBuddy.lnk
[2015-06-29 23:33:33 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2015-06-29 20:11:59 | 000,000,127 | ---- | C] () -- C:\Users\Kacper\Desktop\Informatyka.ath
[2015-06-29 20:11:56 | 000,000,147 | ---- | C] () -- C:\Users\Kacper\Desktop\90ms.ahk
[2015-06-29 14:59:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2015-06-29 11:43:22 | 000,002,699 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2015-06-29 10:24:03 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2015-06-29 10:23:50 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2015-06-26 19:38:54 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\IntelliJ IDEA 14.0.lnk
[2015-06-26 15:39:24 | 000,348,256 | RH-- | C] () -- C:\Users\Kacper\Documents\New track 2.mp4.sfk
[2015-06-26 13:26:18 | 000,054,368 | RH-- | C] () -- C:\Users\Kacper\Documents\New track 3.mp4.sfk
[2015-06-25 23:44:53 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2015-06-23 22:58:47 | 000,001,012 | ---- | C] () -- C:\Users\Kacper\Desktop\Total Commander 64 bit.lnk
[2015-06-22 22:46:41 | 000,000,881 | ---- | C] () -- C:\Users\Public\Desktop\HxD.lnk
[2015-06-16 14:16:31 | 000,000,132 | ---- | C] () -- C:\Users\Kacper\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
[2015-06-07 21:24:34 | 000,000,000 | ---- | C] () -- C:\Users\Kacper\AppData\Local\{5824147F-9224-43E0-A80F-808CF7DE4ABE}
[2015-06-07 15:57:22 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015-06-07 15:54:11 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2015-06-07 15:54:05 | 000,049,554 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2015-06-07 15:49:27 | 001,640,128 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010-11-21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2015-07-21 09:29:45 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\.minecraft
[2015-07-20 18:11:53 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\AIMP3
[2015-06-12 17:55:42 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Ashampoo
[2015-07-21 08:25:46 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Audacity
[2015-07-01 16:13:31 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\DAEMON Tools Pro
[2015-07-21 08:13:21 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\DMCache
[2015-06-07 16:06:06 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Dropbox
[2015-07-21 07:40:52 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\foobar2000
[2015-07-19 13:56:38 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\GenArts
[2015-07-20 18:03:12 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\GG
[2015-06-23 22:58:46 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\GHISLER
[2015-07-20 14:04:24 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Hotspot Shield
[2015-07-21 08:46:30 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\IDM
[2015-06-07 16:39:35 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\IrfanView
[2015-06-07 18:03:19 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\java
[2015-06-26 19:40:51 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\JetBrains
[2015-07-02 23:04:51 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\LolClient
[2015-07-01 00:26:17 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\LSFC1B955B
[2015-07-20 09:47:04 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\MacroCreator
[2015-06-22 22:50:18 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Mael
[2015-06-08 17:36:05 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\MAXON
[2015-07-02 11:18:43 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Mikrotik
[2015-06-08 21:58:25 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Mirillis
[2015-07-13 19:20:53 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\OBS
[2015-06-09 18:21:26 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\OpenFM
[2015-07-02 23:10:16 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Origin
[2015-06-08 16:10:06 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Publish Providers
[2015-07-01 12:19:01 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Red Giant
[2015-06-16 19:43:48 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Riot Games
[2015-06-09 18:34:32 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Sony
[2015-06-09 18:54:45 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Sony Creative Software Inc
[2015-07-07 09:55:58 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015-06-07 16:19:30 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Sublime Text 2
[2015-06-17 18:40:51 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\TeamViewer
[2015-06-25 23:46:56 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\TechSmith
[2015-07-21 16:37:23 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\TS3Client
[2015-07-21 08:46:30 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\uTorrent
[2015-07-20 12:05:37 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Vesteris
[2015-06-07 17:21:32 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\www.shadowexplorer.com

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 83 bytes -> C:\Users\Kacper\Desktop\Minecraft TE Launcher.exe:com.dropbox.attributes

< End of report >

 

EXTRAS

 

OTL Extras logfile created on: 2015-07-21 16:49:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kacper\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,94 Gb Total Physical Memory | 5,45 Gb Available Physical Memory | 68,56% Memory free
15,88 Gb Paging File | 13,07 Gb Available in Paging File | 82,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 2,33 Gb Free Space | 1,95% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 846,88 Gb Free Space | 90,91% Space Free | Partition Type: NTFS

Computer Name: KACPER-KOMPUTER | User Name: Kacper | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-509856250-1911961952-590295147-1000\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03E8F5EB-F31B-4A20-AB28-AA530ADF2A77}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{23C2F60B-56EE-4126-8917-616646414F42}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{25AD0CE2-61F7-4C73-A39D-D51EF2F8659A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{288EA761-4FAB-4393-86B4-A08874DC4B6E}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{31230E9C-C9EE-4D1C-8221-30DEEC320B5E}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{35828188-ADBE-4A73-89E5-03ACD91C408E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{E24A7C12-BFE2-4934-BC71-4D368ABECFA7}" = lport=8317 | protocol=6 | dir=in | name=techsmith camtasia studio |
"{EDB3A25F-13E9-4110-86FF-23DC2DFADF37}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{FA33B132-61AA-4843-9C31-0FE0E97F155E}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA019A7-C020-461D-AB8E-2E92B9895442}" = protocol=6 | dir=in | app=c:\program files (x86)\hide my ip 6\hidemyip.exe |
"{2522AD5E-E18B-4954-98A8-8FBA16EF977F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{27E16B87-070B-4255-B70D-65B399C40E2F}" = protocol=17 | dir=in | app=d:\program files\steamlibrary\steamapps\common\grand theft auto v\gtavlauncher.exe |
"{3257684C-8DC8-4B1F-8F27-5C9C6397998B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{38962F9C-93C3-4E8B-86EC-85ACCDC9ACAA}" = dir=in | app=d:\program files\softether vpn client\vpnclient_x64.exe |
"{449F19FD-A527-41C3-84EA-20E6B780FC86}" = dir=in | app=d:\program files\softether vpn client\vpncmgr.exe |
"{597F7E04-4144-419E-8C12-5E2BC5676169}" = dir=in | app=d:\program files\softether vpn client\vpnclient.exe |
"{5FB7BF57-54A9-4415-9051-D23AE698921A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{61401790-FE00-4039-98AB-FE82822BCA5C}" = dir=in | app=d:\program files\softether vpn client\vpncmgr_x64.exe |
"{6524DB55-F3EB-456E-A155-599807A93618}" = dir=in | app=d:\program files\softether vpn client\vpncmd.exe |
"{755E9FF2-D300-4F59-8B87-EAACBFE0004C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{7E0357B6-31E9-44A3-86F7-11F8CE4B58FB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{8A8ED938-D845-4A00-A7F7-073B587ADC11}" = dir=in | app=d:\program files\softether vpn client\vpncmd_x64.exe |
"{8B2BDC6C-1987-460B-A6CD-63200AF2F9B9}" = protocol=17 | dir=in | app=c:\users\kacper\appdata\local\temp\hkcmd.exe |
"{939D2BF5-E10A-4635-AD21-9F9E0B257E89}" = protocol=6 | dir=in | app=c:\users\kacper\appdata\roaming\utorrent\utorrent.exe |
"{9C39002B-8DB1-4E81-95EB-A7E5283780A0}" = protocol=6 | dir=in | app=c:\users\kacper\appdata\local\temp\hkcmd.exe |
"{9E736F07-C11F-4271-879D-4612640FA4AC}" = protocol=6 | dir=in | app=c:\program files (x86)\hide my ip 6\hidemyipsrv.exe |
"{B3B53EB3-2032-462B-9C25-A977D8D0ADB8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{B6D5C48E-478D-4D69-8566-BE761BA1E183}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 15\fifasetup\fifaconfig.exe |
"{B7F0AFF9-6ABB-40C3-8789-73B61E621C88}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{BC9FC264-67D0-436F-A3CD-0A6F9F3B0FC7}" = dir=in | app=c:\program files (x86)\dropbox\client\dropbox.exe |
"{C44D5E42-E075-43C3-8853-E425E48B3DB7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C4EA4251-3551-4ED1-9858-F6E96715C24B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{C6BCB49C-343C-4D91-84B6-63E527699536}" = protocol=17 | dir=in | app=c:\users\kacper\appdata\roaming\utorrent\utorrent.exe |
"{C7416060-87E9-481D-B68D-CA56F57575EE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{CD4FA49F-F451-4C13-9F8B-D355C92BE5F1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D451D628-2D17-443E-8038-12EBCD6334D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{D53ECE43-0FF5-4250-A24C-A2ACCE84696E}" = protocol=6 | dir=in | app=d:\program files\steamlibrary\steamapps\common\grand theft auto v\gtavlauncher.exe |
"{E7AF304C-D79A-4061-B11B-3F7A5BD08EAB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F1792A34-9909-4C8B-BCEF-F23FF5F3D185}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F7516D85-6367-4A5D-8149-C07609C7D6A2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 15\fifasetup\fifaconfig.exe |
"TCP Query User{25652C75-5662-4D40-A6FD-F70339A5C002}C:\program files\logitech gaming software\lcore.exe" = protocol=6 | dir=in | app=c:\program files\logitech gaming software\lcore.exe |
"TCP Query User{A9087ECE-CF6A-4CFC-8C0D-D0F616AC471E}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{E722E005-C931-45F5-8ED0-79CDA1513500}C:\program files\logitech gaming software\lcore.exe" = protocol=6 | dir=in | app=c:\program files\logitech gaming software\lcore.exe |
"UDP Query User{3830314F-FB30-4780-B6D2-7A144E0A1B10}C:\program files\logitech gaming software\lcore.exe" = protocol=17 | dir=in | app=c:\program files\logitech gaming software\lcore.exe |
"UDP Query User{88A343F9-DBFC-4E28-8793-DC9541B89A36}C:\program files\logitech gaming software\lcore.exe" = protocol=17 | dir=in | app=c:\program files\logitech gaming software\lcore.exe |
"UDP Query User{D2EA5251-6C17-4910-9D30-EA40D34F3683}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B9D5D50-1530-496F-81FF-CB1B4A298FCA}" = Intel(R) Chipset Device Software
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1" = Pulover's Macro Creator wersja 4.1.3
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F06417079FF}" = Java 7 Update 79 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86418045F0}" = Java 8 Update 45 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170790}" = Java SE Development Kit 7 Update 79 (64-bit)
"{6B657BB5-92F6-345F-927C-514935C638B8}" = Microsoft .NET Framework 4.5.2 (PLK)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Microsoft .NET Framework 4.5.2 (Polski)
"{9497360C-4C41-4E05-81C0-BE56DF2ADFE8}" = Trapcode Particular 64 bit
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 344.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 344.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 344.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.4.5.57
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 344.46
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 2.4.5.57
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.32.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.4.5.57
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.28
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}" = Vegas Pro 13.0 (64-bit)
"{D10D0851-CCC6-11E3-9ED2-F04DA23A5C58}" = MSVCRT Redists
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{FD42EE05-18F9-459F-935D-770E75B3BEE5}" = Intel(R) Network Connections 19.1.51.0
"AutoHotkey" = AutoHotkey 1.1.22.02
"CCleaner" = CCleaner
"GenArts Sapphire AE_is1" = GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible
"GenArts Sapphire Plug-ins for OFX_is1" = GenArts Sapphire Plug-ins 6.10 for OFX
"Logitech Gaming Software" = Logitech Gaming Software 8.58
"MAXON12664043" = CINEMA 4D 15.008
"MAXON6AAF2891" = Team Render Client 15.008
"OpenVPN" = OpenVPN 2.3.7-I001
"PROSetDX" = Intel(R) Network Connections 19.1.51.0
"Sublime Text 2_is1" = Sublime Text 2.0.2
"TAP-Windows" = TAP-Windows 9.9.2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Theme Resource Changer X64 v1.0" = Theme Resource Changer X64 v1.0
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"VB:VBCABLE {87459874-1236-4469}" = VBCABLE, The Virtual Audio Cable
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.48-21 (x64)
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}" = Adobe Premiere Pro CC 2014
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{099218A5-A723-43DC-8DB5-6173656A1E94}" = Dropbox Update Helper
"{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1" = Red Giant Link
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.6
"{27263813-8BDE-4CD2-84D3-02536743428A}_is1" = Attribute Changer 7.11
"{2B22C750-5C3B-4738-B621-BA786AC7A494}" = Adobe After Effects CC 2014
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}" = EA SPORTS™ FIFA 15
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Obsługa programów Apple
"{474DFABF-E55B-4905-ABAA-40791A6AC77F}" = Camtasia Studio 8
"{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1" = Ashampoo Burning Studio 2015 v.1.15.0
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{946E75BA-B3DA-470C-80EC-66AE17107334}_is1" = Streamtip Alerter
"{99487911-8011-42BC-B594-8B02BFD32B1D}_is1" = Color Suite v11.1.4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A90000000001}" = Adobe Reader 9 - Polish
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}" = ASUS Product Register Program
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{DE43AA92-E8C0-4620-AFE2-FBD623C71643}" = Sizer 3.34
"{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1" = Trapcode Suite v12.1.7
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f3e3c5dd-edd0-406b-8aa2-ce5acb93660e}" = Oprogramowanie mikroukładu Intel®
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC4C8FDD-384C-471F-9E9A-C25B57ABE7A8}" = NBTExplorer
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"AIMP3" = AIMP3
"Audacity_is1" = Audacity 2.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Cheat Engine 6.4_is1" = Cheat Engine 6.4
"Comodo Dragon" = Comodo Dragon
"COMODO GeekBuddy" = COMODO GeekBuddy
"DAEMON Tools Pro" = DAEMON Tools Pro
"Dropbox" = Dropbox
"foobar2000" = foobar2000 v1.3.8
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"HotspotShield" = Hotspot Shield 4.15.3
"HxD Hex Editor_is1" = HxD Hex Editor wersja 1.7.7.0
"InstallShield_{9497360C-4C41-4E05-81C0-BE56DF2ADFE8}" = Trapcode Particular 64 bit
"IntelliJ IDEA 14.0" = IntelliJ IDEA 14.0
"Internet Download Manager" = Internet Download Manager
"IrfanView" = IrfanView (remove only)
"League of Legends 3.0.1" = League of Legends
"Magic Bullet PhotoLooks" = Magic Bullet PhotoLooks
"Mirillis Action!" = Action!
"NIS" = Norton Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Open Broadcaster Software" = Open Broadcaster Software
"Origin" = Origin
"RocketDock_is1" = RocketDock 1.3.5
"screenSHU" = screenSHU - the fastest screen capture ever.
"Steam" = Steam
"Steam App 20" = Team Fortress Classic
"Steam App 271590" = Grand Theft Auto V
"Steam App 730" = Counter-Strike: Global Offensive
"xampp" = XAMPP

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-509856250-1911961952-590295147-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter Strike 1.6 PRO 1.0" = Counter Strike 1.6 PRO
"GG" = GG
"OpenFM" = OpenFM
"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2015-07-21 02:44:24 | Computer Name = Kacper-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: SnD HIDEALLIP 2015 Universal Patcher.exe,
wersja: 0.0.0.0, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: SnD
HIDEALLIP 2015 Universal Patcher.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x2a425e19
Kod
wyjątku: 0xc0000005 Przesunięcie błędu: 0x00008d1b Identyfikator procesu powodującego
błąd: 0x2248 Godzina uruchomienia aplikacji powodującej błąd: 0x01d0c380ac5fb0c2
Ścieżka
aplikacji powodującej błąd: C:\Extracted\SnD HIDEALLIP 2015 Universal Patcher.exe
Ścieżka
modułu powodującego błąd: C:\Extracted\SnD HIDEALLIP 2015 Universal Patcher.exe
Identyfikator
raportu: ec1b83f4-2f73-11e5-8809-7824af42e90d

Error - 2015-07-21 04:55:43 | Computer Name = Kacper-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2015-07-21 10:15:50 | Computer Name = Kacper-Komputer | Source = NvStreamSvc | ID = 133073
Description = An error has occurred (NvVAD endpoint registration failed [0]).

Error - 2015-07-21 10:15:50 | Computer Name = Kacper-Komputer | Source = NvStreamSvc | ID = 133073
Description = An error has occurred (Failed to set NvVAD endpoint as default Audio
endpoint [0]).

Error - 2015-07-21 10:15:50 | Computer Name = Kacper-Komputer | Source = NvStreamSvc | ID = 133073
Description = An error has occurred (NvVAD initialization failed [6]).

Error - 2015-07-21 10:17:39 | Computer Name = Kacper-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2015-07-21 10:38:00 | Computer Name = Kacper-Komputer | Source = NvStreamSvc | ID = 133073
Description = An error has occurred (NvVAD endpoint registration failed [0]).

Error - 2015-07-21 10:38:00 | Computer Name = Kacper-Komputer | Source = NvStreamSvc | ID = 133073
Description = An error has occurred (Failed to set NvVAD endpoint as default Audio
endpoint [0]).

Error - 2015-07-21 10:38:00 | Computer Name = Kacper-Komputer | Source = NvStreamSvc | ID = 133073
Description = An error has occurred (NvVAD initialization failed [6]).

Error - 2015-07-21 10:39:48 | Computer Name = Kacper-Komputer | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2015-07-21 10:40:20 | Computer Name = Kacper-Komputer | Source = DCOM | ID = 10016
Description =

Error - 2015-07-21 10:40:20 | Computer Name = Kacper-Komputer | Source = DCOM | ID = 10016
Description =

Error - 2015-07-21 10:40:21 | Computer Name = Kacper-Komputer | Source = DCOM | ID = 10016
Description =

Error - 2015-07-21 10:40:21 | Computer Name = Kacper-Komputer | Source = DCOM | ID = 10016
Description =

Error - 2015-07-21 10:40:30 | Computer Name = Kacper-Komputer | Source = DCOM | ID = 10016
Description =

Error - 2015-07-21 10:40:30 | Computer Name = Kacper-Komputer | Source = DCOM | ID = 10016
Description =

Error - 2015-07-21 10:43:10 | Computer Name = Kacper-Komputer | Source = DCOM | ID = 10016
Description =

Error - 2015-07-21 10:43:10 | Computer Name = Kacper-Komputer | Source = DCOM | ID = 10016
Description =

Error - 2015-07-21 10:45:09 | Computer Name = Kacper-Komputer | Source = DCOM | ID = 10016
Description =

Error - 2015-07-21 10:45:09 | Computer Name = Kacper-Komputer | Source = DCOM | ID = 10016
Description =


< End of report >

 

­

[GaCeL]

Cinema 4D nie przeszkadzało dawniej to zainstalowałem trzeba obowiązkowo odinstalować ?

Log w załączniku

CBS.txt

[JaNieNusz]

czeba

[GaCeL]

Fixed do zamknięcia!

[JaNieNusz]

Infekcja jest, startuje z temp, z folderu startup i z appdata. Na komputerze znajduje się również COMODO który nie pozwala wykonywać fixów. Uruchom komputer w trybie awaryjnym. 

 

odpal cmd z prawami administratora i wklep tam tą komendę 

 

 

sfc /verifyfile=c:\windows\explorer.exe

 

jak się tam to zrobi to wejdź w windows\logs\cbs\ znajdź plik cbs.log zmień jego rozszerzenie na txt i wrzuć jako załącznik.

 

Odinstaluj CINEMA 4D 15.008

 

wejdź tutaj http://wklej.to/SgdEGskopiuj zawartość do notatnika i zapisz to jako fixlist.txt, umieść obok FRST i kliknij FIX