Skocz do zawartości

  • Dołącz do społeczności!

    👋 Witaj na MPCForum!

    Przeglądasz forum jako gość, co oznacza, że wiele świetnych funkcji jest jeszcze przed Tobą! 😎

    • Pełny dostęp do działów i ukrytych treści
    • Możliwość pisania i odpowiadania w tematach
    • System prywatnych wiadomości
    • Zbieranie reputacji i rozwijanie swojego profilu
    • Członkostwo w jednej z największych społeczności graczy

    👉 Dołączenie zajmie Ci mniej niż minutę – a zyskasz znacznie więcej!

    Zarejestruj się teraz
  • 0

Pliki i foldery tylko do odczytu

D4n100

Pytanie zadane przez D4n100 ,

Pytanie

D4n100 Newbie

D4n100

Opublikowano
Opublikowano

Problem jest jasny. Praktycznie wszystkie pliki i foldery (przez wirusa z którym teraz walczę) są tylko do odczytu, a kiedy to zmienię w właściwościach, to z powrotem samo się zaznacza. Idzie coś z tym zrobić przed usunięciem wirusa???

Z powodu licznych hejtów w moją stronę, nie będę korzystał więcej z tego konta (prawdopodobnie z forum też). Haters gonna hate...

15 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

D4n100 Newbie

D4n100

Opublikowano
  • Autor
Opublikowano

Jest jakiś sens w tym co napisałeś, ale wytłumacz mi jedno. Jakim cudem na starej płycie głównej zasilacz co chwilę się jarał i ponad 10 razy go wymieniali, a na nowej (ten sam model tylko nowa płyta) jeszcze ani razu się tak nie stało (zasilacz też ten sam tylko nowy)???

 

@ EDIT

 

Zauważyłem że coś tam robisz z "hackiem na metale do xenoxa", nwm czy usuwasz czy co. Podpowiem tylko tyle, że sam go stworzyłem do wiadomych celów i jeśli neshta go nie zaraziła to jest czysty :).

To jest ukryta treść, proszę

Na pendrive (E) nie ma pliku autorun, a tym bardziej na (G) bo to virtualny napęd od daemon tools.

Z powodu licznych hejtów w moją stronę, nie będę korzystał więcej z tego konta (prawdopodobnie z forum też). Haters gonna hate...

D4n100 Newbie

D4n100

Opublikowano
  • Autor
Opublikowano

Pisałem :) http://www.mpcforum.pl/topic/1248919-virus-neshta-co-robic/

 

@ EDIT

 

Logi OTL:

 

OTL logfile created on: 2014-07-23 12:04:47 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danio\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,93 Gb Total Physical Memory | 3,05 Gb Available Physical Memory | 38,46% Memory free
15,93 Gb Paging File | 10,95 Gb Available in Paging File | 68,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,17 Gb Total Space | 630,93 Gb Free Space | 67,76% Space Free | Partition Type: NTFS
Drive E: | 14,90 Gb Total Space | 9,68 Gb Free Space | 64,93% Space Free | Partition Type: FAT32
Drive F: | 7,49 Gb Total Space | 7,49 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: D4N10 | User Name: Danio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014-07-23 12:03:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Danio\Downloads\OTL.exe
PRC - [2014-07-22 19:16:06 | 003,640,880 | ---- | M] () -- C:\Users\Danio\Downloads\avg_remover_hidrag.exe
PRC - [2014-07-22 16:08:57 | 003,640,880 | ---- | M] () -- C:\Users\Danio\Downloads\avg_remover_neshta.exe
PRC - [2014-07-21 18:08:42 | 003,816,784 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014-07-18 15:42:51 | 004,086,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014-07-18 15:42:51 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-07-02 11:45:03 | 013,115,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
PRC - [2014-07-02 11:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014-07-02 11:30:03 | 000,229,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
PRC - [2014-06-27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014-06-26 21:19:40 | 000,051,016 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
PRC - [2014-06-23 13:57:45 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014-06-18 13:28:36 | 000,076,152 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-06-17 16:18:02 | 005,179,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014-06-17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014-06-13 02:19:52 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014-05-30 01:28:21 | 002,350,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-05-30 01:23:57 | 001,631,008 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014-05-12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014-04-11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014-04-11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014-02-22 10:00:27 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2013-11-15 16:24:50 | 000,137,528 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2013-11-15 02:18:02 | 000,698,680 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2013-05-28 17:29:00 | 000,029,728 | ---- | M] (MICRO-STAR INTERNATIONAL CO., LTD.) -- C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
PRC - [2012-09-07 21:36:46 | 000,087,992 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012-01-17 11:24:10 | 000,055,296 | ---- | M] () -- C:\Windows\SysWOW64\ASGT.exe
PRC - [2011-05-24 18:50:43 | 002,610,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SoftwareDistribution\Download\Install\VS90SP1-KB2251487-x86.exe
PRC - [2011-03-04 13:05:26 | 000,321,888 | ---- | M] (Microsoft Corporation) -- c:\35ee158356082e2199c3dd067479\HotFixInstaller.exe
PRC - [2008-07-30 11:27:50 | 000,441,856 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\vbexpress.exe


========== Modules (No Company Name) ==========

MOD - [2014-07-22 19:16:06 | 003,640,880 | ---- | M] () -- C:\Users\Danio\Downloads\avg_remover_hidrag.exe
MOD - [2014-07-22 16:08:57 | 003,640,880 | ---- | M] () -- C:\Users\Danio\Downloads\avg_remover_neshta.exe
MOD - [2014-07-18 15:42:57 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014-07-18 15:42:53 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014-07-15 11:24:48 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
MOD - [2014-07-15 11:24:46 | 014,664,008 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
MOD - [2014-07-15 11:24:44 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
MOD - [2014-07-15 11:24:38 | 000,718,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
MOD - [2014-07-15 11:24:36 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
MOD - [2014-07-15 11:24:35 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
MOD - [2014-06-01 11:08:56 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2014-05-24 18:41:24 | 000,892,416 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
MOD - [2014-05-24 18:41:24 | 000,091,648 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014-07-18 15:42:51 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014-05-30 01:20:09 | 021,055,432 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014-04-06 13:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014-04-03 04:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014-03-24 04:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014-03-24 04:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014-03-14 08:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014-03-08 07:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014-03-06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014-02-22 17:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014-02-22 11:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014-02-22 11:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014-02-22 11:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014-02-22 11:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014-02-22 11:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014-02-06 12:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013-12-10 09:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013-11-23 06:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-08-22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013-08-22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013-08-22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013-08-22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013-08-22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013-08-22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013-08-22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013-08-22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013-08-22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013-08-22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013-08-22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013-08-22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-08-22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-08-22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013-08-22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013-08-22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-08-22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2008-07-29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2014-07-22 09:12:37 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-07-21 18:08:40 | 002,544,976 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014-07-18 14:01:32 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2014-07-18 14:01:31 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014-07-18 14:01:08 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-07-16 10:53:44 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014-07-02 11:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014-06-27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014-06-26 21:19:40 | 000,051,016 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe -- (chromoting)
SRV - [2014-06-18 13:28:36 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-06-17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014-06-13 02:19:52 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-05-30 01:23:57 | 001,631,008 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014-04-11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014-04-11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014-03-14 08:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013-11-15 16:24:50 | 000,137,528 | ---- | M] (Motorola Mobility LLC) [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2013-08-22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013-08-22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013-08-22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013-08-17 02:06:23 | 000,031,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2013-05-28 17:29:00 | 000,029,728 | ---- | M] (MICRO-STAR INTERNATIONAL CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe -- (MSI_Trigger_Service)
SRV - [2012-09-07 21:36:46 | 000,087,992 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2012-01-17 11:24:10 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASGT.exe -- (ASGT)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014-07-23 08:45:40 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014-07-21 18:08:16 | 000,046,136 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (Hamachi)
DRV:64bit: - [2014-07-18 15:43:17 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014-07-18 15:43:05 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014-07-18 15:43:04 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014-07-18 15:43:04 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014-07-18 15:43:04 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014-07-18 15:43:04 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014-07-18 15:43:03 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014-07-18 15:43:03 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014-06-25 20:23:02 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014-06-25 20:19:14 | 000,309,248 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\SysNative\drivers\dtscsidrv.sys -- (dtscsidrv)
DRV:64bit: - [2014-06-25 20:16:25 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2014-06-17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014-06-17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014-06-17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014-06-17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014-06-17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014-06-17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014-06-17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014-06-03 10:39:02 | 000,020,992 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uvhid.sys -- (uvhid)
DRV:64bit: - [2014-05-30 01:20:09 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014-05-20 04:44:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014-05-16 14:03:30 | 000,141,600 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2014-05-14 21:09:08 | 000,274,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2014-05-12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014-05-12 07:26:00 | 000,091,352 | ---- | M] (Malwarebytes Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2014-05-12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014-05-01 15:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014-04-11 10:39:22 | 000,040,704 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudeadb.sys -- (ssudeadb)
DRV:64bit: - [2014-04-11 10:39:14 | 000,188,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2014-04-11 10:39:14 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2014-04-11 10:39:14 | 000,158,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2014-04-11 10:39:14 | 000,038,080 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2014-04-11 10:39:14 | 000,021,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2014-04-01 08:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014-03-31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014-03-24 04:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014-03-24 04:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014-03-24 04:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014-03-20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014-03-13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014-03-08 22:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014-03-08 22:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014-02-22 18:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014-02-22 17:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014-02-22 17:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014-02-22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014-02-22 17:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014-02-22 17:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014-02-22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013-11-11 04:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013-11-01 13:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013-10-26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013-10-17 17:32:56 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV:64bit: - [2013-10-05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013-09-14 16:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013-09-04 16:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013-08-23 01:14:18 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013-08-23 01:14:13 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013-08-22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013-08-22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013-08-22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013-08-22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013-08-22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-08-22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013-08-22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013-08-22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013-08-22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013-08-22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013-08-22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013-08-22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013-08-22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013-08-22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013-08-22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013-08-22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013-08-22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013-08-22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013-08-22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013-08-22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013-08-22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013-08-22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013-08-22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013-08-22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-08-22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013-08-22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013-08-22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013-08-22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013-08-22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013-08-22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013-08-22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013-08-22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013-08-22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013-08-22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013-08-22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013-08-22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-08-22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013-08-22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013-08-22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013-08-22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013-08-22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013-08-22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013-08-22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013-08-22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013-08-22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013-08-22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013-08-22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013-08-22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013-08-22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013-08-22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013-08-22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013-08-22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013-08-13 01:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013-08-10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013-07-30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013-07-25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2012-12-27 11:01:36 | 000,760,032 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2010-07-01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2009-11-18 01:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009-02-17 20:40:26 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2008-12-30 11:59:02 | 000,116,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)
DRV:64bit: - [2008-12-13 11:28:20 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2949727594-1032169731-3388429741-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2949727594-1032169731-3388429741-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2949727594-1032169731-3388429741-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-2949727594-1032169731-3388429741-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.google.pl/"
FF - prefs.js..extensions.enabledAddons: %7Bf13b157f-b174-47e7-a34d-4815ddfdfeb8%7D:0.9.89
FF - prefs.js..extensions.enabledAddons: %7BE6C1199F-E687-42da-8C24-E7770CC3AE66%7D:2.0.4
FF - prefs.js..extensions.enabledAddons: tinyjsdebugger%40enigmail.net:0.9.5
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2021.112
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.5.2: C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.5.2: C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Danio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-18 15:43:06 | 000,000,000 | ---D | M]

[2014-06-07 20:58:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danio\AppData\Roaming\mozilla\Extensions
[2014-07-22 10:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danio\AppData\Roaming\mozilla\Firefox\Profiles\aqvbfgfo.default\extensions
[2014-06-26 20:41:27 | 000,036,781 | ---- | M] () (No name found) -- C:\Users\Danio\AppData\Roaming\mozilla\firefox\profiles\aqvbfgfo.default\extensions\[email protected]
[2014-06-26 20:41:29 | 000,033,340 | ---- | M] () (No name found) -- C:\Users\Danio\AppData\Roaming\mozilla\firefox\profiles\aqvbfgfo.default\extensions\[email protected]
[2014-06-26 20:39:08 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Danio\AppData\Roaming\mozilla\firefox\profiles\aqvbfgfo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-06-26 20:40:56 | 000,024,626 | ---- | M] () (No name found) -- C:\Users\Danio\AppData\Roaming\mozilla\firefox\profiles\aqvbfgfo.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
[2014-06-26 20:40:56 | 000,210,138 | ---- | M] () (No name found) -- C:\Users\Danio\AppData\Roaming\mozilla\firefox\profiles\aqvbfgfo.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi
[2014-06-07 21:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-07-22 11:41:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014-07-18 15:43:06 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.pl/
CHR - plugin: Error reading preferences file
CHR - Extension: All Java Sources = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleifhehdjlljnlbaplopcbnbgifpphg\0.96_0\
CHR - Extension: Dysk Google = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Szukaj w Google = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock Premium = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj\2.6.4.3_0\
CHR - Extension: Pulpit zdalny Chrome = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\36.0.1985.63_0\
CHR - Extension: AdBlock = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.8_0\
CHR - Extension: Battlelog = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\glanheimggjhfdbdompmdlabopkhbneg\1.0_0\
CHR - Extension: avast! Online Security = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
CHR - Extension: Google Wallet = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Adblock Pro = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\3.1_0\
CHR - Extension: Battlefield Play4Free = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0\
CHR - Extension: Gmail = C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013-08-22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\S-1-5-21-2949727594-1032169731-3388429741-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.251.160.14 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AEA42C50-9B40-40F3-BCE5-450ADB715811}: DhcpNameServer = 94.251.160.14 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-03-01 19:02:01 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b467919b-0f7e-11e4-8268-448a5b81f79e}\Shell - "" = AutoRun
O33 - MountPoints2\{b467919b-0f7e-11e4-8268-448a5b81f79e}\Shell\AutoRun\command - "" = "E:\AutoRun.exe"
O33 - MountPoints2\{b46792a1-0f7e-11e4-8268-448a5b81f79e}\Shell - "" = AutoRun
O33 - MountPoints2\{b46792a1-0f7e-11e4-8268-448a5b81f79e}\Shell\AutoRun\command - "" = "E:\AutoRun.exe"
O33 - MountPoints2\{fc07405f-fc94-11e3-825b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fc07405f-fc94-11e3-825b-806e6f6e6963}\Shell\AutoRun\command - "" = "G:\setup.exe"
O34 - HKLM BootExecute: (rmbamit.nt)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014-07-23 12:02:37 | 000,000,000 | ---D | C] -- C:\FRST
[2014-07-23 11:39:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014-07-23 11:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2014-07-23 11:30:53 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\TuneUp Software
[2014-07-23 11:14:15 | 000,000,000 | ---D | C] -- C:\Users\Danio\Desktop\Nowy folder
[2014-07-23 10:48:36 | 000,000,000 | ---D | C] -- C:\35ee158356082e2199c3dd067479
[2014-07-22 20:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014-07-22 20:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014-07-22 16:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2014-07-22 16:19:53 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\AVG2014
[2014-07-22 16:17:00 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Local\MFAData
[2014-07-22 10:50:17 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Local\Apps
[2014-07-22 10:49:37 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\Macromedia
[2014-07-22 09:56:52 | 000,000,000 | ---D | C] -- C:\338747daba48f3ac2a72895f
[2014-07-22 09:12:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Macromed
[2014-07-22 09:08:36 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2014-07-22 09:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2014-07-21 18:08:16 | 000,046,136 | -H-- | C] (LogMeIn Inc.) -- C:\WINDOWS\SysNative\drivers\Hamdrv.sys
[2014-07-19 22:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2014-07-19 18:12:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2014-07-19 18:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2014-07-19 15:06:25 | 000,000,000 | ---D | C] -- C:\0ede181c1d04ebb1c75f0c1a00f5fb
[2014-07-18 20:50:09 | 000,000,000 | ---D | C] -- C:\Users\Danio\Documents\New Unity Project 1
[2014-07-18 20:37:40 | 000,000,000 | ---D | C] -- C:\Users\Danio\Documents\New Unity Project
[2014-07-18 20:36:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Unity
[2014-07-18 20:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
[2014-07-18 20:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unity
[2014-07-18 16:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014-07-18 16:27:31 | 000,000,000 | -H-D | C] -- C:\$AVG
[2014-07-18 16:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2014-07-18 16:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014-07-18 16:25:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014-07-18 16:25:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014-07-18 16:25:47 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Local\Avg2014
[2014-07-18 16:04:07 | 000,019,888 | ---- | C] (solvusoft) -- C:\WINDOWS\SysNative\roboot64.exe
[2014-07-18 15:43:00 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014-07-18 14:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Resource Hacker
[2014-07-17 21:51:37 | 000,000,000 | ---D | C] -- C:\Users\Danio\VirtualBox VMs
[2014-07-17 21:51:09 | 000,000,000 | ---D | C] -- C:\Users\Danio\.VirtualBox
[2014-07-17 21:37:48 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced RAR Password Recovery
[2014-07-17 21:32:07 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
[2014-07-17 21:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intelore
[2014-07-17 14:48:15 | 000,722,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vb40032.dll
[2014-07-17 14:48:15 | 000,221,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tabctl32.ocx
[2014-07-17 14:48:15 | 000,218,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\richtx32.ocx
[2014-07-17 14:48:15 | 000,126,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mswinsck.ocx
[2014-07-17 14:48:15 | 000,100,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\picclp32.ocx
[2014-07-17 14:48:15 | 000,080,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sysinfo.ocx
[2014-07-17 14:48:14 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvbvm50.dll
[2014-07-17 14:48:14 | 001,070,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mscomctl.ocx
[2014-07-17 14:48:14 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mscomctl32.ocx
[2014-07-17 14:48:14 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71.dll
[2014-07-17 14:48:14 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71u.dll
[2014-07-17 14:48:14 | 001,017,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70u.dll
[2014-07-17 14:48:14 | 000,659,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mscomct2.ocx
[2014-07-17 14:48:14 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp70.dll
[2014-07-17 14:48:14 | 000,443,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshflxgd.ocx
[2014-07-17 14:48:14 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr70.dll
[2014-07-17 14:48:14 | 000,278,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdatgrd.ocx
[2014-07-17 14:48:14 | 000,258,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msflxgrd.ocx
[2014-07-17 14:48:14 | 000,252,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdatlst.ocx
[2014-07-17 14:48:14 | 000,178,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmask32.ocx
[2014-07-17 14:48:14 | 000,136,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msinet.ocx
[2014-07-17 14:48:14 | 000,129,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msstdfmt.dll
[2014-07-17 14:48:14 | 000,119,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mscomm32.ocx
[2014-07-17 14:48:14 | 000,107,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msstkprp.dll
[2014-07-17 14:48:14 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71deu.dll
[2014-07-17 14:48:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71ita.dll
[2014-07-17 14:48:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71fra.dll
[2014-07-17 14:48:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71esp.dll
[2014-07-17 14:48:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70ita.dll
[2014-07-17 14:48:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70fra.dll
[2014-07-17 14:48:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70esp.dll
[2014-07-17 14:48:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70deu.dll
[2014-07-17 14:48:14 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71enu.dll
[2014-07-17 14:48:14 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70enu.dll
[2014-07-17 14:48:14 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvci70.dll
[2014-07-17 14:48:14 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71kor.dll
[2014-07-17 14:48:14 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71jpn.dll
[2014-07-17 14:48:14 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70kor.dll
[2014-07-17 14:48:14 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70jpn.dll
[2014-07-17 14:48:14 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71cht.dll
[2014-07-17 14:48:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc71chs.dll
[2014-07-17 14:48:13 | 001,024,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70.dll
[2014-07-17 14:48:13 | 000,617,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comctl32.ocx
[2014-07-17 14:48:13 | 000,415,552 | ---- | C] (Microsoft Corporation ) -- C:\WINDOWS\SysWow64\comct332.ocx
[2014-07-17 14:48:13 | 000,222,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dblist32.ocx
[2014-07-17 14:48:13 | 000,215,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mci32.ocx
[2014-07-17 14:48:13 | 000,170,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comct232.ocx
[2014-07-17 14:48:13 | 000,163,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\comdlg32.ocx
[2014-07-17 14:48:13 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\atl71.dll
[2014-07-17 14:48:13 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\atl70.dll
[2014-07-17 14:48:13 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70cht.dll
[2014-07-17 14:48:13 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfc70chs.dll
[2014-07-17 13:45:41 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Local\Motorola
[2014-07-17 13:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2014-07-17 13:45:23 | 000,000,000 | ---D | C] -- C:\Binaries
[2014-07-17 13:45:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2014-07-17 13:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola Media Link
[2014-07-17 13:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Mobility
[2014-07-17 13:44:19 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\MotoCast
[2014-07-17 13:43:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola
[2014-07-14 16:05:14 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\ZombieDriver
[2014-07-14 16:05:07 | 000,466,456 | ---- | C] (Creative Labs) -- C:\WINDOWS\SysNative\wrap_oal.dll
[2014-07-14 16:05:07 | 000,122,904 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysNative\OpenAL32.dll
[2014-07-14 16:05:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2014-07-14 16:05:06 | 000,444,952 | ---- | C] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll
[2014-07-14 16:05:06 | 000,109,080 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysWow64\OpenAL32.dll
[2014-07-12 02:17:56 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\CompatTel
[2014-07-11 11:21:28 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Local\Electronic Arts
[2014-07-11 11:21:25 | 000,000,000 | ---D | C] -- C:\Users\Danio\Documents\Electronic Arts
[2014-07-11 00:17:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BitRaider
[2014-07-11 00:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2014-07-11 00:15:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2014-07-10 16:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cenega
[2014-07-10 11:51:51 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2014-07-10 11:51:50 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osk.exe
[2014-07-10 11:51:38 | 001,417,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014-07-10 11:51:38 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014-07-10 11:51:38 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014-07-10 11:51:38 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2014-07-10 11:51:38 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2014-07-10 10:25:59 | 013,287,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014-07-10 10:25:59 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014-07-10 10:25:59 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014-07-10 10:25:59 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014-07-10 10:25:59 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014-07-10 10:25:58 | 011,792,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014-07-10 10:25:58 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2014-07-10 10:25:58 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2014-07-10 10:25:58 | 000,827,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014-07-10 10:25:58 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014-07-10 10:25:58 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2014-07-10 10:25:58 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014-07-10 10:25:58 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014-07-10 10:25:58 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014-07-10 10:25:56 | 000,688,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014-07-10 10:25:56 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014-07-10 10:25:55 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014-07-10 10:02:23 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014-07-10 10:02:20 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014-07-10 10:02:20 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014-07-10 10:02:19 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014-07-10 10:02:19 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014-07-10 10:02:19 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014-07-10 10:02:19 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014-07-10 10:02:19 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014-07-10 10:02:19 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014-07-10 10:02:19 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014-07-10 10:02:19 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014-07-10 09:52:23 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014-07-10 09:52:23 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014-07-10 08:43:27 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSReset.exe
[2014-07-09 16:23:29 | 005,913,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mscorwks.dll
[2014-07-09 15:59:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2014-07-09 15:58:48 | 093,585,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MRT.exe
[2014-07-08 22:27:34 | 000,000,000 | ---D | C] -- C:\Users\Danio\Documents\My Cheat Tables
[2014-07-08 17:38:24 | 004,720,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014-07-08 17:38:23 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014-07-08 17:38:22 | 002,641,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014-07-08 17:38:22 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014-07-08 17:38:22 | 002,125,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2014-07-08 17:38:22 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014-07-08 17:38:21 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014-07-08 17:38:21 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014-07-08 17:38:20 | 001,025,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014-07-08 17:38:20 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2014-07-08 17:38:18 | 001,726,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014-07-08 17:38:18 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014-07-08 17:38:17 | 002,844,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014-07-08 17:38:17 | 000,440,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys
[2014-07-08 17:38:16 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll
[2014-07-08 17:38:16 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014-07-08 17:38:16 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2014-07-08 17:38:16 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014-07-08 17:38:16 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2014-07-08 17:38:15 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedyn.dll
[2014-07-08 17:38:15 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2014-07-08 17:38:15 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014-07-08 17:38:15 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2014-07-08 17:38:15 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2014-07-08 17:38:15 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys
[2014-07-08 17:38:14 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe
[2014-07-08 17:38:13 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedyn.dll
[2014-07-08 17:38:13 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe
[2014-07-08 17:38:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2014-07-08 17:38:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2014-07-08 17:38:11 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014-07-08 17:37:33 | 000,233,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014-07-08 15:49:32 | 000,377,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnet.dll
[2014-07-08 15:49:32 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnathlp.dll
[2014-07-08 15:49:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnsvr.exe
[2014-07-08 15:49:32 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhupnp.dll
[2014-07-08 15:49:32 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhpast.dll
[2014-07-08 15:49:31 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnet.dll
[2014-07-08 15:49:31 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnathlp.dll
[2014-07-08 15:49:31 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnsvr.exe
[2014-07-08 15:49:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhupnp.dll
[2014-07-08 15:49:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhpast.dll
[2014-07-08 15:49:30 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dplayx.dll
[2014-07-08 15:49:30 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpwsockx.dll
[2014-07-08 15:49:30 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dplaysvr.exe
[2014-07-08 15:49:30 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpmodemx.dll
[2014-07-04 16:10:19 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamMyGame
[2014-07-04 16:10:18 | 000,000,000 | ---D | C] -- C:\Program Files\StreamMyGame
[2014-07-03 15:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014-07-03 00:05:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam
[2014-07-02 13:04:56 | 000,000,000 | RH-D | C] -- C:\Users\Danio\AppData\Roaming\SecuROM
[2014-07-02 13:04:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2014-07-02 11:01:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast PL [bDIP]
[2014-06-27 12:39:35 | 000,394,240 | ---- | C] (www.madshi.net) -- C:\WINDOWS\SysNative\madCHook.dll
[2014-06-27 11:43:47 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014-06-27 11:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014-06-27 11:43:33 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014-06-27 11:43:33 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014-06-27 11:43:33 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014-06-27 11:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014-06-27 11:43:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-06-26 20:52:20 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Local\Macromedia
[2014-06-26 19:01:05 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\TeamViewer
[2014-06-25 22:29:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gearbox Software
[2014-06-25 20:23:02 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys
[2014-06-25 20:22:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2014-06-25 20:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
[2014-06-25 20:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Astroburn Lite
[2014-06-25 20:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Astroburn Lite
[2014-06-25 20:19:14 | 000,309,248 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtscsidrv.sys
[2014-06-25 20:16:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014-06-25 20:16:25 | 000,386,680 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\SysNative\drivers\sptd.sys
[2014-06-25 20:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014-06-25 20:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014-06-25 20:13:13 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools
[2014-06-25 19:58:04 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
[2014-06-25 19:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
[2014-06-25 19:58:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Window Registry Repair
[2014-06-25 19:39:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Installer Clean Up
[2014-06-25 19:36:37 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Local\ElevatedDiagnostics
[2014-06-25 17:21:21 | 000,000,000 | -HSD | C] -- C:\Users\Danio\AppData\Local\EmieUserList
[2014-06-25 17:21:21 | 000,000,000 | -HSD | C] -- C:\Users\Danio\AppData\Local\EmieSiteList
[2014-06-25 15:40:27 | 000,000,000 | ---D | C] -- C:\dfa905f3cc7334035abb15971b980f2d
[2014-06-25 15:40:20 | 000,000,000 | ---D | C] -- C:\68687f67d477a46b2d
[2014-06-25 14:00:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014-06-25 12:43:01 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\Blender Foundation
[2014-06-25 12:21:49 | 000,000,000 | ---D | C] -- C:\Users\Danio\AppData\Roaming\Ubisoft
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014-07-23 11:32:06 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-07-23 08:45:40 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014-07-23 08:36:37 | 000,871,614 | ---- | M] () -- C:\WINDOWS\SysNative\perfh015.dat
[2014-07-23 08:36:37 | 000,788,030 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014-07-23 08:36:37 | 000,188,032 | ---- | M] () -- C:\WINDOWS\SysNative\perfc015.dat
[2014-07-23 08:36:37 | 000,160,132 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014-07-23 08:36:36 | 002,009,952 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014-07-23 08:32:44 | 000,002,219 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-07-23 08:31:27 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-07-23 08:29:44 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SysNative\Ikeext.etl
[2014-07-23 08:29:23 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014-07-23 08:29:23 | 2516,566,015 | -HS- | M] () -- C:\hiberfil.sys
[2014-07-21 18:08:16 | 000,046,136 | -H-- | M] (LogMeIn Inc.) -- C:\WINDOWS\SysNative\drivers\Hamdrv.sys
[2014-07-19 18:32:51 | 000,061,952 | ---- | M] () -- C:\Users\Danio\Desktop\XenoXMT2 Hack Na Metale.exe
[2014-07-18 15:43:17 | 000,427,360 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2014-07-18 15:43:05 | 000,092,008 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswstm.sys
[2014-07-18 15:43:04 | 001,041,168 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsnx.sys
[2014-07-18 15:43:04 | 000,224,896 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014-07-18 15:43:04 | 000,079,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014-07-18 15:43:04 | 000,065,776 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014-07-18 15:43:03 | 000,307,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014-07-18 15:43:03 | 000,093,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014-07-18 15:43:03 | 000,029,208 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2014-07-18 15:43:00 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014-07-18 15:38:52 | 000,000,058 | ---- | M] () -- C:\WINDOWS\directx.sys
[2014-07-18 14:02:13 | 001,221,120 | ---- | M] () -- C:\Users\Danio\Desktop\Super Spam Bot v3 - by IQONMAN.exe
[2014-07-17 22:22:13 | 000,001,011 | ---- | M] () -- C:\WINDOWS\ARPR.INI
[2014-07-14 16:05:07 | 000,466,456 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysNative\wrap_oal.dll
[2014-07-14 16:05:07 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll
[2014-07-14 16:05:07 | 000,122,904 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysNative\OpenAL32.dll
[2014-07-14 16:05:06 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysWow64\OpenAL32.dll
[2014-07-12 10:15:47 | 000,341,176 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014-07-11 00:15:47 | 000,000,000 | ---- | M] () -- C:\end
[2014-07-10 08:43:27 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSReset.exe
[2014-07-09 16:32:24 | 002,033,432 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014-07-08 17:37:33 | 000,233,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014-07-08 15:49:32 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnet.dll
[2014-07-08 15:49:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnathlp.dll
[2014-07-08 15:49:32 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnsvr.exe
[2014-07-08 15:49:32 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhupnp.dll
[2014-07-08 15:49:32 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhpast.dll
[2014-07-08 15:49:31 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnet.dll
[2014-07-08 15:49:31 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnathlp.dll
[2014-07-08 15:49:31 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnsvr.exe
[2014-07-08 15:49:31 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhupnp.dll
[2014-07-08 15:49:31 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhpast.dll
[2014-07-08 15:49:30 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dplayx.dll
[2014-07-08 15:49:30 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpwsockx.dll
[2014-07-08 15:49:30 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dplaysvr.exe
[2014-07-08 15:49:30 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpmodemx.dll
[2014-07-01 00:45:58 | 000,688,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014-06-28 09:48:07 | 000,527,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014-06-28 09:07:52 | 000,385,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014-06-27 11:43:38 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-06-26 22:55:30 | 000,703,968 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014-06-26 22:55:30 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014-06-26 17:38:38 | 093,585,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MRT.exe
[2014-06-25 20:23:02 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys
[2014-06-25 20:19:14 | 000,309,248 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtscsidrv.sys
[2014-06-25 20:16:25 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\SysNative\drivers\sptd.sys
[2014-06-25 19:45:26 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-06-25 19:45:26 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014-07-22 13:00:09 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SysNative\Ikeext.etl
[2014-07-22 11:43:40 | 000,002,219 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-07-19 18:29:37 | 000,061,952 | ---- | C] () -- C:\Users\Danio\Desktop\XenoXMT2 Hack Na Metale.exe
[2014-07-18 15:41:36 | 000,001,433 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Basic 2008 Express Edition.lnk
[2014-07-18 14:32:00 | 000,000,058 | ---- | C] () -- C:\WINDOWS\directx.sys
[2014-07-17 21:37:50 | 000,001,011 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2014-07-17 14:48:15 | 000,210,944 | ---- | C] () -- C:\WINDOWS\SysWow64\msvcrt10.dll
[2014-07-11 00:14:29 | 000,000,000 | ---- | C] () -- C:\end
[2014-07-08 17:38:11 | 000,050,745 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014-07-05 18:36:51 | 000,000,673 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast Whistleblower.lnk
[2014-07-02 09:40:15 | 000,000,761 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast.lnk
[2014-06-27 11:43:38 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-06-26 20:42:37 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-06-25 19:39:06 | 000,002,885 | ---- | C] () -- C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
[2014-06-19 00:45:36 | 000,000,093 | ---- | C] () -- C:\Users\Danio\AppData\Local\fusioncache.dat
[2014-06-18 23:59:26 | 000,669,184 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe
[2014-06-10 07:34:40 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014-06-08 16:43:27 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014-06-07 22:28:23 | 000,103,736 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2014-06-07 22:28:23 | 000,076,152 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2014-06-07 22:28:22 | 002,434,856 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc_bc2.exe
[2014-06-07 21:56:17 | 002,033,432 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014-04-30 19:47:48 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_bs-2.3.dll
[2014-04-30 19:47:48 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_pe-2.3.dll
[2014-04-30 19:47:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_se-2.3.dll
[2014-04-30 19:47:48 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2014-04-30 19:47:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\SysWow64\cis-2.4.dll
[2013-08-22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013-08-22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013-08-22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-08-22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013-08-22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013-08-22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013-08-22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2014-06-07 22:22:21 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-04-06 18:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-04-06 17:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014-07-11 00:07:34 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\.minecraft
[2014-07-10 23:40:05 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\.minecraftzyczu
[2014-06-27 18:07:59 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Audacity
[2014-06-07 20:43:46 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\AVAST Software
[2014-07-22 16:19:53 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\AVG2014
[2014-06-25 12:43:01 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Blender Foundation
[2014-07-22 08:49:09 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\FileZilla
[2014-06-14 21:15:52 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\GG
[2014-06-12 14:45:13 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\java
[2014-07-17 15:26:06 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\MotoCast
[2014-07-17 13:44:40 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Motorola
[2014-06-07 21:21:02 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Motorola Mobility
[2014-07-22 08:49:09 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Notepad++
[2014-07-10 23:41:44 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Origin
[2014-06-07 23:53:58 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Riot Games
[2014-06-07 21:08:25 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Samsung
[2014-06-26 19:01:05 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\TeamViewer
[2014-06-21 01:53:24 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\TechSmith
[2014-07-23 11:30:53 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\TuneUp Software
[2014-06-25 12:21:49 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Ubisoft
[2014-06-11 07:47:50 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Unified Remote
[2014-07-18 20:37:46 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\Unity
[2014-07-22 08:49:09 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\uTorrent
[2014-07-14 16:30:59 | 000,000,000 | ---D | M] -- C:\Users\Danio\AppData\Roaming\ZombieDriver

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\Danio\SkyDrive:ms-properties

< End of report >

 

 

OTL Extras logfile created on: 2014-07-23 12:04:47 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danio\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,93 Gb Total Physical Memory | 3,05 Gb Available Physical Memory | 38,46% Memory free
15,93 Gb Paging File | 10,95 Gb Available in Paging File | 68,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,17 Gb Total Space | 630,93 Gb Free Space | 67,76% Space Free | Partition Type: NTFS
Drive E: | 14,90 Gb Total Space | 9,68 Gb Free Space | 64,93% Space Free | Partition Type: FAT32
Drive F: | 7,49 Gb Total Space | 7,49 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: D4N10 | User Name: Danio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2949727594-1032169731-3388429741-1001\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00358958-19CB-4579-B63B-8FAEA28A5FAB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0044E037-588D-4066-84F5-2304CA169C20}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0151C442-36AE-49BF-9387-73D6660521B9}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{01617D40-8308-400B-9FD6-5B0F80260D4F}" = lport=139 | protocol=6 | dir=in | app=system |
"{034EE6F2-2900-48AB-B6B9-F5EE360D85EA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=udostępnianie plików i drukarek (usługa buforu — rpc-epmap) |
"{0362FF6C-112D-4512-B689-74CA637B229C}" = lport=445 | protocol=6 | dir=in | app=system |
"{0556AAFE-3FF6-4CA7-93A9-2176FD3D4C59}" = rport=5357 | protocol=6 | dir=out | app=system |
"{0743A1C4-C233-42BB-98F1-06A9E85AF5FB}" = lport=5357 | protocol=6 | dir=in | app=system |
"{081A3512-5B71-440D-B58A-85EB0D8B244A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{08444C37-1DF7-4EE2-B231-97E8C5E5879C}" = lport=137 | protocol=17 | dir=in | app=system |
"{0BDD5EB2-6FF1-43E0-AB80-8A27BF83BB54}" = lport=3390 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{1571B4A7-EFB4-4C6C-9A00-8A371455E7FA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{165FCE0A-A445-4F65-AC99-A763CD7B0CB9}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=%systemroot%\system32\svchost.exe |
"{169D3513-842E-4BB4-905B-B0BACA895776}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=%systemroot%\system32\svchost.exe |
"{193EA768-1095-4903-8957-44CDA3997BE9}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\lsass.exe |
"{1C787085-7EFB-48E9-9183-389C30CC5023}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1F6DAED4-7006-48A3-A553-FD9F017B17E1}" = lport=445 | protocol=6 | dir=in | app=system |
"{23E6EE18-771B-4D91-B84B-4880A56960A9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{271FF8FE-018F-480F-8D8D-27F7723D7F65}" = lport=139 | protocol=6 | dir=in | name=monitorowanie maszyny wirtualnej (sesja nb — ruch przychodzący) |
"{27BDD376-9F25-4156-A054-07FF2A3FDBE6}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{28F6E21F-FD5F-4BBE-983D-B42890FCEC3F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2A1F474B-716D-40C8-AACD-43948575D955}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2AB7951B-1EB5-471B-88BB-5FB734B7B522}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{2CE89FDF-937D-41FB-A9CB-8F4808B3F12E}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{31012F53-DEA4-47DF-BC76-D31E85C3F751}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{321B8199-65B7-4D46-ADCE-19B19CCD0359}" = lport=10244 | protocol=6 | dir=in | app=system |
"{361D665D-0459-482F-B2AE-E1D0C38E6AC4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{386F489D-0D7C-4D8E-8B68-139E85438EF3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3900A4E2-9C26-4D01-BA11-B03CB45E9090}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\wininit.exe |
"{3F5729C6-F02A-4094-AD60-51F227D265CD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{419F1717-EA09-4AAC-8068-C50B010EDF46}" = rport=445 | protocol=6 | dir=out | app=system |
"{42FD970D-C05E-4161-A8F0-81A2CB29A54B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{43359B11-5059-4EEE-A562-309FE3D5637A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4426A1EB-D870-4545-A069-C6005F0BA7B4}" = lport=rpc-epmap | protocol=6 | dir=in | app=%systemroot%\system32\wininit.exe |
"{45C22C45-E769-4CDC-BDCF-9622A911CB52}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4A01AC52-0B34-486D-97C1-C51EF5F65417}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{500E50FD-CDB4-4B70-ACA2-2E2BB17033DE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{53DD811E-E706-49F0-94AE-50ABC3DA7E81}" = rport=15740 | protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{57C96B04-F26C-4EC0-A87F-D98C49BF316F}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{5A73DBB1-BFB9-49AC-AAAB-E84A2A009C6F}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{5EBE34A9-8BA1-4A28-8536-C97A065E79E2}" = lport=80 | protocol=6 | dir=in | app=system |
"{5F284EE5-CFF8-4AC3-93A2-78E126C16C6E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{615E71D8-17FA-43FE-A9DD-40871E9200B7}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{643CB796-98B3-4F28-9FD4-43673F29E0E0}" = lport=138 | protocol=17 | dir=in | app=system |
"{6712A095-E1E5-4D92-8433-39D94224E9C8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{75CD0C9C-1F01-4308-A107-C672B29EE559}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{75D7DDDA-31CF-4116-8755-E0671580FDE2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7BE08740-1671-4663-AB64-B830B16E85DF}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{7F6DB7FC-134A-444E-A01C-8955EA2F1333}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\vdsldr.exe |
"{8085E277-F482-41C2-A8FA-3E8207D37328}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{81C16F98-7864-4DF8-9D0F-628F2213543B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{853614DC-3994-49B7-B65D-A455FFA7931C}" = lport=445 | protocol=6 | dir=in | app=system |
"{8A2B2EA7-EAC2-4751-AE7B-D66528BF7A88}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{8B3F0FD4-6BF3-4D80-9185-28B64EC3BD60}" = rport=5358 | protocol=6 | dir=out | app=system |
"{8B40B0C9-84E6-46EF-AB7C-7B526A9A4429}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{90304C45-85CE-4403-8DE0-D03F245E2EA7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{92507F18-3889-4C1A-AD72-33F731CD1A09}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{954ABC82-C935-43B0-9A06-B2EAE45380B0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{969B12C5-8841-4ABB-991E-733A149D69C5}" = rport=2869 | protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{97F9379B-DEE6-4FEE-8BAE-2A8EC9EC070C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{99742FC9-38DB-45FA-BEB9-BD207D9E1026}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{997548D0-F271-44D6-B123-53A6E5E8C36C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A3ABF13-18D6-4FB1-A2A1-BDDA584D8061}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{9CBF25F4-8F7D-492E-9382-519AB0EEAEFF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D94B3DB-C4C1-4597-8B5D-384F75B58BCC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A2955B0D-63DD-4E68-9BB2-A9826A0DAFD4}" = lport=5358 | protocol=6 | dir=in | app=system |
"{A31A522D-4D90-4F62-B01C-091043D9144D}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=%systemroot%\system32\svchost.exe |
"{A4A414DE-6E74-45EA-81DC-5E072DA0D918}" = rport=137 | protocol=17 | dir=out | app=system |
"{A789E423-254C-4F9A-9570-5B2702634E1B}" = rport=139 | protocol=6 | dir=out | app=system |
"{A9CCCD9D-C611-442E-956F-33137F0CE77B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{AC2CB83C-F84B-44C4-9CD9-9C848290E4EA}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=%systemroot%\system32\svchost.exe |
"{AE57A4F3-B5D6-437B-9EA5-C7F0A1608625}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{AFC9972E-BD8D-4ABB-B72F-AD70EAC25DB5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B0736FBB-D15E-48A8-833A-746D7E94775C}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=%systemroot%\system32\vds.exe |
"{B12FF169-0823-4258-A316-A79C6190A496}" = lport=1723 | protocol=6 | dir=in | app=system |
"{B2E5D243-C6AF-489F-B363-AEFF72DF6DC9}" = rport=1701 | protocol=17 | dir=out | app=system |
"{B5465C38-523C-4883-8A1D-CED392E502DE}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=%systemroot%\system32\snmptrap.exe |
"{BE98E191-A2C8-432E-8588-9EE258A37D7D}" = lport=443 | protocol=6 | dir=in | app=system |
"{BF0E2EFF-A3DF-47D2-9136-05DBFAC2509E}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C3B96AE1-AD74-4242-88D9-C8204150D201}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\services.exe |
"{CB2D70C5-F11B-40DB-A12D-62C61C58D18A}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=%systemroot%\system32\svchost.exe |
"{CC8FF480-C736-4CB3-BD8F-21F7DC06116C}" = lport=445 | protocol=6 | dir=in | app=system |
"{D2D6FD58-6A2C-4344-97B1-CB151B84D1AF}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{D3597A7C-E1AE-44C0-A13B-A851C1D67756}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4E76317-96C0-47E4-A317-D100E2F7A7A9}" = rport=1723 | protocol=6 | dir=out | app=system |
"{D8AF557E-7066-433C-BBBC-9C04168DD03F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D8DA7D61-CDBA-466C-990E-E48467BE59BF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DF0C4DE6-7B8A-417C-9F32-6CD172D60B58}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF9C3372-DE4C-47C2-99AB-4C952F1886C7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB70FD29-5349-4A0F-8FBF-9DE1A4F86D6F}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EEF0A0D9-1412-40BA-9926-7957B622D48E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F0219A1C-C744-4215-89E6-E87CDFD1B1F3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F515D2F8-CD15-4235-89F9-9B16F57DFA1A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{F5164146-A761-4B4D-AA5A-3D7D183879D2}" = lport=1701 | protocol=17 | dir=in | app=system |
"{F594305B-0914-4154-ABEF-C8B98B28E8A0}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\netevtfwdr.exe |
"{F6023EF9-62C8-412F-BECE-C919EF0A1C96}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F82C026A-4FA6-4545-B511-DF36352CDD8F}" = rport=138 | protocol=17 | dir=out | app=system |
"{F84A98E7-28F8-49DE-B387-7B3AE640B6EF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FAFE37AB-754C-42FD-9BCD-01EBAFE662E6}" = lport=8317 | protocol=6 | dir=in | name=techsmith camtasia studio |
"{FDE28F29-9DD6-4636-9686-B2675975E6F2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FFADB9DC-C0C8-47C8-AB62-D545833BD0E2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01489983-3CAF-4B30-91BF-617EBFE53474}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{03312C75-527B-43EA-85B4-0EC0F5D440B9}" = protocol=6 | dir=in | app=c:\users\danio\appdata\roaming\utorrent\utorrent.exe |
"{043B37E5-F156-4502-9B9A-3718A6042D82}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{05564CC6-07E7-4825-B7F5-BAA878023690}" = dir=out | name=skype |
"{06418B36-86DE-4DB3-9112-43610859EA6A}" = protocol=6 | dir=in | app=c:\gry\outlast\binaries\win32\olgame.exe |
"{06ABF99B-DE0D-4738-B8CB-7038358909AF}" = protocol=6 | dir=in | app=%systemroot%\system32\plasrv.exe |
"{07606963-B5CE-4290-A8EB-B25B1D1EBC13}" = dir=in | app=c:\program files (x86)\google\chrome remote desktop\36.0.1985.102\remoting_host.exe |
"{09D36398-1ECC-49F3-8AAD-FB3EB5D989C1}" = protocol=6 | dir=in | app=c:\gry\splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"{09F03EEB-4AB8-446C-84FB-6EDB30FBC1AC}" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{0AA2B9EF-66FB-47FF-BDA4-416CA52C41AE}" = protocol=17 | dir=in | app=c:\users\danio\appdata\roaming\utorrent\utorrent.exe |
"{0B0FDA62-BBE1-44C6-959C-DAF0381A099D}" = protocol=17 | dir=in | app=c:\gry\ac director's cut edition\assassinscreed_dx9.exe |
"{0F804164-72D6-42C3-926E-82AB1DB6A2B2}" = protocol=6 | dir=in | app=c:\gry\metin2\negrosmt2\negros\negros.exe |
"{10F39F81-39FA-456C-8A03-8EFFF360A60A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{11F631E0-77BA-49C8-A01B-A077E3987ECC}" = protocol=58 | dir=in | name=monitorowanie maszyny wirtualnej (żądanie echa — ruch przychodzący icmpv6) |
"{1245FD06-BEF0-446A-A362-C71699ADEFB6}" = protocol=6 | dir=in | app=c:\gry\outlast\binaries\win64\olgame.exe |
"{12941E52-C25A-4AC7-AF83-93EEED7113B2}" = protocol=6 | dir=in | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{148DAB20-BEF5-4B33-B072-ABF9BC4F21E9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1792A4E2-1EEA-490E-8AA1-4191011CE365}" = protocol=17 | dir=in | app=c:\gry\ac director's cut edition\assassinscreed_launcher.exe |
"{17E3A417-E0CE-4CBC-9A86-BC5F93511C00}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{1958979C-7D7A-4FBF-9488-53487BA6D3D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1959DB76-4A3B-465E-B51B-47BA07ACB421}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{1E408F4D-1CF9-4DCA-8F74-DC7F9F0DCE84}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{206FAF28-CC37-4783-818A-29248E5B196C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2225DE1E-1458-4E35-AD48-F6B45A3BC316}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{22D3458E-4AB5-4461-BB39-7AA956FED7D8}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{230C0959-A350-4B9D-A72B-698826C034F2}" = protocol=6 | dir=in | app=%systemroot%\system32\msdtc.exe |
"{255549DC-DA5C-496C-9878-9B329663B864}" = protocol=6 | dir=in | app=c:\gry\ac director's cut edition\assassinscreed_launcher.exe |
"{26DFBB55-516E-454D-ACC9-241B48429A5A}" = protocol=6 | dir=in | app=c:\gry\splinter cell blacklist\src\system\blacklist_game.exe |
"{2AA31585-B6C8-4BB9-AB2A-4D22280466EE}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{2ABED94A-400B-4A40-9C51-D5CA60A40DFF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{2C4C1EC0-B15E-47CC-BE5F-EB26341B6AD1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{2D401C13-C958-4FD1-AD13-E0B8297A31C7}" = protocol=6 | dir=out | app=%systemroot%\system32\msdtc.exe |
"{31354AF8-CA90-4965-AEC9-B01B02C985CB}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{326845DB-7FAE-4AD8-A758-05EB43914DB9}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jdk1.8.0_05\jre\bin\javaw.exe |
"{352C3D0E-3CF7-4935-A223-F92F50DCA951}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3610B938-7F93-4E96-8638-8630A9558C55}" = protocol=17 | dir=in | app=c:\gry\crysis 2\bin32\crysis2.exe |
"{36C594F5-5170-431E-B4B6-3CDC09FAB4CA}" = protocol=6 | dir=in | app=c:\gry\ghost recon phantoms\pdc-live\ghostreconphantoms.exe |
"{37D3A5C3-8731-4655-9A72-AAE91651F718}" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"{3864BFE7-2C84-4014-8E06-914E810B5C01}" = protocol=58 | dir=in | name=udostępnianie plików i drukarek (żądanie echa — ruch przychodzący icmpv6) |
"{39F02A57-3103-412E-B58B-09683527B580}" = dir=in | name=skype |
"{3B1382E8-3E5A-4422-9AA9-CB6B4A15BEBE}" = protocol=17 | dir=in | app=c:\program files (x86)\unity\editor\unity.exe |
"{3D5B842A-F8EC-400B-8B67-A2313BCC1EA3}" = protocol=6 | dir=in | app=c:\gry\gameforgelive\games\pol_pol\s.k.i.l.l\binaries\win32\sf2.exe |
"{41D83983-F042-44AD-AFA0-E4A29BE654EF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4239627B-F589-4C38-96B8-665C604C78FE}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{42735413-8728-4448-8D25-C2BC7B7828CF}" = protocol=6 | dir=in | app=c:\gry\metin2\pandoramt2\pandoramt2\pandoramt2(bez_patchera).exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{443BBAA1-6695-4AD1-9E1F-DB719F9BB8E3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{44ACE432-AD06-4C1E-916B-7BCF50E44302}" = protocol=6 | dir=out | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{45983C56-D298-40C7-8CB4-A3558337844C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{464FFF64-7E51-424F-8784-B9C69F0ECB28}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{46F11926-98C0-4C39-813D-0D1EBA5B5A80}" = protocol=17 | dir=in | app=c:\gry\metin2\virtualmt2\virtualmt2\metin2.bin |
"{493DD943-90C2-44BF-B8A3-365AB70E7A44}" = protocol=6 | dir=out | app=%systemroot%\system32\rmttpmvscmgrsvr.exe |
"{4C2699AD-4672-40C5-8782-E415F8981E4C}" = protocol=6 | dir=in | app=%systemroot%\system32\wbem\unsecapp.exe |
"{4DD30C26-FA79-47B3-BCC2-1FF1227BEE99}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zombie driver\release\zombiedriver.exe |
"{511FC141-7F4A-4309-95CE-BD8EC16D3C05}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{51B62993-51DA-4A0B-A9B8-EBA56E577CE4}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{52C959B5-DEF5-47EC-A99D-CF8527ADBD89}" = protocol=17 | dir=in | app=c:\gry\crysis 3\crysis 3\bin32\crysis3.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{550229F6-8776-4402-9359-6CE88A937C3C}" = protocol=17 | dir=in | app=c:\gry\h.a.w.x. 1\hawx_dx10.exe |
"{5550BDF2-64CC-456D-A2AE-0833F510411B}" = protocol=6 | dir=out | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{57263EB3-BA44-4401-A770-729EF95C2946}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{57D0FF7C-7542-4E1A-B3F7-E92EB92C235D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{58A953FD-C13F-414B-94FA-14F6E9712C32}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{5908DBEF-C9E9-4C09-BD5B-F1F164E7F246}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5C67B374-6D24-43E0-9353-C8D3071D3EBC}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{5CA6BD5A-3527-47B6-B855-28E1506C6180}" = protocol=58 | dir=out | name=udostępnianie plików i drukarek (żądanie echa — ruch wychodzący icmpv6) |
"{5E522B61-D2F7-43D3-9911-94BECB14234D}" = dir=in | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{5EF725FE-AA1A-4C00-A356-D75235977B0C}" = protocol=6 | dir=out | app=system |
"{5F31E7C3-9233-49AC-8C28-0F1DB3771A39}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{616A78E8-ACCC-40C0-86EC-2FC594D5CB60}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{65D41DAF-3781-4A4B-B402-877D65541E84}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{65EA9A18-2B6D-45E7-B2AB-F20ABBD30183}" = protocol=6 | dir=in | app=c:\gry\h.a.w.x. 2\hawx2.exe |
"{660DD76B-86B8-4304-BE42-081EDAAC942A}" = dir=out | name=hill climb racing |
"{665454BF-DBA0-49B8-AF3C-79AFCB227922}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{66F15F5D-417E-4FF0-A2F7-2506C01AC538}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{679FD8A7-3461-4BB3-B16F-2A9E8BB0CA1A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{694F969E-DD7F-4CEC-8571-1561863FEE0A}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{6D0C111A-6009-448C-BA73-6B904D951274}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{6E1867AE-CC6C-4493-8FF0-791271D56D7E}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{6F7568B5-6049-43E1-9D11-42E22D91A606}" = protocol=17 | dir=in | app=c:\gry\ghost recon phantoms\pdc-live\ghostreconphantoms.exe |
"{70DAB185-3126-40C0-AC2B-B2F5A5FBD537}" = protocol=6 | dir=in | app=c:\gry\gameforgelive\gfl_client.exe |
"{71D9123A-AA0E-432C-9305-5DCF90A4424D}" = protocol=6 | dir=in | app=c:\gry\outlast whistleblower\binaries\win64\olgame.exe |
"{72C8FB7A-3538-4314-B54B-79055A8BD3F0}" = dir=in | app=c:\program files (x86)\motorola mobility\motocast\bin\motocast-thumbnailer.exe |
"{731950C2-79B6-4C00-B0D1-2C1B2D707DC8}" = protocol=6 | dir=in | app=c:\gry\metin2\virtualmt2\virtualmt2\metin2.bin |
"{74969F88-91EE-4BB7-93EE-32AB036A18E2}" = protocol=17 | dir=in | app=c:\gry\h.a.w.x. 2\hawx2_dx11.exe |
"{74C252A7-D202-4462-952A-B03F356EE2BA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{7508523A-0ABD-44FC-AE6D-9EC466EED380}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{76F5F913-FB4A-4B00-BECA-27685B887090}" = dir=out | name=angry birds star wars, 3 stars walkthrough |
"{790B9DAF-56C8-4C74-B779-F70261FF21DA}" = protocol=17 | dir=in | app=c:\gry\outlast\binaries\win64\olgame.exe |
"{7B854B86-6C01-4452-B6FD-9BFF9EB3FBA8}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jdk1.8.0_05\jre\bin\javaw.exe |
"{7CE5F918-4AEB-44C6-9803-7C7E7F9501B2}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7E60D349-3845-435C-9532-FB120708F9F2}" = protocol=17 | dir=in | app=c:\gry\outlast\binaries\win32\olgame.exe |
"{82984124-3A67-4F8D-91A7-D0B0F1ECF866}" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"{83955B95-D989-401A-84EE-0578360AE809}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{83F64449-605A-447D-9AB7-FFDE787A7AE2}" = dir=in | app=c:\program files (x86)\motorola media link\lite\mml.exe |
"{840ED3A7-B7C7-4530-A1F2-215F92722AC8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86850DB7-3B31-41FB-A239-76205050D5FF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{877436C3-3F11-46E3-AC4C-F3DAB94F39DB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{89A9E4A4-1533-4BC9-A6AB-1FD200ED86B5}" = protocol=17 | dir=in | app=c:\gry\ac director's cut edition\assassinscreed_dx10.exe |
"{8ADC8AAC-36D4-4BC0-B39F-AD871E02A774}" = protocol=6 | dir=in | app=c:\gry\h.a.w.x. 2\hawx2_dx11.exe |
"{8B9EEAFF-F205-43B4-9188-152A33644150}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8CA5DB1F-D7C1-4254-AF4E-575E9AC09327}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8D752E24-C728-4E34-B4EB-C22892AF687A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\zombie driver\release\zombiedriver.exe |
"{8DF07927-FE76-4FE5-B33C-AAA3F3E72956}" = protocol=17 | dir=in | app=c:\gry\h.a.w.x. 1\hawx.exe |
"{8E1BE638-4679-4A99-A798-B5E6E747BE51}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E4342C2-D7D9-468C-9731-09B5C2041555}" = dir=in | app=c:\program files (x86)\motorola mobility\motocast\motocast.exe |
"{8F12AEB8-3149-42FE-B1EC-0156B85CD5DE}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{8FD25555-BBE3-4752-A8A1-7015188EF2B1}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{946DB6C2-3515-4368-AB9D-96A60BC00E0C}" = protocol=6 | dir=in | app=c:\gry\ac director's cut edition\assassinscreed_dx9.exe |
"{949FE18C-DFD7-42E2-AB9D-9C271C5F5E9C}" = dir=out | name=@{microsoft.xboxcompanion_1.4.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{94F6F054-1DCF-4E3F-9031-BD54170B195A}" = dir=out | name=@{microsoft.bingweather_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{95030C44-4F0E-4951-8A05-1400F6744992}" = protocol=47 | dir=out | app=system |
"{96B82E7D-60B4-4AFA-8EF1-9DC36AF9DDBA}" = protocol=17 | dir=in | app=c:\gry\gameforgelive\games\pol_pol\s.k.i.l.l\binaries\win32\sf2.exe |
"{97FCB99F-97DA-417A-B1B6-8D93C64154A0}" = protocol=47 | dir=in | app=system |
"{9CEAB8E6-47E7-48C7-AF20-C80DB230ABCB}" = dir=out | app=c:\program files (x86)\motorola mobility\motocast\motocast.exe |
"{9D08B456-2242-4363-B60C-E424F939D275}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A0B703F5-5EF3-4F52-A191-57EBF76A4BEA}" = dir=out | name=@{microsoft.bingnews_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{A18EDF37-1817-4DB9-BAA0-37DFC2A82164}" = protocol=1 | dir=in | name=udostępnianie plików i drukarek (żądanie echa — ruch przychodzący icmpv4) |
"{A1D01834-FAD8-4127-AF54-198AC7CD82B6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{A351B1EE-BA93-4789-ACB3-E39E18B032BD}" = protocol=6 | dir=in | app=c:\gry\h.a.w.x. 1\hawx.exe |
"{A667B088-D59E-4767-B7AE-3C0C458936BD}" = protocol=17 | dir=in | app=c:\program files\streammygame\streamer_server.exe |
"{A82EB4A3-926A-457F-BA95-F995C9B29F5E}" = protocol=17 | dir=in | app=c:\gry\h.a.w.x. 2\hawx2.exe |
"{AD0284FD-C43E-48B3-93CA-9DCFEB82CCE7}" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"{AE243DE6-1BB2-47DD-A6D4-269F177B2C6E}" = protocol=17 | dir=in | app=c:\gry\battlefield play4free\bfp4f.exe |
"{B04CBEF1-28DC-4035-A018-E28438FEB6A4}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{B0EAD620-CCDB-4FA5-B36C-1E1C69661812}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{B7A3167A-4455-437F-B744-5F00C49F7D65}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{BA35187E-8F9F-4880-AC61-A28E3C70C898}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island epidemic\dead island epidemic - launcher.exe |
"{BD2BDFD6-46C5-43DD-B6DF-10FDAA6B7151}" = protocol=6 | dir=in | app=c:\gry\crysis 3\crysis 3\bin32\crysis3.exe |
"{C149D4F2-598F-4B13-BDEB-DE8CF77DBEA5}" = protocol=6 | dir=in | app=c:\gry\crysis 2\bin32\crysis2.exe |
"{C2C2E4C7-FE7D-4A1D-B6EB-D854CD19E7FA}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre8\bin\java.exe |
"{C5814214-FC18-420A-8C14-90DFF3E51444}" = protocol=6 | dir=in | app=c:\gry\h.a.w.x. 1\hawx_dx10.exe |
"{C793FC8E-1567-409F-B0A1-DE32B42706EA}" = dir=out | name=@{microsoft.bingtravel_3.0.2.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{C7A075F7-B17A-4D16-AF24-4216C1600572}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{C81EB0B1-1A31-417F-91D1-AD8EF36B38D7}" = protocol=17 | dir=in | app=c:\gry\off-road drive\binaries\win32\pp3.exe |
"{C9EAE9F6-9745-41F6-A2A8-6E407312568A}" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"{CCD08ED6-ABC8-438F-A50B-68194C439C2E}" = protocol=17 | dir=in | app=c:\gry\splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"{D0DA98DD-6091-469F-A117-10CAFF49145A}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre8\bin\java.exe |
"{D0DCA58D-72C0-4939-93FE-506D2972AE81}" = protocol=17 | dir=in | app=c:\gry\metin2\pandoramt2\pandoramt2\pandoramt2(bez_patchera).exe |
"{D1007941-D594-4E71-B9DD-7A3F5C352132}" = protocol=6 | dir=in | app=c:\program files\streammygame\streamer_server.exe |
"{D30C1FBA-B754-40A8-96EA-09873F760A33}" = protocol=17 | dir=in | app=c:\gry\outlast whistleblower\binaries\win64\olgame.exe |
"{D483EB03-1704-43BC-8AB3-60F95C1624D9}" = dir=out | app=c:\program files (x86)\motorola mobility\motocast\bin\motocast-thumbnailer.exe |
"{D590F116-F7B1-46EE-8019-CBE9AD5894B7}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D876FF3C-8768-4130-8F5F-854561C90BD3}" = protocol=1 | dir=in | name=monitorowanie maszyny wirtualnej (żądanie echa — ruch przychodzący icmpv4) |
"{D8DCBF57-7231-44C8-A252-540555ADFBB6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{DA26022E-973E-439C-B6F9-A143FBED2CBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DA6862DF-EF08-400C-BEC4-DAAA5006E7A6}" = protocol=6 | dir=in | app=%systemroot%\system32\rmttpmvscmgrsvr.exe |
"{DA90E806-D6AF-4443-BE4F-97C6847F58A1}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{DB39A7C4-DEC6-42F6-A849-991E53F53754}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DF1E7B6B-D8C8-46DC-8D55-0C7F23B791EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF70723D-A22F-4B32-91AA-B2A7EDF94E2E}" = protocol=17 | dir=in | app=c:\gry\metin2\negrosmt2\negros\negros.exe |
"{E023E9C1-6C22-439D-8985-129C7A24C9FF}" = protocol=6 | dir=in | app=c:\gry\ac director's cut edition\assassinscreed_dx10.exe |
"{E0B7552D-B17C-416B-867B-C8E1D73F9B3E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{E1FE1388-DE4C-4AC3-AD22-622668D2F282}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{E342D23C-D87F-44ED-B51B-4B7CDB0E3D34}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{E9CC1CB4-BD96-46D7-AA79-E598B9D3D349}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{EC0F3F6B-CF56-4586-9D83-A6A80E377568}" = dir=out | name=facebook |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ED1D3012-4264-4460-A185-4D5D2B3BCC69}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{ED66B655-1C7E-4CFB-9ACF-6D9DBB76D189}" = dir=out | name=@{microsoft.zunemusic_2.2.903.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{EDB38FE8-74C0-4496-99ED-3D39185105E5}" = protocol=1 | dir=out | name=udostępnianie plików i drukarek (żądanie echa — ruch wychodzący icmpv4) |
"{F06E4AC7-76BF-4DBB-B65B-060DFCBE2C15}" = dir=out | name=flappy bird |
"{F20E6093-D845-46D6-8D49-0090C76CFF10}" = protocol=6 | dir=in | app=c:\gry\battlefield play4free\bfp4f.exe |
"{F22E939B-5338-474E-8390-B73BEF183A7F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island epidemic\dead island epidemic - launcher.exe |
"{F2DA2D41-DAE2-4CFB-8BE2-FF70574757E5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F3DA540B-0602-45E8-8EC4-F51E01ABE70F}" = protocol=17 | dir=in | app=c:\gry\splinter cell blacklist\src\system\blacklist_game.exe |
"{F5566B68-EFD9-4CF0-B455-9BEDD5B75841}" = protocol=6 | dir=in | app=c:\program files (x86)\unity\editor\unity.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F757DBD2-242A-442A-9A66-E173715F138E}" = protocol=6 | dir=in | app=c:\gry\off-road drive\binaries\win32\pp3.exe |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F9834858-C5CA-424F-9FDB-C2737CEB80C2}" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"{FBDA32DB-0A1A-41C9-B86C-88BB53EB29BA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"TCP Query User{13140140-6306-4E14-850A-C0E39D41A311}C:\gry\metin2\negrosmt2\negros\negros.exe" = protocol=6 | dir=in | app=c:\gry\metin2\negrosmt2\negros\negros.exe |
"TCP Query User{1434DEDD-2B0B-492B-928B-92A2B8ADB84E}C:\users\danio\appdata\local\apps\2.0\q17gyv1c.w9o\6e8ppp3a.a9b\laun...app_59711684aa47878d_0001.0023_b6f7e29e26be9250\launcher.exe" = protocol=6 | dir=in | app=c:\users\danio\appdata\local\apps\2.0\q17gyv1c.w9o\6e8ppp3a.a9b\laun...app_59711684aa47878d_0001.0023_b6f7e29e26be9250\launcher.exe |
"TCP Query User{2C778CD1-1D71-46AF-B1A5-01919DFE3525}C:\users\danio\appdata\local\apps\2.0\q17gyv1c.w9o\6e8ppp3a.a9b\laun...app_59711684aa47878d_0001.0023_02d66a7d211551d0\launcher.exe" = protocol=6 | dir=in | app=c:\users\danio\appdata\local\apps\2.0\q17gyv1c.w9o\6e8ppp3a.a9b\laun...app_59711684aa47878d_0001.0023_02d66a7d211551d0\launcher.exe |
"TCP Query User{44A6DA9A-EF82-4B83-A5E9-C8329B49402B}C:\gry\ghost recon phantoms\pdc-live\ghostreconphantoms.exe" = protocol=6 | dir=in | app=c:\gry\ghost recon phantoms\pdc-live\ghostreconphantoms.exe |
"TCP Query User{500CAC1A-647B-4BC8-8475-BBE2EEF7069B}C:\gry\metin2\virtualmt2\virtualmt2\metin2.bin" = protocol=6 | dir=in | app=c:\gry\metin2\virtualmt2\virtualmt2\metin2.bin |
"TCP Query User{5FBF954A-CA5D-4974-A1F8-4391C8284A7B}C:\program files (x86)\unity\editor\unity.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unity\editor\unity.exe |
"TCP Query User{63B2EE02-F744-449E-8F95-7FF6657015A9}C:\gry\metin2\xenoxmt2\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=6 | dir=in | app=c:\gry\metin2\xenoxmt2\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"TCP Query User{6F062FD0-268E-46A6-9C93-554274447AE7}C:\gry\splinter cell pandora tomorrow\pandora.exe" = protocol=6 | dir=in | app=c:\gry\splinter cell pandora tomorrow\pandora.exe |
"TCP Query User{71387BA8-326B-4247-932C-E4FB6B439590}C:\gry\outlast\binaries\win32\olgame.exe" = protocol=6 | dir=in | app=c:\gry\outlast\binaries\win32\olgame.exe |
"TCP Query User{7FF130C2-F032-46EC-8132-271A1C48DD99}C:\program files\streammygame\streamer_server.exe" = protocol=6 | dir=in | app=c:\program files\streammygame\streamer_server.exe |
"TCP Query User{83B026F8-D583-4C14-B8D0-3DA2D907F525}C:\program files (x86)\java\jdk1.8.0_05\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jdk1.8.0_05\jre\bin\javaw.exe |
"TCP Query User{84867993-E601-451C-A1B5-E8BE6E30B11A}C:\gry\h.a.w.x. 1\hawx_dx10.exe" = protocol=6 | dir=in | app=c:\gry\h.a.w.x. 1\hawx_dx10.exe |
"TCP Query User{855A28CA-1908-42FD-9AA9-BDDC079D4E97}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{935F85CA-454E-45EE-B675-CE0F86355D97}C:\gry\crysis 3\crysis 3\bin32\crysis3.exe" = protocol=6 | dir=in | app=c:\gry\crysis 3\crysis 3\bin32\crysis3.exe |
"TCP Query User{94206ADF-EC98-4F05-8A79-42DC99BE82F8}C:\gry\h.a.w.x. 1\hawx.exe" = protocol=6 | dir=in | app=c:\gry\h.a.w.x. 1\hawx.exe |
"TCP Query User{AB2A292A-9668-444B-8392-BC85D6ABC30E}C:\program files (x86)\java\jre8\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre8\bin\java.exe |
"TCP Query User{C171BE25-BB2F-4201-9380-614C6A2818A7}C:\gry\outlast whistleblower\binaries\win64\olgame.exe" = protocol=6 | dir=in | app=c:\gry\outlast whistleblower\binaries\win64\olgame.exe |
"TCP Query User{C2F1F7D7-88F6-40D4-8765-97745D173A47}C:\gry\metin2\pandoramt2\pandoramt2\pandoramt2(bez_patchera).exe" = protocol=6 | dir=in | app=c:\gry\metin2\pandoramt2\pandoramt2\pandoramt2(bez_patchera).exe |
"TCP Query User{C9490998-BD89-4181-9F0A-AD85ED7543A0}C:\gry\outlast\binaries\win64\olgame.exe" = protocol=6 | dir=in | app=c:\gry\outlast\binaries\win64\olgame.exe |
"TCP Query User{D1EFDA16-62ED-4FDC-9DC2-051DE49305EE}C:\gry\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\gry\crysis 2\bin32\crysis2.exe |
"TCP Query User{E15C22CA-51E3-49C5-8C40-C16CFB53D22C}C:\gry\metin2\4funmt2\4fun\4funmt2.exe" = protocol=6 | dir=in | app=c:\gry\metin2\4funmt2\4fun\4funmt2.exe |
"TCP Query User{E9AC563E-1A1D-4309-8ECD-BF3C8BFA8A84}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{EB09BF53-F017-4429-AF92-D6A33B4D3743}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{ECE68615-A249-4A81-BE27-D9FEB5FAAC52}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"TCP Query User{EE00EDD0-C161-4D45-B0E6-BCF66A3DE33D}C:\gry\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\gry\battlefield play4free\bfp4f.exe |
"UDP Query User{06EA61B6-0384-4117-A7AA-42A1A9F93566}C:\program files (x86)\java\jdk1.8.0_05\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jdk1.8.0_05\jre\bin\javaw.exe |
"UDP Query User{072BB28B-AF48-4DCA-BDC4-DED04FE093E9}C:\gry\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\gry\battlefield play4free\bfp4f.exe |
"UDP Query User{113D7F41-9425-4AB6-B6D2-24C0345FAECC}C:\gry\h.a.w.x. 1\hawx_dx10.exe" = protocol=17 | dir=in | app=c:\gry\h.a.w.x. 1\hawx_dx10.exe |
"UDP Query User{113DE417-4FCA-441D-AE40-458B86B2024F}C:\program files (x86)\java\jre8\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre8\bin\java.exe |
"UDP Query User{187569EF-58B2-4A35-A60F-9461C1168982}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{20FEED0D-DDA1-428E-B34E-587C2908A0B4}C:\gry\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\gry\crysis 2\bin32\crysis2.exe |
"UDP Query User{35B7FD84-2BE2-41F9-BA48-B6E007058F1E}C:\gry\splinter cell pandora tomorrow\pandora.exe" = protocol=17 | dir=in | app=c:\gry\splinter cell pandora tomorrow\pandora.exe |
"UDP Query User{4F83D0F0-0523-41BE-B168-DEA664715EC3}C:\gry\outlast whistleblower\binaries\win64\olgame.exe" = protocol=17 | dir=in | app=c:\gry\outlast whistleblower\binaries\win64\olgame.exe |
"UDP Query User{53B3FDA6-32ED-48D9-AC27-7ECF3D20C552}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{54650262-C167-425D-A7D3-375636E992EA}C:\users\danio\appdata\local\apps\2.0\q17gyv1c.w9o\6e8ppp3a.a9b\laun...app_59711684aa47878d_0001.0023_02d66a7d211551d0\launcher.exe" = protocol=17 | dir=in | app=c:\users\danio\appdata\local\apps\2.0\q17gyv1c.w9o\6e8ppp3a.a9b\laun...app_59711684aa47878d_0001.0023_02d66a7d211551d0\launcher.exe |
"UDP Query User{5C08D322-165F-4C88-A365-89FDBB95A004}C:\gry\outlast\binaries\win32\olgame.exe" = protocol=17 | dir=in | app=c:\gry\outlast\binaries\win32\olgame.exe |
"UDP Query User{8E47B1B5-91E4-41EF-A51E-AE78F1050455}C:\gry\metin2\negrosmt2\negros\negros.exe" = protocol=17 | dir=in | app=c:\gry\metin2\negrosmt2\negros\negros.exe |
"UDP Query User{92C21909-3944-44BB-81F8-E5EBED8A0381}C:\gry\h.a.w.x. 1\hawx.exe" = protocol=17 | dir=in | app=c:\gry\h.a.w.x. 1\hawx.exe |
"UDP Query User{A73BFB7D-0CD6-4EF5-B1DF-0FFD43731CC9}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"UDP Query User{C0306B13-36CD-4BEB-9153-756F392D421E}C:\program files (x86)\unity\editor\unity.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unity\editor\unity.exe |
"UDP Query User{CC55013A-2E6B-4F34-9ACB-C1C7FED59B70}C:\program files\streammygame\streamer_server.exe" = protocol=17 | dir=in | app=c:\program files\streammygame\streamer_server.exe |
"UDP Query User{CFF19915-0093-4160-B2AC-F54005659ADC}C:\users\danio\appdata\local\apps\2.0\q17gyv1c.w9o\6e8ppp3a.a9b\laun...app_59711684aa47878d_0001.0023_b6f7e29e26be9250\launcher.exe" = protocol=17 | dir=in | app=c:\users\danio\appdata\local\apps\2.0\q17gyv1c.w9o\6e8ppp3a.a9b\laun...app_59711684aa47878d_0001.0023_b6f7e29e26be9250\launcher.exe |
"UDP Query User{D028E493-9F4D-4CB1-A8C3-FAD15FB9F360}C:\gry\metin2\4funmt2\4fun\4funmt2.exe" = protocol=17 | dir=in | app=c:\gry\metin2\4funmt2\4fun\4funmt2.exe |
"UDP Query User{D393626B-8D60-4443-AE02-6E842992DC3C}C:\gry\metin2\virtualmt2\virtualmt2\metin2.bin" = protocol=17 | dir=in | app=c:\gry\metin2\virtualmt2\virtualmt2\metin2.bin |
"UDP Query User{D4F00137-EBCA-4367-845E-9698C8B6F6C4}C:\gry\metin2\xenoxmt2\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe" = protocol=17 | dir=in | app=c:\gry\metin2\xenoxmt2\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"UDP Query User{E0DF8A2E-232C-4B1F-A535-C1BD34EFD7B0}C:\gry\ghost recon phantoms\pdc-live\ghostreconphantoms.exe" = protocol=17 | dir=in | app=c:\gry\ghost recon phantoms\pdc-live\ghostreconphantoms.exe |
"UDP Query User{E704D4AA-4605-4DED-9180-A80329B4766C}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{F70FBADF-DDB9-475B-9C4A-EFD2CA92C332}C:\gry\metin2\pandoramt2\pandoramt2\pandoramt2(bez_patchera).exe" = protocol=17 | dir=in | app=c:\gry\metin2\pandoramt2\pandoramt2\pandoramt2(bez_patchera).exe |
"UDP Query User{FBB1329D-636E-4658-9B26-150306A868C6}C:\gry\outlast\binaries\win64\olgame.exe" = protocol=17 | dir=in | app=c:\gry\outlast\binaries\win64\olgame.exe |
"UDP Query User{FEEFF749-2315-422D-82A7-5C586EFD36FF}C:\gry\crysis 3\crysis 3\bin32\crysis3.exe" = protocol=17 | dir=in | app=c:\gry\crysis 3\crysis 3\bin32\crysis3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{083808D6-6235-37A8-82C1-98D226EB681F}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60830
"{122B909F-9DCF-360E-91E7-0679E033FBE1}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60830
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F06417060FF}" = Java 7 Update 60 (64-bit)
"{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}" = Microsoft SQL Server 2008 Native Client
"{3F5F509B-E226-417C-8CD1-CAAE756C328A}" = paint.net
"{42D80340-9DEB-371A-9BF3-E20E98C98F0E}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20827
"{5DE73CC7-A84F-30CE-AE15-16381816609D}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20827
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523
"{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}" = Motorola Mobile Drivers Installation 6.3.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 340.43
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 340.43
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 340.43
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 340.43
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 14.6.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio" = NVIDIA Wirtualny dźwięk Miracast 340.43
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 14.6.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}" = Oracle VM VirtualBox 4.3.12
"{B5BBEF15-44B1-43FA-A4B7-3AFE501B5949}" = AVG 2014
"{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}" = Microsoft SQL Server 2008 Native Client
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}" = AVG 2014
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"AVG" = AVG 2014
"Blender" = Blender
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.69.2
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"Unlocker" = Unlocker 1.9.2
"WinRAR archiver" = WinRAR 5.10 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis®
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83218005FF}" = Java 8 Update 5
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{2E9C0CF2-6FD1-417E-A5A1-5AE93C0032DF}" = Chrome Remote Desktop Host
"{32A3A4F4-B792-11D6-A78A-00B0D0180050}" = Java SE Development Kit 8 Update 5
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3C21516E-0FDA-3794-B714-B6612BA58BDF}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20827
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{50AF8559-F490-381F-A6E7-06A07DE227DC}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"{5401CEE8-3C2D-4835-A802-213306537FF4}" = MotoCast
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}" = Dead Space
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{76A232AF-B7D6-41A4-B795-6B355E6D32B1}" = Tom Clancy's H.A.W.X. 2
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1" = VGA Boost
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85467CBC-7A39-33C9-8940-D72D9269B84F}" = Microsoft Visual F# 2.0 Runtime
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}" = Motorola Device Software Update
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}" = Microsoft SQL Server 2008 Setup Support Files
"{97D5031E-CCC0-3AA1-ADE7-6E5E7C032DD5}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20827
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 2.0.4
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}" = Tom Clancy's Splinter Cell® Blacklist™
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B9691991-64D3-435B-8A83-69CC21016936}" = Camtasia Studio 8
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{BD96B1DF-2A2E-4ED1-B255-F8050DEB1B3D}" = Unified Remote
"{BDA0EB29-8B31-4BF4-8B05-04AA52340AC4}" = LogMeIn Hamachi
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{D731FCB5-E7D0-4EE1-AC0A-8994FF2F9EBB}_is1" = Outlast PL [bDIP] wersja 1.0
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DF3F2F7F-FE61-4BEB-B7DB-BF2D3071431E}" = Royal Quest
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.206
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F68B404C-0E04-337F-A132-796508EE337A}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60830
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Astroburn Lite" = Astroburn Lite
"Audacity_is1" = Audacity 2.0.5
"Avast" = avast! Free Antivirus
"Cheat Engine 6.3_is1" = Cheat Engine 6.3
"Crossfire Europe" = Crossfire Europe
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.8.1
"Google Chrome" = Google Chrome
"iFree Skype Recorder" = iFree Skype Recorder 6.0.6
"InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"Intelore - RAR Password Recovery" = RAR Password Recovery v1.1 RC17 (remove only)
"League of Legends 3.0.1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.2.1012
"Metin2_is1" = Metin2
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 29.0.1 (x86 pl)" = Mozilla Firefox 29.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"Special Force 2 Beta_is1" = S.K.I.L.L. - Special Force 2
"Steam" = Steam
"Steam App 104900" = ORION: Dino Horde
"Steam App 222900" = Dead Island: Epidemic
"Steam App 31410" = Zombie Driver
"Steam App 43110" = Metro 2033
"Steam App 8980" = Borderlands
"Steam App 91310" = Dead Island
"T3V0bGFzdA==_is1" = Outlast
"T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1" = Outlast: Whistleblower
"TeamViewer 9" = TeamViewer 9
"TenomichiStreamer" = StreamMyGame software
"Unity" = Unity
"Uplay" = Uplay

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2949727594-1032169731-3388429741-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free (Danio)
"d8be6c3f847d7d92" = Ghost Recon Phantoms - EU
"GG" = GG
"MyFreeCodec" = MyFreeCodec
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2014-07-23 04:29:30 | Computer Name = D4n10 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie
powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error - 2014-07-23 04:44:30 | Computer Name = D4n10 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie
powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error - 2014-07-23 04:59:30 | Computer Name = D4n10 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie
powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error - 2014-07-23 05:14:30 | Computer Name = D4n10 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie
powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error - 2014-07-23 05:29:30 | Computer Name = D4n10 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie
powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error - 2014-07-23 05:39:13 | Computer Name = D4n10 | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: avgui.exe, wersja: 14.0.0.4714,
sygnatura czasowa: 0x53a04dfa Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0,
sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000
Identyfikator
procesu powodującego błąd: 0x1ac8 Godzina uruchomienia aplikacji powodującej błąd:
0x01cfa658b7ef646c Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\AVG\AVG2014\avgui.exe
Ścieżka
modułu powodującego błąd: unknown Identyfikator raportu: 344f9c5b-124d-11e4-826f-448a5b81f79e
Pełna
nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego
błąd:

Error - 2014-07-23 05:44:30 | Computer Name = D4n10 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie
powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error - 2014-07-23 05:59:30 | Computer Name = D4n10 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie
powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error - 2014-07-23 06:14:30 | Computer Name = D4n10 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie
powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error - 2014-07-23 06:29:30 | Computer Name = D4n10 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie
powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

[ System Events ]
Error - 2014-07-22 11:13:18 | Computer Name = D4n10 | Source = Service Control Manager | ID = 7031
Description = Usługa Instalator Windows niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność
korekcyjna: Uruchom usługę ponownie.

Error - 2014-07-22 11:15:18 | Computer Name = D4n10 | Source = Service Control Manager | ID = 7032
Description = Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom
usługę ponownie) po nieoczekiwanym zakończeniu usługi Instalator Windows, ale ta
akcja nie powiodła się przy następującym błędzie: %%1056.

Error - 2014-07-22 14:37:28 | Computer Name = D4n10 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PST Service z powodu następującego błędu:
%%2

Error - 2014-07-22 14:37:31 | Computer Name = D4n10 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Windows Defender z powodu następującego
błędu: %%577

Error - 2014-07-22 14:38:14 | Computer Name = D4n10 | Source = Service Control Manager | ID = 7030
Description = Usługa LogMeIn Hamachi Tunneling Engine jest oznaczona jako usługa
interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi
interakcyjne, dlatego ta usługa może nie działać właściwie.

Error - 2014-07-23 02:30:13 | Computer Name = D4n10 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PST Service z powodu następującego błędu:
%%2

Error - 2014-07-23 02:30:34 | Computer Name = D4n10 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Usługa Windows Defender z powodu następującego
błędu: %%577

Error - 2014-07-23 02:30:47 | Computer Name = D4n10 | Source = DCOM | ID = 10016
Description =

Error - 2014-07-23 03:52:58 | Computer Name = D4n10 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować
następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Definition Update
for Windows Defender - KB2267602 (Definition 1.179.799.0).

Error - 2014-07-23 04:48:32 | Computer Name = D4n10 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować
następującej aktualizacji, ponieważ wystąpił błąd 0x80246013: Aktualizacja zabezpieczeń
pakietu redystrybucyjnego programu Microsoft Visual C++ 2005 z dodatkiem Service
Pack 1 (KB2538242).


< End of report >

 

 

@ EDIT2

 

Tak się patrzę na te logi i nie jestem pewny, ale chyba zauważyłem virusika ZeroAccess. Dobrze mówię???

Z powodu licznych hejtów w moją stronę, nie będę korzystał więcej z tego konta (prawdopodobnie z forum też). Haters gonna hate...

Janusz. Rookie

Janusz.

Opublikowano
Opublikowano

Nie będę podbierał pracy @rafor4owi ale mam jedno pytanie,

 

2014-07-22 19:20 - 2014-07-22 19:20 - 03454000 _____ () C:\Users\Danio\Downloads\avg_remover_virut.exe
2014-07-22 19:15 - 2014-07-22 19:16 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_hidrag.exe
2014-07-22 19:14 - 2014-07-22 19:14 - 00339968 _____ () C:\Users\Danio\Downloads\avg_remover_kriz.exe
2014-07-22 19:11 - 2014-07-22 19:11 - 02774272 _____ () C:\Users\Danio\Downloads\avg_remover_mabezat.exe
2014-07-22 19:10 - 2014-07-22 19:10 - 04434760 _____ () C:\Users\Danio\Downloads\avg_remover_murof.exe
2014-07-22 19:09 - 2014-07-22 19:10 - 01279536 _____ () C:\Users\Danio\Downloads\avg_remover_nimda.exe
2014-07-22 19:09 - 2014-07-22 19:09 - 02774272 _____ () C:\Users\Danio\Downloads\avg_remover_parite.exe
2014-07-22 19:06 - 2014-07-22 19:07 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_prepender.exe
2014-07-22 19:06 - 2014-07-22 19:06 - 02765056 _____ () C:\Users\Danio\Downloads\avg_remover_protector.exe
2014-07-22 19:05 - 2014-07-22 19:05 - 02229064 _____ () C:\Users\Danio\Downloads\avg_remover_selges.exe
2014-07-22 19:03 - 2014-07-22 19:03 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_serpip.exe
2014-07-22 19:00 - 2014-07-22 19:00 - 02905928 _____ () C:\Users\Danio\Downloads\avg_remover_slugin.exe
2014-07-22 18:53 - 2014-07-22 18:54 - 03448880 _____ () C:\Users\Danio\Downloads\avg_remover_slt.exe
2014-07-22 18:52 - 2014-07-22 18:52 - 02550272 _____ () C:\Users\Danio\Downloads\avg_remover_tanatos.exe
2014-07-22 18:51 - 2014-07-22 18:52 - 03415088 _____ () C:\Users\Danio\Downloads\avg_remover_zeroaccess.exe
2014-07-22 18:49 - 2014-07-22 18:50 - 03429912 _____ () C:\Users\Danio\Downloads\avg_remover_gaelicum.exe
2014-07-22 18:47 - 2014-07-22 18:49 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_zbot.exe

 

po ci ci aż tyle tego? te wszystkie wirusy masz na kompie?

D4n100 Newbie

D4n100

Opublikowano
  • Autor
Opublikowano

Virus to Neshta, ale podejrzewam, że "zaprosił kolegów". Od ok 3 dni bez przerwy lecą skany różnymi antywirusami i anti-malware. Logi zaraz dam.

 

@ EDIT
 

Dodam że przez te viry komp mi zdycha :< uruchamia się powoli, dysk jest spowolniony i obciążony oraz padł Windows Denfender.

 

@ EDIT2

 

Logi FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Danio (administrator) on D4N10 on 23-07-2014 12:02:45
Running from C:\Users\Danio\Downloads
Platform: Windows 8.1 (X64) OS Language: Polski (Polska)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\VS90SP1-KB2251487-x86.exe
(Microsoft Corporation) C:\35ee158356082e2199c3dd067479\HotFixInstaller.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\vbexpress.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Users\Danio\Downloads\avg_remover_hidrag.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Danio\Downloads\avg_remover_neshta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-27] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-18] (AVAST Software)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKU\S-1-5-21-2949727594-1032169731-3388429741-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2949727594-1032169731-3388429741-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6262552 2014-06-24] (Piriform Ltd)
HKU\S-1-5-21-2949727594-1032169731-3388429741-1001\...\MountPoints2: {b467919b-0f7e-11e4-8268-448a5b81f79e} - "E:\AutoRun.exe"
HKU\S-1-5-21-2949727594-1032169731-3388429741-1001\...\MountPoints2: {b46792a1-0f7e-11e4-8268-448a5b81f79e} - "E:\AutoRun.exe"
HKU\S-1-5-21-2949727594-1032169731-3388429741-1001\...\MountPoints2: {fc07405f-fc94-11e3-825b-806e6f6e6963} - "G:\setup.exe"
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: rmbamit.ntautocheck autochk *

==================== Internet (Whitelisted) ====================

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 94.251.160.14 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Danio\AppData\Roaming\Mozilla\Firefox\Profiles\aqvbfgfo.default
FF Homepage: https://www.google.pl/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Danio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: JavaScript Deobfuscator - C:\Users\Danio\AppData\Roaming\Mozilla\Firefox\Profiles\aqvbfgfo.default\Extensions\[email protected] [2014-06-26]
FF Extension: Tiny JavaScript Debugger - C:\Users\Danio\AppData\Roaming\Mozilla\Firefox\Profiles\aqvbfgfo.default\Extensions\[email protected] [2014-06-26]
FF Extension: Adblock Plus - C:\Users\Danio\AppData\Roaming\Mozilla\Firefox\Profiles\aqvbfgfo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-26]
FF Extension: QuickJava - C:\Users\Danio\AppData\Roaming\Mozilla\Firefox\Profiles\aqvbfgfo.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-06-26]
FF Extension: JavaScript Debugger - C:\Users\Danio\AppData\Roaming\Mozilla\Firefox\Profiles\aqvbfgfo.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2014-06-26]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-07]

Chrome:
=======
CHR HomePage: hxxp://www.google.pl/
CHR StartupUrls: "https://www.google.pl/"
CHR Extension: (All Java Sources) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleifhehdjlljnlbaplopcbnbgifpphg [2014-06-07]
CHR Extension: (Dysk Google) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-07]
CHR Extension: (YouTube) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-07]
CHR Extension: (Adblock Plus) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-07]
CHR Extension: (Szukaj w Google) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-07]
CHR Extension: (AdBlock Premium) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-06-07]
CHR Extension: (Pulpit zdalny Chrome) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-07-22]
CHR Extension: (AdBlock) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-07]
CHR Extension: (Battlelog) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\glanheimggjhfdbdompmdlabopkhbneg [2014-06-07]
CHR Extension: (avast! Online Security) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-07]
CHR Extension: (Google Wallet) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-22]
CHR Extension: (Adblock Pro) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2014-06-07]
CHR Extension: (Battlefield Play4Free) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-06-07]
CHR Extension: (Gmail) - C:\Users\Danio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [31904 2013-08-17] (Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-18] (AVAST Software)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\36.0.1985.102\remoting_host.exe [51016 2014-06-26] (Google Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-06-18] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [X]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-18] ()
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-06-25] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-25] (Disc Soft Ltd)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [132608 2009-02-17] (Huawei Technologies Co., Ltd.)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-25] (Duplex Secure Ltd.)
S3 ssudeadb; C:\Windows\System32\Drivers\ssudeadb.sys [40704 2014-04-11] (Google Inc)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 uvhid; C:\Windows\System32\drivers\uvhid.sys [20992 2014-06-03] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 motandroidusb; \SystemRoot\System32\Drivers\motoandroid.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-23 12:03 - 2014-07-23 12:03 - 00602112 _____ (OldTimer Tools) C:\Users\Danio\Downloads\OTL.exe
2014-07-23 12:02 - 2014-07-23 12:03 - 00021316 _____ () C:\Users\Danio\Downloads\FRST.txt
2014-07-23 12:02 - 2014-07-23 12:02 - 00000000 ___DC () C:\FRST
2014-07-23 12:01 - 2014-07-23 12:02 - 02090496 _____ (Farbar) C:\Users\Danio\Downloads\FRST64.exe
2014-07-23 11:39 - 2014-07-23 11:40 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-07-23 11:39 - 2014-07-23 11:39 - 00000000 ____D () C:\ProgramData\AVG
2014-07-23 11:35 - 2014-07-23 11:36 - 77159736 _____ (AVG) C:\Users\Danio\Downloads\avg_tuh_stf_all_2014_519_24c43.exe
2014-07-23 11:30 - 2014-07-23 11:30 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\TuneUp Software
2014-07-23 11:14 - 2014-07-23 11:14 - 00000000 ____D () C:\Users\Danio\Desktop\Nowy folder
2014-07-23 10:48 - 2014-07-23 10:48 - 00000000 ___DC () C:\35ee158356082e2199c3dd067479
2014-07-23 09:48 - 2014-07-23 09:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Games
2014-07-23 08:54 - 2014-07-23 08:54 - 04133056 _____ () C:\Users\Danio\Downloads\xenoxmt2_launcher.exe
2014-07-23 08:32 - 2014-07-22 19:16 - 03433008 _____ (AVG Technologies CZ) C:\Users\Danio\Downloads\qdmjceaisqsjcumfol.exe
2014-07-22 20:37 - 2014-07-22 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 20:37 - 2014-07-22 20:37 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-22 19:42 - 2014-07-22 19:42 - 00065536 _____ () C:\Users\Danio\Downloads\rmbugbear.exe
2014-07-22 19:42 - 2014-07-22 19:42 - 00053248 _____ () C:\Users\Danio\Downloads\rmstubby.exe
2014-07-22 19:41 - 2014-07-22 19:41 - 00025600 _____ () C:\Users\Danio\Downloads\rmppark.exe
2014-07-22 19:41 - 2014-07-22 19:41 - 00023552 _____ () C:\Users\Danio\Downloads\rmska99.exe
2014-07-22 19:41 - 2014-07-22 19:41 - 00015872 _____ () C:\Users\Danio\Downloads\rmveronb.exe
2014-07-22 19:40 - 2014-07-22 19:40 - 00049152 _____ () C:\Users\Danio\Downloads\rmmydoom_f2.exe
2014-07-22 19:40 - 2014-07-22 19:40 - 00025600 _____ () C:\Users\Danio\Downloads\rmlovgte.exe
2014-07-22 19:40 - 2014-07-22 19:40 - 00022528 _____ () C:\Users\Danio\Downloads\rmnavida.com
2014-07-22 19:37 - 2014-07-22 19:37 - 00343552 _____ () C:\Users\Danio\Downloads\rmvirus32 (1).nt
2014-07-22 19:37 - 2014-07-22 19:37 - 00212004 _____ () C:\Users\Danio\Downloads\rmvirus (1).dos
2014-07-22 19:37 - 2014-07-22 19:37 - 00160768 _____ () C:\Users\Danio\Downloads\rmvampir.exe
2014-07-22 19:37 - 2014-07-22 19:37 - 00056320 _____ () C:\Users\Danio\Downloads\rmlove.exe
2014-07-22 19:35 - 2014-07-22 19:35 - 00027648 _____ () C:\Users\Danio\Downloads\rmswen.exe
2014-07-22 19:33 - 2014-07-22 19:34 - 00029696 _____ () C:\Users\Danio\Downloads\rmsircam.com
2014-07-22 19:32 - 2014-07-22 19:32 - 00258310 _____ () C:\Users\Danio\Downloads\rmluder.dos
2014-07-22 19:32 - 2014-07-22 19:32 - 00028672 _____ () C:\Users\Danio\Downloads\rmganda.exe
2014-07-22 19:32 - 2014-07-22 19:32 - 00025392 _____ () C:\Users\Danio\Downloads\rmvalla.exe
2014-07-22 19:31 - 2014-07-22 19:31 - 00439296 _____ () C:\Users\Danio\Downloads\rmluder.nt
2014-07-22 19:31 - 2014-07-22 19:31 - 00348672 _____ () C:\Users\Danio\Downloads\rmbg3svx.nt
2014-07-22 19:31 - 2014-07-22 19:31 - 00226816 _____ () C:\Users\Danio\Downloads\rmluder.exe
2014-07-22 19:31 - 2014-07-22 19:31 - 00162304 _____ () C:\Users\Danio\Downloads\rmbg3svx.exe
2014-07-22 19:30 - 2014-07-22 19:30 - 00339968 _____ () C:\Users\Danio\Downloads\rmelkern.exe
2014-07-22 19:30 - 2014-07-22 19:30 - 00287744 _____ () C:\Users\Danio\Downloads\rmvirus32.nt
2014-07-22 19:30 - 2014-07-22 19:30 - 00189104 _____ () C:\Users\Danio\Downloads\rmvirus.dos
2014-07-22 19:27 - 2014-07-22 19:27 - 00027648 _____ () C:\Users\Danio\Downloads\rmmag.exe
2014-07-22 19:23 - 2014-07-22 19:23 - 00025968 _____ () C:\Users\Danio\Downloads\rmdptor.exe
2014-07-22 19:20 - 2014-07-22 19:20 - 03454000 _____ () C:\Users\Danio\Downloads\avg_remover_virut.exe
2014-07-22 19:15 - 2014-07-22 19:16 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_hidrag.exe
2014-07-22 19:14 - 2014-07-22 19:14 - 00339968 _____ () C:\Users\Danio\Downloads\avg_remover_kriz.exe
2014-07-22 19:11 - 2014-07-22 19:11 - 02774272 _____ () C:\Users\Danio\Downloads\avg_remover_mabezat.exe
2014-07-22 19:10 - 2014-07-22 19:10 - 04434760 _____ () C:\Users\Danio\Downloads\avg_remover_murof.exe
2014-07-22 19:09 - 2014-07-22 19:10 - 01279536 _____ () C:\Users\Danio\Downloads\avg_remover_nimda.exe
2014-07-22 19:09 - 2014-07-22 19:09 - 02774272 _____ () C:\Users\Danio\Downloads\avg_remover_parite.exe
2014-07-22 19:06 - 2014-07-22 19:07 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_prepender.exe
2014-07-22 19:06 - 2014-07-22 19:06 - 02765056 _____ () C:\Users\Danio\Downloads\avg_remover_protector.exe
2014-07-22 19:05 - 2014-07-22 19:05 - 02229064 _____ () C:\Users\Danio\Downloads\avg_remover_selges.exe
2014-07-22 19:03 - 2014-07-22 19:03 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_serpip.exe
2014-07-22 19:00 - 2014-07-22 19:00 - 02905928 _____ () C:\Users\Danio\Downloads\avg_remover_slugin.exe
2014-07-22 18:53 - 2014-07-22 18:54 - 03448880 _____ () C:\Users\Danio\Downloads\avg_remover_slt.exe
2014-07-22 18:52 - 2014-07-22 18:52 - 02550272 _____ () C:\Users\Danio\Downloads\avg_remover_tanatos.exe
2014-07-22 18:51 - 2014-07-22 18:52 - 03415088 _____ () C:\Users\Danio\Downloads\avg_remover_zeroaccess.exe
2014-07-22 18:49 - 2014-07-22 18:50 - 03429912 _____ () C:\Users\Danio\Downloads\avg_remover_gaelicum.exe
2014-07-22 18:47 - 2014-07-22 18:49 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_zbot.exe
2014-07-22 16:46 - 2014-07-22 16:46 - 00000000 ____D () C:\ProgramData\F-Secure
2014-07-22 16:19 - 2014-07-22 16:19 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\AVG2014
2014-07-22 16:17 - 2014-07-22 16:17 - 00000000 ____D () C:\Users\Danio\AppData\Local\MFAData
2014-07-22 13:28 - 2014-07-22 13:54 - 00000000 _____ () C:\dfu.log
2014-07-22 13:00 - 2014-07-23 08:29 - 00065536 _____ () C:\WINDOWS\system32\Ikeext.etl
2014-07-22 11:43 - 2014-07-23 08:32 - 00002219 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-22 10:50 - 2014-07-22 10:50 - 00000000 ____D () C:\Users\Danio\AppData\Local\Apps\2.0
2014-07-22 10:49 - 2014-07-22 10:49 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Macromedia
2014-07-22 09:56 - 2014-07-23 12:03 - 00986482 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-22 09:56 - 2014-07-22 09:56 - 00000000 ____D () C:\338747daba48f3ac2a72895f
2014-07-22 09:12 - 2014-07-22 09:12 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2014-07-22 09:08 - 2014-07-23 09:40 - 00000000 ____D () C:\Program Files\Unlocker
2014-07-22 09:08 - 2014-07-22 09:08 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-07-19 22:01 - 2014-07-19 22:01 - 00000000 ____D () C:\ProgramData\DatacardService
2014-07-19 18:29 - 2014-07-19 18:32 - 00061952 _____ () C:\Users\Danio\Desktop\XenoXMT2 Hack Na Metale.exe
2014-07-19 18:12 - 2014-07-22 12:22 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-07-19 18:11 - 2014-07-19 18:11 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-07-19 15:06 - 2014-07-19 15:06 - 00000000 ____D () C:\0ede181c1d04ebb1c75f0c1a00f5fb
2014-07-18 20:50 - 2014-07-18 20:55 - 00000000 ____D () C:\Users\Danio\Documents\New Unity Project 1
2014-07-18 20:37 - 2014-07-18 20:50 - 00000000 ____D () C:\Users\Danio\Documents\New Unity Project
2014-07-18 20:36 - 2014-07-18 20:50 - 00000000 ____D () C:\ProgramData\Unity
2014-07-18 20:34 - 2014-07-23 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-07-18 20:30 - 2014-07-18 20:35 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-07-18 18:08 - 2014-07-22 16:08 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_neshta.exe
2014-07-18 16:29 - 2014-07-18 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-18 16:27 - 2014-07-23 12:01 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-18 16:27 - 2014-07-18 16:27 - 00000000 ___HD () C:\$AVG
2014-07-18 16:27 - 2014-07-18 16:27 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-07-18 16:25 - 2014-07-23 11:38 - 00000000 ____D () C:\Users\Danio\AppData\Local\Avg2014
2014-07-18 16:25 - 2014-07-23 11:30 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-18 16:04 - 2012-10-15 17:02 - 00019888 _____ (solvusoft) C:\WINDOWS\system32\roboot64.exe
2014-07-18 15:43 - 2014-07-18 15:43 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-18 15:41 - 2014-07-23 10:49 - 00001433 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Basic 2008 Express Edition.lnk
2014-07-18 14:51 - 2014-07-18 14:51 - 00000000 ____D () C:\Program Files (x86)\Resource Hacker
2014-07-18 14:32 - 2014-07-18 15:38 - 00000058 _____ () C:\WINDOWS\directx.sys
2014-07-17 21:51 - 2014-07-17 23:30 - 00000000 ____D () C:\Users\Danio\.VirtualBox
2014-07-17 21:51 - 2014-07-17 21:51 - 00000000 ____D () C:\Users\Danio\VirtualBox VMs
2014-07-17 21:37 - 2014-07-17 22:22 - 00001011 _____ () C:\WINDOWS\ARPR.INI
2014-07-17 21:37 - 2014-07-17 21:37 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced RAR Password Recovery
2014-07-17 21:32 - 2014-07-17 21:32 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2014-07-17 21:32 - 2014-07-17 21:32 - 00000000 ____D () C:\Program Files (x86)\Intelore
2014-07-17 14:48 - 2012-12-10 16:21 - 00163376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2014-07-17 14:48 - 2012-11-26 11:10 - 00221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tabctl32.ocx
2014-07-17 14:48 - 2012-07-06 20:03 - 00617816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2014-07-17 14:48 - 2012-05-02 11:17 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx
2014-07-17 14:48 - 2011-01-12 13:36 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2014-07-17 14:48 - 2011-01-12 13:25 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71deu.dll
2014-07-17 14:48 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71ita.dll
2014-07-17 14:48 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71fra.dll
2014-07-17 14:48 - 2011-01-12 13:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71esp.dll
2014-07-17 14:48 - 2011-01-12 13:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71enu.dll
2014-07-17 14:48 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71kor.dll
2014-07-17 14:48 - 2011-01-12 13:25 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71jpn.dll
2014-07-17 14:48 - 2011-01-12 13:25 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71cht.dll
2014-07-17 14:48 - 2011-01-12 13:25 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71chs.dll
2014-07-17 14:48 - 2011-01-12 13:19 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2014-07-17 14:48 - 2011-01-12 12:53 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2014-07-17 14:48 - 2010-02-16 14:22 - 00659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomct2.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00443488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshflxgd.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00415552 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\comct332.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatgrd.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00258880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msflxgrd.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00252240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatlst.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00222528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dblist32.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00218432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\richtx32.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00215880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mci32.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00178512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmask32.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00170080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comct232.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00136008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstdfmt.dll
2014-07-17 14:48 - 2010-02-16 14:22 - 00126800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswinsck.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00119616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomm32.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00107840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msstkprp.dll
2014-07-17 14:48 - 2010-02-16 14:22 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\picclp32.ocx
2014-07-17 14:48 - 2010-02-16 14:22 - 00080208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysinfo.ocx
2014-07-17 14:48 - 2007-02-01 22:13 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2014-07-17 14:48 - 2007-01-30 22:04 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2014-07-17 14:48 - 2006-08-26 00:28 - 01017344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70u.dll
2014-07-17 14:48 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70ita.dll
2014-07-17 14:48 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70fra.dll
2014-07-17 14:48 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70esp.dll
2014-07-17 14:48 - 2006-08-26 00:15 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70deu.dll
2014-07-17 14:48 - 2006-08-26 00:15 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70enu.dll
2014-07-17 14:48 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70kor.dll
2014-07-17 14:48 - 2006-08-26 00:15 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70jpn.dll
2014-07-17 14:48 - 2006-08-26 00:15 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70cht.dll
2014-07-17 14:48 - 2006-08-26 00:15 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70chs.dll
2014-07-17 14:48 - 2006-08-26 00:07 - 01024000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc70.dll
2014-07-17 14:48 - 2006-08-25 23:17 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl70.dll
2014-07-17 14:48 - 2006-04-10 13:41 - 01066176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl32.ocx
2014-07-17 14:48 - 2005-01-20 19:25 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvci70.dll
2014-07-17 14:48 - 2002-01-05 05:40 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll
2014-07-17 14:48 - 2001-08-23 00:00 - 01355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2014-07-17 14:48 - 1996-01-12 03:00 - 00722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb40032.dll
2014-07-17 14:48 - 1993-07-23 19:31 - 00210944 _____ () C:\WINDOWS\SysWOW64\msvcrt10.dll
2014-07-17 13:45 - 2014-07-17 13:45 - 00003450 _____ () C:\WINDOWS\System32\Tasks\MotoCast Update
2014-07-17 13:45 - 2014-07-17 13:45 - 00000000 ____D () C:\Users\Danio\AppData\Local\Motorola
2014-07-17 13:45 - 2014-07-17 13:45 - 00000000 ____D () C:\ProgramData\Nero
2014-07-17 13:45 - 2014-07-17 13:45 - 00000000 ____D () C:\Program Files (x86)\Motorola Media Link
2014-07-17 13:45 - 2014-07-17 13:45 - 00000000 ____D () C:\Binaries
2014-07-17 13:44 - 2014-07-17 15:26 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\MotoCast
2014-07-17 13:44 - 2014-07-17 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Mobility
2014-07-17 13:43 - 2014-07-17 13:44 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-07-14 16:05 - 2014-07-14 16:30 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\ZombieDriver
2014-07-14 16:05 - 2014-07-14 16:05 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2014-07-14 16:05 - 2014-07-14 16:05 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2014-07-14 16:05 - 2014-07-14 16:05 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2014-07-14 16:05 - 2014-07-14 16:05 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2014-07-14 16:05 - 2014-07-14 16:05 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-07-12 02:17 - 2014-07-12 02:17 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-11 11:21 - 2014-07-11 11:21 - 00000000 ____D () C:\Users\Danio\Documents\Electronic Arts
2014-07-11 11:21 - 2014-07-11 11:21 - 00000000 ____D () C:\Users\Danio\AppData\Local\Electronic Arts
2014-07-11 03:10 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-11 00:17 - 2014-07-11 00:17 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-07-11 00:15 - 2014-07-11 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-07-11 00:14 - 2014-07-11 00:15 - 00015240 _____ () C:\Users\Danio\Documents\Install STAR WARS The Old Republic.log
2014-07-11 00:14 - 2014-07-11 00:15 - 00000000 _____ () C:\end
2014-07-10 16:20 - 2014-07-10 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cenega
2014-07-10 11:51 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-10 11:51 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-10 11:51 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-10 11:51 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-10 11:51 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-10 11:51 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-10 11:51 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-10 11:51 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-10 11:51 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-10 10:25 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-10 10:25 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-10 10:25 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-10 10:25 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-10 10:25 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-10 10:25 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-10 10:25 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-10 10:25 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 10:25 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-10 10:25 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-10 10:25 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 10:25 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-10 10:25 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-10 10:25 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-10 10:25 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-10 10:25 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-10 10:25 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-10 10:25 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-10 10:02 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-10 10:02 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-10 10:02 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-10 10:02 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-10 10:02 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-10 10:02 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-10 10:02 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-10 10:02 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-10 10:02 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-10 10:02 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-10 10:02 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-10 10:02 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-10 10:02 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-10 10:02 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-10 10:02 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-10 10:02 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-10 10:02 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-10 10:02 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-10 10:02 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-10 10:02 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-10 10:02 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-10 10:02 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-10 10:02 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-10 10:02 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-10 10:02 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-10 10:02 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-10 10:02 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-10 09:52 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-10 09:52 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-10 09:37 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-10 08:43 - 2014-07-10 08:43 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 16:23 - 2012-11-19 13:52 - 05913872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscorwks.dll
2014-07-09 15:59 - 2014-07-09 16:16 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-07-09 15:58 - 2014-06-26 17:38 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRT.exe
2014-07-08 22:27 - 2014-07-08 22:27 - 00000000 ____D () C:\Users\Danio\Documents\My Cheat Tables
2014-07-08 17:38 - 2014-05-15 00:47 - 04720640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-07-08 17:38 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-07-08 17:38 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-07-08 17:38 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-07-08 17:38 - 2014-05-13 06:27 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-07-08 17:38 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-07-08 17:38 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-07-08 17:38 - 2014-05-13 05:41 - 01118720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-07-08 17:38 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-07-08 17:38 - 2014-05-05 08:11 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-07-08 17:38 - 2014-05-05 08:11 - 00418136 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-07-08 17:38 - 2014-05-05 08:11 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-07-08 17:38 - 2014-05-05 08:11 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-07-08 17:38 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-07-08 17:38 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-07-08 17:38 - 2014-05-03 09:40 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-07-08 17:38 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-07-08 17:38 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-07-08 17:38 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-07-08 17:38 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-07-08 17:38 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-07-08 17:38 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-07-08 17:38 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-07-08 17:38 - 2014-05-03 05:30 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-07-08 17:38 - 2014-05-03 05:27 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-07-08 17:38 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-07-08 17:38 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-07-08 17:38 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-07-08 17:38 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-07-08 17:38 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-07-08 17:38 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-07-08 17:38 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-07-08 17:38 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-07-08 17:38 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-07-08 17:38 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-07-08 17:38 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-07-08 17:38 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-07-08 17:38 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-07-08 17:38 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-07-08 17:38 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-07-08 17:38 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-07-08 17:38 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-07-08 17:38 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-07-08 17:38 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-07-08 17:38 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-07-08 17:38 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-07-08 17:38 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-07-08 17:38 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-07-08 17:38 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-07-08 17:38 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-07-08 17:38 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-07-08 17:38 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-07-08 17:38 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-07-08 17:37 - 2014-07-08 17:37 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-07-08 17:37 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-07-08 15:49 - 2014-07-08 15:49 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2014-07-08 15:49 - 2014-07-08 15:49 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2014-07-08 15:49 - 2014-07-08 15:49 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2014-07-08 15:49 - 2014-07-08 15:49 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2014-07-05 18:36 - 2014-07-05 18:36 - 00000673 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast Whistleblower.lnk
2014-07-04 16:10 - 2014-07-04 16:10 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamMyGame
2014-07-04 16:10 - 2014-07-04 16:10 - 00000000 ____D () C:\Program Files\StreamMyGame
2014-07-03 15:07 - 2014-07-03 15:07 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-03 00:05 - 2014-07-03 00:05 - 00000000 ____D () C:\ProgramData\Steam
2014-07-02 13:04 - 2014-07-02 13:04 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-07-02 13:04 - 2014-07-02 13:04 - 00000000 __RHD () C:\Users\Danio\AppData\Roaming\SecuROM
2014-07-02 11:01 - 2014-07-03 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast PL [bDIP]
2014-07-02 09:40 - 2014-07-02 12:29 - 00000761 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast.lnk
2014-06-27 12:39 - 2010-11-22 17:00 - 00394240 _____ (www.madshi.net) C:\WINDOWS\system32\madCHook.dll
2014-06-27 11:43 - 2014-07-23 08:45 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 11:43 - 2014-06-27 11:43 - 00001128 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-27 11:43 - 2014-06-27 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-27 11:43 - 2014-06-27 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-27 11:43 - 2014-06-27 11:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-27 11:43 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-27 11:43 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-06-27 11:43 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-06-26 20:52 - 2014-06-26 20:52 - 00000000 ____D () C:\Users\Danio\AppData\Local\Macromedia
2014-06-26 20:42 - 2014-07-23 11:32 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-26 20:42 - 2014-07-22 09:12 - 00003818 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\TeamViewer
2014-06-25 22:29 - 2014-06-25 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gearbox Software
2014-06-25 20:23 - 2014-06-25 20:23 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-25 20:22 - 2014-06-25 20:22 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images
2014-06-25 20:21 - 2014-06-25 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
2014-06-25 20:21 - 2014-06-25 20:21 - 00000000 ____D () C:\ProgramData\Astroburn Lite
2014-06-25 20:21 - 2014-06-25 20:21 - 00000000 ____D () C:\Program Files (x86)\Astroburn Lite
2014-06-25 20:19 - 2014-06-25 20:19 - 00309248 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtscsidrv.sys
2014-06-25 20:16 - 2014-07-18 15:49 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-06-25 20:16 - 2014-06-25 20:16 - 00386680 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys
2014-06-25 20:16 - 2014-06-25 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-06-25 20:15 - 2014-06-25 20:20 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-25 20:13 - 2014-06-25 20:13 - 00000000 ____D () C:\Program Files\DAEMON Tools
2014-06-25 19:58 - 2014-07-09 16:15 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair
2014-06-25 19:58 - 2014-06-25 19:58 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2014-06-25 19:58 - 2014-06-25 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2014-06-25 19:39 - 2014-06-25 19:39 - 00002885 _____ () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
2014-06-25 19:39 - 2014-06-25 19:39 - 00000000 ____D () C:\Program Files (x86)\Windows Installer Clean Up
2014-06-25 17:21 - 2014-06-25 17:21 - 00000000 __SHD () C:\Users\Danio\AppData\Local\EmieUserList
2014-06-25 17:21 - 2014-06-25 17:21 - 00000000 __SHD () C:\Users\Danio\AppData\Local\EmieSiteList
2014-06-25 15:40 - 2014-06-25 15:40 - 00000000 ____D () C:\dfa905f3cc7334035abb15971b980f2d
2014-06-25 15:40 - 2014-06-25 15:40 - 00000000 ____D () C:\68687f67d477a46b2d
2014-06-25 14:00 - 2014-06-25 14:00 - 00000000 ____D () C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2014-06-25 12:43 - 2014-06-25 12:43 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Blender Foundation
2014-06-25 12:21 - 2014-06-25 12:21 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Ubisoft
2014-06-24 22:06 - 2014-07-04 14:03 - 00001218 _____ () C:\WINDOWS\system32\TeamViewer9_Hooks.log

==================== One Month Modified Files and Folders =======

2014-07-23 12:04 - 2014-06-07 21:28 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Skype
2014-07-23 12:03 - 2014-07-23 12:03 - 00602112 _____ (OldTimer Tools) C:\Users\Danio\Downloads\OTL.exe
2014-07-23 12:03 - 2014-07-23 12:02 - 00021316 _____ () C:\Users\Danio\Downloads\FRST.txt
2014-07-23 12:03 - 2014-07-22 09:56 - 00986482 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-23 12:02 - 2014-07-23 12:02 - 00000000 ___DC () C:\FRST
2014-07-23 12:02 - 2014-07-23 12:01 - 02090496 _____ (Farbar) C:\Users\Danio\Downloads\FRST64.exe
2014-07-23 12:01 - 2014-07-18 16:27 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-23 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-23 11:59 - 2014-01-06 13:59 - 00000000 ___RD () C:\Users\Danio\Desktop\Muzyka
2014-07-23 11:40 - 2014-07-23 11:39 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-07-23 11:40 - 2014-06-07 16:01 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2949727594-1032169731-3388429741-1001
2014-07-23 11:39 - 2014-07-23 11:39 - 00000000 ____D () C:\ProgramData\AVG
2014-07-23 11:39 - 2014-06-07 21:00 - 00000000 ____D () C:\Users\Danio\AppData\Local\CrashDumps
2014-07-23 11:38 - 2014-07-18 16:25 - 00000000 ____D () C:\Users\Danio\AppData\Local\Avg2014
2014-07-23 11:36 - 2014-07-23 11:35 - 77159736 _____ (AVG) C:\Users\Danio\Downloads\avg_tuh_stf_all_2014_519_24c43.exe
2014-07-23 11:35 - 2014-07-18 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-07-23 11:35 - 2014-06-07 22:11 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-07-23 11:35 - 2014-06-03 19:21 - 00000000 ____D () C:\Users\Danio\Desktop\Gry
2014-07-23 11:35 - 2014-03-01 23:45 - 00000000 ____D () C:\Users\Danio\Desktop\Nagrywanie
2014-07-23 11:35 - 2013-12-12 20:25 - 00000000 ___RD () C:\Users\Danio\Desktop\Programy
2014-07-23 11:32 - 2014-06-26 20:42 - 00000930 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-23 11:30 - 2014-07-23 11:30 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\TuneUp Software
2014-07-23 11:30 - 2014-07-18 16:25 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-23 11:14 - 2014-07-23 11:14 - 00000000 ____D () C:\Users\Danio\Desktop\Nowy folder
2014-07-23 10:49 - 2014-07-18 15:41 - 00001433 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Basic 2008 Express Edition.lnk
2014-07-23 10:48 - 2014-07-23 10:48 - 00000000 ___DC () C:\35ee158356082e2199c3dd067479
2014-07-23 10:48 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-23 10:14 - 2014-06-06 16:21 - 00000000 ____D () C:\Instalki
2014-07-23 09:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-23 09:48 - 2014-07-23 09:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Games
2014-07-23 09:40 - 2014-07-22 09:08 - 00000000 ____D () C:\Program Files\Unlocker
2014-07-23 08:54 - 2014-07-23 08:54 - 04133056 _____ () C:\Users\Danio\Downloads\xenoxmt2_launcher.exe
2014-07-23 08:46 - 2014-03-24 16:45 - 00000142 _____ () C:\Users\Danio\Desktop\Notatnik.txt
2014-07-23 08:45 - 2014-06-27 11:43 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-23 08:36 - 2014-06-07 15:40 - 02009952 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-23 08:36 - 2013-08-23 01:12 - 00871614 _____ () C:\WINDOWS\system32\perfh015.dat
2014-07-23 08:36 - 2013-08-23 01:12 - 00188032 _____ () C:\WINDOWS\system32\perfc015.dat
2014-07-23 08:34 - 2014-06-07 20:45 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-23 08:34 - 2014-06-07 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-23 08:34 - 2014-06-07 20:45 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-23 08:32 - 2014-07-22 11:43 - 00002219 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-23 08:32 - 2014-05-07 18:42 - 00000000 ___DO () C:\Users\Danio\SkyDrive
2014-07-23 08:31 - 2014-06-07 22:42 - 00000000 ____D () C:\Users\Danio\AppData\Local\LogMeIn Hamachi
2014-07-23 08:29 - 2014-07-22 13:00 - 00065536 _____ () C:\WINDOWS\system32\Ikeext.etl
2014-07-23 08:29 - 2014-06-07 15:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-23 08:29 - 2014-06-06 23:15 - 00000000 ____D () C:\Temp
2014-07-23 08:29 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-23 02:53 - 2013-08-22 15:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-23 02:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing
2014-07-22 20:37 - 2014-07-22 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-22 20:37 - 2014-07-22 20:37 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-22 20:36 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-07-22 19:42 - 2014-07-22 19:42 - 00065536 _____ () C:\Users\Danio\Downloads\rmbugbear.exe
2014-07-22 19:42 - 2014-07-22 19:42 - 00053248 _____ () C:\Users\Danio\Downloads\rmstubby.exe
2014-07-22 19:41 - 2014-07-22 19:41 - 00025600 _____ () C:\Users\Danio\Downloads\rmppark.exe
2014-07-22 19:41 - 2014-07-22 19:41 - 00023552 _____ () C:\Users\Danio\Downloads\rmska99.exe
2014-07-22 19:41 - 2014-07-22 19:41 - 00015872 _____ () C:\Users\Danio\Downloads\rmveronb.exe
2014-07-22 19:40 - 2014-07-22 19:40 - 00049152 _____ () C:\Users\Danio\Downloads\rmmydoom_f2.exe
2014-07-22 19:40 - 2014-07-22 19:40 - 00025600 _____ () C:\Users\Danio\Downloads\rmlovgte.exe
2014-07-22 19:40 - 2014-07-22 19:40 - 00022528 _____ () C:\Users\Danio\Downloads\rmnavida.com
2014-07-22 19:37 - 2014-07-22 19:37 - 00343552 _____ () C:\Users\Danio\Downloads\rmvirus32 (1).nt
2014-07-22 19:37 - 2014-07-22 19:37 - 00212004 _____ () C:\Users\Danio\Downloads\rmvirus (1).dos
2014-07-22 19:37 - 2014-07-22 19:37 - 00160768 _____ () C:\Users\Danio\Downloads\rmvampir.exe
2014-07-22 19:37 - 2014-07-22 19:37 - 00056320 _____ () C:\Users\Danio\Downloads\rmlove.exe
2014-07-22 19:35 - 2014-07-22 19:35 - 00027648 _____ () C:\Users\Danio\Downloads\rmswen.exe
2014-07-22 19:34 - 2014-07-22 19:33 - 00029696 _____ () C:\Users\Danio\Downloads\rmsircam.com
2014-07-22 19:32 - 2014-07-22 19:32 - 00258310 _____ () C:\Users\Danio\Downloads\rmluder.dos
2014-07-22 19:32 - 2014-07-22 19:32 - 00028672 _____ () C:\Users\Danio\Downloads\rmganda.exe
2014-07-22 19:32 - 2014-07-22 19:32 - 00025392 _____ () C:\Users\Danio\Downloads\rmvalla.exe
2014-07-22 19:31 - 2014-07-22 19:31 - 00439296 _____ () C:\Users\Danio\Downloads\rmluder.nt
2014-07-22 19:31 - 2014-07-22 19:31 - 00348672 _____ () C:\Users\Danio\Downloads\rmbg3svx.nt
2014-07-22 19:31 - 2014-07-22 19:31 - 00226816 _____ () C:\Users\Danio\Downloads\rmluder.exe
2014-07-22 19:31 - 2014-07-22 19:31 - 00162304 _____ () C:\Users\Danio\Downloads\rmbg3svx.exe
2014-07-22 19:30 - 2014-07-22 19:30 - 00339968 _____ () C:\Users\Danio\Downloads\rmelkern.exe
2014-07-22 19:30 - 2014-07-22 19:30 - 00287744 _____ () C:\Users\Danio\Downloads\rmvirus32.nt
2014-07-22 19:30 - 2014-07-22 19:30 - 00189104 _____ () C:\Users\Danio\Downloads\rmvirus.dos
2014-07-22 19:27 - 2014-07-22 19:27 - 00027648 _____ () C:\Users\Danio\Downloads\rmmag.exe
2014-07-22 19:23 - 2014-07-22 19:23 - 00025968 _____ () C:\Users\Danio\Downloads\rmdptor.exe
2014-07-22 19:20 - 2014-07-22 19:20 - 03454000 _____ () C:\Users\Danio\Downloads\avg_remover_virut.exe
2014-07-22 19:16 - 2014-07-23 08:32 - 03433008 _____ (AVG Technologies CZ) C:\Users\Danio\Downloads\qdmjceaisqsjcumfol.exe
2014-07-22 19:16 - 2014-07-22 19:15 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_hidrag.exe
2014-07-22 19:14 - 2014-07-22 19:14 - 00339968 _____ () C:\Users\Danio\Downloads\avg_remover_kriz.exe
2014-07-22 19:11 - 2014-07-22 19:11 - 02774272 _____ () C:\Users\Danio\Downloads\avg_remover_mabezat.exe
2014-07-22 19:10 - 2014-07-22 19:10 - 04434760 _____ () C:\Users\Danio\Downloads\avg_remover_murof.exe
2014-07-22 19:10 - 2014-07-22 19:09 - 01279536 _____ () C:\Users\Danio\Downloads\avg_remover_nimda.exe
2014-07-22 19:09 - 2014-07-22 19:09 - 02774272 _____ () C:\Users\Danio\Downloads\avg_remover_parite.exe
2014-07-22 19:07 - 2014-07-22 19:06 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_prepender.exe
2014-07-22 19:06 - 2014-07-22 19:06 - 02765056 _____ () C:\Users\Danio\Downloads\avg_remover_protector.exe
2014-07-22 19:05 - 2014-07-22 19:05 - 02229064 _____ () C:\Users\Danio\Downloads\avg_remover_selges.exe
2014-07-22 19:03 - 2014-07-22 19:03 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_serpip.exe
2014-07-22 19:00 - 2014-07-22 19:00 - 02905928 _____ () C:\Users\Danio\Downloads\avg_remover_slugin.exe
2014-07-22 18:54 - 2014-07-22 18:53 - 03448880 _____ () C:\Users\Danio\Downloads\avg_remover_slt.exe
2014-07-22 18:52 - 2014-07-22 18:52 - 02550272 _____ () C:\Users\Danio\Downloads\avg_remover_tanatos.exe
2014-07-22 18:52 - 2014-07-22 18:51 - 03415088 _____ () C:\Users\Danio\Downloads\avg_remover_zeroaccess.exe
2014-07-22 18:50 - 2014-07-22 18:49 - 03429912 _____ () C:\Users\Danio\Downloads\avg_remover_gaelicum.exe
2014-07-22 18:49 - 2014-07-22 18:47 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_zbot.exe
2014-07-22 18:11 - 2014-03-19 12:58 - 00000000 ___RD () C:\Users\Danio\Dropbox
2014-07-22 17:18 - 2014-06-07 22:33 - 00000000 ____D () C:\ProgramData\Google
2014-07-22 17:16 - 2014-06-07 20:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-22 17:07 - 2014-01-31 22:01 - 00000000 ____D () C:\Users\Danio\.android
2014-07-22 16:46 - 2014-07-22 16:46 - 00000000 ____D () C:\ProgramData\F-Secure
2014-07-22 16:19 - 2014-07-22 16:19 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\AVG2014
2014-07-22 16:17 - 2014-07-22 16:17 - 00000000 ____D () C:\Users\Danio\AppData\Local\MFAData
2014-07-22 16:08 - 2014-07-18 18:08 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_neshta.exe
2014-07-22 13:54 - 2014-07-22 13:28 - 00000000 _____ () C:\dfu.log
2014-07-22 12:22 - 2014-07-19 18:12 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-07-22 11:41 - 2014-06-07 20:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-22 10:50 - 2014-07-22 10:50 - 00000000 ____D () C:\Users\Danio\AppData\Local\Apps\2.0
2014-07-22 10:49 - 2014-07-22 10:49 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Macromedia
2014-07-22 10:39 - 2014-06-07 21:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-22 09:56 - 2014-07-22 09:56 - 00000000 ____D () C:\338747daba48f3ac2a72895f
2014-07-22 09:12 - 2014-07-22 09:12 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2014-07-22 09:12 - 2014-06-26 20:42 - 00003818 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-22 09:08 - 2014-07-22 09:08 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-07-22 08:49 - 2014-06-14 12:45 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\FileZilla
2014-07-22 08:49 - 2014-06-07 21:39 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\uTorrent
2014-07-22 08:49 - 2014-06-07 21:21 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Notepad++
2014-07-22 08:26 - 2014-06-07 20:55 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-07-22 08:26 - 2014-06-07 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-22 08:26 - 2014-06-07 20:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-07-19 23:43 - 2014-06-07 15:37 - 00000000 ____D () C:\Users\Danio
2014-07-19 22:25 - 2014-06-07 22:18 - 00000000 ____D () C:\Users\Danio\Documents\warblade
2014-07-19 22:01 - 2014-07-19 22:01 - 00000000 ____D () C:\ProgramData\DatacardService
2014-07-19 22:00 - 2014-06-07 21:19 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-07-19 18:32 - 2014-07-19 18:29 - 00061952 _____ () C:\Users\Danio\Desktop\XenoXMT2 Hack Na Metale.exe
2014-07-19 18:11 - 2014-07-19 18:11 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-07-19 15:06 - 2014-07-19 15:06 - 00000000 ____D () C:\0ede181c1d04ebb1c75f0c1a00f5fb
2014-07-19 13:13 - 2014-06-07 21:38 - 00000000 ____D () C:\Users\Danio\AppData\Local\Unity
2014-07-18 22:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-18 20:55 - 2014-07-18 20:50 - 00000000 ____D () C:\Users\Danio\Documents\New Unity Project 1
2014-07-18 20:50 - 2014-07-18 20:37 - 00000000 ____D () C:\Users\Danio\Documents\New Unity Project
2014-07-18 20:50 - 2014-07-18 20:36 - 00000000 ____D () C:\ProgramData\Unity
2014-07-18 20:37 - 2014-06-14 00:51 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Unity
2014-07-18 20:35 - 2014-07-18 20:30 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-07-18 20:34 - 2014-06-06 22:20 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-07-18 18:36 - 2014-06-07 20:43 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-18 18:35 - 2014-06-15 20:36 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-07-18 17:18 - 2014-06-07 16:03 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-07-18 17:14 - 2014-06-07 21:22 - 00000000 ____D () C:\ProgramData\Origin
2014-07-18 17:12 - 2014-06-07 15:30 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-18 16:32 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-18 16:29 - 2014-07-18 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-18 16:29 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-18 16:27 - 2014-07-18 16:27 - 00000000 ___HD () C:\$AVG
2014-07-18 16:27 - 2014-07-18 16:27 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-07-18 16:05 - 2014-06-07 20:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-18 15:57 - 2014-06-07 21:34 - 00000000 ____D () C:\Users\Danio\AppData\Local\TeamSpeak 3 Client
2014-07-18 15:53 - 2014-06-07 09:33 - 00000000 ____D () C:\Users\Danio\Documents\eclipse
2014-07-18 15:49 - 2014-06-25 20:16 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-07-18 15:43 - 2014-07-18 15:43 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-18 15:43 - 2014-06-07 20:42 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-07-18 15:43 - 2014-06-07 20:42 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-18 15:43 - 2014-06-07 20:42 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-18 15:43 - 2014-06-07 20:42 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-18 15:43 - 2014-06-07 20:42 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-18 15:43 - 2014-06-07 20:42 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-07-18 15:43 - 2014-06-07 20:42 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-18 15:43 - 2014-06-07 20:42 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-18 15:43 - 2014-06-07 20:42 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-18 15:41 - 2014-06-07 21:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0
2014-07-18 15:41 - 2014-06-07 21:25 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-18 15:41 - 2013-12-27 15:16 - 00000000 ____D () C:\Gry
2014-07-18 15:38 - 2014-07-18 14:32 - 00000058 _____ () C:\WINDOWS\directx.sys
2014-07-18 14:51 - 2014-07-18 14:51 - 00000000 ____D () C:\Program Files (x86)\Resource Hacker
2014-07-18 14:49 - 2013-12-09 15:46 - 00000000 ____D () C:\Users\Danio\Documents\Visual Studio 2008
2014-07-18 14:02 - 2014-03-18 15:47 - 01221120 _____ () C:\Users\Danio\Desktop\Super Spam Bot v3 - by IQONMAN.exe
2014-07-18 13:19 - 2014-06-07 21:21 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-07-18 12:57 - 2014-06-07 21:22 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-17 23:30 - 2014-07-17 21:51 - 00000000 ____D () C:\Users\Danio\.VirtualBox
2014-07-17 22:22 - 2014-07-17 21:37 - 00001011 _____ () C:\WINDOWS\ARPR.INI
2014-07-17 21:51 - 2014-07-17 21:51 - 00000000 ____D () C:\Users\Danio\VirtualBox VMs
2014-07-17 21:37 - 2014-07-17 21:37 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced RAR Password Recovery
2014-07-17 21:32 - 2014-07-17 21:32 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2014-07-17 21:32 - 2014-07-17 21:32 - 00000000 ____D () C:\Program Files (x86)\Intelore
2014-07-17 17:09 - 2014-06-07 22:03 - 00000000 ____D () C:\Users\Danio\AppData\Local\Deployment
2014-07-17 15:26 - 2014-07-17 13:44 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\MotoCast
2014-07-17 14:38 - 2014-06-14 00:41 - 00000000 ____D () C:\Users\Danio\AppData\Local\PunkBuster
2014-07-17 13:45 - 2014-07-17 13:45 - 00003450 _____ () C:\WINDOWS\System32\Tasks\MotoCast Update
2014-07-17 13:45 - 2014-07-17 13:45 - 00000000 ____D () C:\Users\Danio\AppData\Local\Motorola
2014-07-17 13:45 - 2014-07-17 13:45 - 00000000 ____D () C:\ProgramData\Nero
2014-07-17 13:45 - 2014-07-17 13:45 - 00000000 ____D () C:\Program Files (x86)\Motorola Media Link
2014-07-17 13:45 - 2014-07-17 13:45 - 00000000 ____D () C:\Binaries
2014-07-17 13:45 - 2014-06-16 12:46 - 00000000 ____D () C:\ProgramData\Motorola
2014-07-17 13:45 - 2014-06-07 21:20 - 00000000 ____D () C:\Program Files (x86)\Motorola Mobility
2014-07-17 13:44 - 2014-07-17 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Mobility
2014-07-17 13:44 - 2014-07-17 13:43 - 00000000 ____D () C:\Program Files (x86)\Motorola
2014-07-17 13:44 - 2014-06-07 21:20 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Motorola
2014-07-17 13:44 - 2014-06-07 21:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-17 13:43 - 2014-06-16 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2014-07-16 11:58 - 2014-06-07 21:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-15 20:58 - 2014-06-07 21:26 - 00001208 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-07-15 20:58 - 2014-06-07 21:26 - 00000000 ____D () C:\Program Files\paint.net
2014-07-14 16:30 - 2014-07-14 16:05 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\ZombieDriver
2014-07-14 16:05 - 2014-07-14 16:05 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2014-07-14 16:05 - 2014-07-14 16:05 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2014-07-14 16:05 - 2014-07-14 16:05 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2014-07-14 16:05 - 2014-07-14 16:05 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2014-07-14 16:05 - 2014-07-14 16:05 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-07-12 10:15 - 2013-08-22 16:44 - 00341176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-12 02:17 - 2014-07-12 02:17 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-12 02:17 - 2013-08-23 01:14 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 02:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-12 02:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 02:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 02:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-11 11:21 - 2014-07-11 11:21 - 00000000 ____D () C:\Users\Danio\Documents\Electronic Arts
2014-07-11 11:21 - 2014-07-11 11:21 - 00000000 ____D () C:\Users\Danio\AppData\Local\Electronic Arts
2014-07-11 03:12 - 2014-06-09 17:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-11 03:11 - 2014-06-09 17:00 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-11 00:17 - 2014-07-11 00:17 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-07-11 00:15 - 2014-07-11 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-07-11 00:15 - 2014-07-11 00:14 - 00015240 _____ () C:\Users\Danio\Documents\Install STAR WARS The Old Republic.log
2014-07-11 00:15 - 2014-07-11 00:14 - 00000000 _____ () C:\end
2014-07-11 00:07 - 2014-06-22 12:56 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\.minecraft
2014-07-10 23:41 - 2014-06-07 21:24 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Origin
2014-07-10 23:40 - 2014-06-22 12:58 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\.minecraftzyczu
2014-07-10 16:20 - 2014-07-10 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cenega
2014-07-10 08:43 - 2014-07-10 08:43 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 16:32 - 2014-06-07 21:56 - 02033432 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-07-09 16:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-07-09 16:16 - 2014-07-09 15:59 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-07-09 16:15 - 2014-06-25 19:58 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair
2014-07-09 16:15 - 2014-06-07 23:54 - 00000000 ____D () C:\Users\Danio\AppData\Local\PMB Files
2014-07-09 16:15 - 2014-06-07 15:44 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-07-09 16:14 - 2014-06-17 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-07-09 16:14 - 2014-06-17 22:57 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 p48
2014-07-09 16:14 - 2014-06-17 22:30 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-07-09 10:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-07-09 10:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-07-09 10:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-07-08 22:27 - 2014-07-08 22:27 - 00000000 ____D () C:\Users\Danio\Documents\My Cheat Tables
2014-07-08 18:13 - 2014-06-09 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-07-08 17:42 - 2014-06-07 21:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-07-08 17:37 - 2014-07-08 17:37 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2014-07-08 15:49 - 2014-07-08 15:49 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2014-07-08 15:49 - 2014-07-08 15:49 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2014-07-08 15:49 - 2014-07-08 15:49 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2014-07-08 15:49 - 2014-07-08 15:49 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2014-07-05 18:36 - 2014-07-05 18:36 - 00000673 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast Whistleblower.lnk
2014-07-04 16:10 - 2014-07-04 16:10 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamMyGame
2014-07-04 16:10 - 2014-07-04 16:10 - 00000000 ____D () C:\Program Files\StreamMyGame
2014-07-04 14:03 - 2014-06-24 22:06 - 00001218 _____ () C:\WINDOWS\system32\TeamViewer9_Hooks.log
2014-07-04 14:03 - 2014-06-07 21:35 - 00001128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-03 15:07 - 2014-07-03 15:07 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-03 00:13 - 2014-07-02 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast PL [bDIP]
2014-07-03 00:05 - 2014-07-03 00:05 - 00000000 ____D () C:\ProgramData\Steam
2014-07-03 00:05 - 2014-06-19 00:58 - 00000000 ____D () C:\Users\Danio\Documents\My Games
2014-07-02 16:45 - 2014-06-08 00:02 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-07-02 14:01 - 2014-06-08 09:51 - 00000000 ____D () C:\WINDOWS\pss
2014-07-02 13:04 - 2014-07-02 13:04 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-07-02 13:04 - 2014-07-02 13:04 - 00000000 __RHD () C:\Users\Danio\AppData\Roaming\SecuROM
2014-07-02 12:29 - 2014-07-02 09:40 - 00000761 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast.lnk
2014-07-01 00:45 - 2014-07-10 10:25 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-28 09:48 - 2014-07-10 10:25 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 09:07 - 2014-07-10 10:25 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-27 18:07 - 2014-06-21 01:52 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Audacity
2014-06-27 11:43 - 2014-06-27 11:43 - 00001128 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-27 11:43 - 2014-06-27 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-27 11:43 - 2014-06-27 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-27 11:43 - 2014-06-27 11:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-26 22:55 - 2013-08-22 17:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:55 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 20:52 - 2014-06-26 20:52 - 00000000 ____D () C:\Users\Danio\AppData\Local\Macromedia
2014-06-26 19:01 - 2014-06-26 19:01 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\TeamViewer
2014-06-26 17:38 - 2014-07-09 15:58 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRT.exe
2014-06-25 22:29 - 2014-06-25 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gearbox Software
2014-06-25 20:23 - 2014-06-25 20:23 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-06-25 20:22 - 2014-06-25 20:22 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images
2014-06-25 20:21 - 2014-06-25 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
2014-06-25 20:21 - 2014-06-25 20:21 - 00000000 ____D () C:\ProgramData\Astroburn Lite
2014-06-25 20:21 - 2014-06-25 20:21 - 00000000 ____D () C:\Program Files (x86)\Astroburn Lite
2014-06-25 20:20 - 2014-06-25 20:15 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-25 20:19 - 2014-06-25 20:19 - 00309248 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtscsidrv.sys
2014-06-25 20:16 - 2014-06-25 20:16 - 00386680 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys
2014-06-25 20:16 - 2014-06-25 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-06-25 20:13 - 2014-06-25 20:13 - 00000000 ____D () C:\Program Files\DAEMON Tools
2014-06-25 19:58 - 2014-06-25 19:58 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2014-06-25 19:58 - 2014-06-25 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2014-06-25 19:45 - 2014-06-07 20:46 - 00001058 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-25 19:45 - 2014-06-07 20:46 - 00001054 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-25 19:39 - 2014-06-25 19:39 - 00002885 _____ () C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
2014-06-25 19:39 - 2014-06-25 19:39 - 00000000 ____D () C:\Program Files (x86)\Windows Installer Clean Up
2014-06-25 17:21 - 2014-06-25 17:21 - 00000000 __SHD () C:\Users\Danio\AppData\Local\EmieUserList
2014-06-25 17:21 - 2014-06-25 17:21 - 00000000 __SHD () C:\Users\Danio\AppData\Local\EmieSiteList
2014-06-25 16:30 - 2014-06-19 02:00 - 00000000 ____D () C:\ProgramData\Solidshield
2014-06-25 15:40 - 2014-06-25 15:40 - 00000000 ____D () C:\dfa905f3cc7334035abb15971b980f2d
2014-06-25 15:40 - 2014-06-25 15:40 - 00000000 ____D () C:\68687f67d477a46b2d
2014-06-25 14:00 - 2014-06-25 14:00 - 00000000 ____D () C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2014-06-25 13:10 - 2013-11-15 18:17 - 00000000 ____D () C:\Users\Danio\Desktop\Serwer
2014-06-25 12:43 - 2014-06-25 12:43 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Blender Foundation
2014-06-25 12:21 - 2014-06-25 12:21 - 00000000 ____D () C:\Users\Danio\AppData\Roaming\Ubisoft
2014-06-23 13:59 - 2014-06-07 20:46 - 00004032 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-23 13:59 - 2014-06-07 20:46 - 00003796 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Danio\AppData\Local\Temp\ae93042301b4df1de0dbc55abdd6d703.dll
C:\Users\Danio\AppData\Local\Temp\BRSVC_892515_hlp.exe
C:\Users\Danio\AppData\Local\Temp\UNINSTALL.EXE


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 16:42

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-07-2014
Ran by Danio at 2014-07-23 12:04:26
Running from C:\Users\Danio\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32380 - BitTorrent Inc.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.3.9.2 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.3.9.2 - ASUSTek COMPUTER INC.) Hidden
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Play4Free (Danio) (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Blender (HKLM\...\Blender) (Version: 2.70a - Blender Foundation)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Camtasia Studio 8 (HKLM-x32\...\{B9691991-64D3-435B-8A83-69CC21016936}) (Version: 8.4.0.1699 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{2E9C0CF2-6FD1-417E-A5A1-5AE93C0032DF}) (Version: 36.0.1985.102 - Google Inc.)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1.172 - MAYN INTERACTIVE)
Crysis® (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Dead Space (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
GG (HKCU\...\GG) (Version: 12 - GG Network S.A.)
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.36.126.2 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iFree Skype Recorder 6.0.6 (HKLM-x32\...\iFree Skype Recorder) (Version: 6.0.6 - iFree Skype Recorder)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM-x32\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (HKLM-x32\...\Microsoft Visual Basic 2008 Express Edition with SP1 - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60830 (HKLM\...\{122B909F-9DCF-360E-91E7-0679E033FBE1}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60830 (HKLM\...\{083808D6-6235-37A8-82C1-98D226EB681F}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60830 (HKLM-x32\...\{F68B404C-0E04-337F-A132-796508EE337A}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830 (HKLM-x32\...\{50AF8559-F490-381F-A6E7-06A07DE227DC}) (Version: 11.0.60830 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20827 (HKLM\...\{42D80340-9DEB-371A-9BF3-E20E98C98F0E}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20827 (HKLM\...\{5DE73CC7-A84F-30CE-AE15-16381816609D}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20827 (HKLM-x32\...\{97D5031E-CCC0-3AA1-ADE7-6E5E7C032DD5}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20827 (HKLM-x32\...\{3C21516E-0FDA-3794-B714-B6612BA58BDF}) (Version: 12.0.20827 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.301.08.04.470 - Huawei Technologies Co.,Ltd)
MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 29.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 pl)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Sterownik 3D Vision 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.43 - NVIDIA Corporation)
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
NVIDIA Wirtualny dźwięk Miracast 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 340.43 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios)
Outlast (HKLM-x32\...\T3V0bGFzdA==_is1) (Version: 1 - )
Outlast PL [bDIP] wersja 1.0 (HKLM-x32\...\{D731FCB5-E7D0-4EE1-AC0A-8994FF2F9EBB}_is1) (Version: 1.0 - BartleDooInPolish)
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
paint.net (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Panel sterowania NVIDIA 340.43 (Version: 340.43 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
RAR Password Recovery v1.1 RC17 (remove only) (HKLM-x32\...\Intelore - RAR Password Recovery) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Royal Quest (HKLM-x32\...\{DF3F2F7F-FE61-4BEB-B7DB-BF2D3071431E}) (Version: 1.0.0.0 - Cenega Poland Sp. z o.O.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 3 for SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sony PC Companion 2.10.206 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.206 - Sony)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.3.5500.0 - Microsoft Corporation)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
StreamMyGame software (HKLM-x32\...\TenomichiStreamer) (Version: - )
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
Tom Clancy's H.A.W.X (HKLM-x32\...\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}) (Version: 1.00.00000 - Ubisoft)
Tom Clancy's H.A.W.X. 2 (HKLM-x32\...\{76A232AF-B7D6-41A4-B795-6B355E6D32B1}) (Version: 1.0.1 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.03 - Ubisoft)
Unified Remote (HKLM-x32\...\{BD96B1DF-2A2E-4ED1-B255-F8050DEB1B3D}) (Version: 2.14.2.0 - Unified Remote)
Unity (HKLM-x32\...\Unity) (Version: 4.5.2f1 - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.5 - MSI)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinRAR 5.10 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Zombie Driver (HKLM-x32\...\Steam App 31410) (Version: - EXOR Studios)

==================== Restore Points =========================


==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03A82873-BC9C-40FE-B62C-5930C211D503} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F7F65B4-EF29-4F50-840D-80906738E2CA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {16A1A893-5264-4437-8E6E-AE713F52079D} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-07-18] ()
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C8234FB-230D-4034-86E3-D6F9F2FBA34D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time MPCforum\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {42BCCD0A-505D-4C96-BAB0-E81D5D475FE1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-18] (AVAST Software)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4C396E2D-2849-48AF-B4EE-97C839329D19} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-07-18] ()
Task: {4C5915C0-40D5-439C-BCAB-7DE43CBEAD42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07] (Google Inc.)
Task: {4DB3E0D5-E039-4845-8453-4415E270B5C2} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A17025B-845F-4909-A360-8414747CA88F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8BA7B697-4B56-49C0-9A42-829428568BB3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-07] (Google Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {95B13450-5E32-49C8-9895-E3B6274CCBB0} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2014-07-18] ()
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C5D27575-4662-41BF-849E-BE39209D1468} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-11] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D757F894-D35F-4166-9B01-901EBED41EB2} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-07-18] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DBA2A998-4A7D-405A-B9A9-82AAB29C3C58} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-22] (Adobe Systems Incorporated)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F4F3C1A6-4533-4B05-86D0-2E9BEEF91BED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {FCC782AD-247D-4E36-9EB6-FD8AFD9D5A2E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2949727594-1032169731-3388429741-1001
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-07 15:44 - 2014-06-13 04:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-06-07 22:28 - 2014-06-18 13:28 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-07-22 19:15 - 2014-07-22 19:16 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_hidrag.exe
2014-07-18 18:08 - 2014-07-22 16:08 - 03640880 _____ () C:\Users\Danio\Downloads\avg_remover_neshta.exe
2014-07-18 15:42 - 2014-07-18 15:42 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-22 20:37 - 2014-07-22 20:37 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072201\algo.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2012-09-07 21:37 - 2012-09-07 21:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2013-10-31 17:05 - 2013-10-31 17:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-07-18 15:42 - 2014-07-18 15:42 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-01 11:08 - 2014-06-01 11:08 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-07-22 11:43 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-22 11:43 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-22 11:43 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-22 11:43 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-22 11:43 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-22 11:43 - 2014-07-15 11:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Danio\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\Run32: => "vProt"
HKCU\...\StartupApproved\Run: => "Unified Remote v2"
HKCU\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Faulty Device Manager Devices =============

Name: Kontroler PCI Simple Communications
Description: Kontroler PCI Simple Communications
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/23/2014 11:59:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/23/2014 11:44:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/23/2014 11:39:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: avgui.exe, wersja: 14.0.0.4714, sygnatura czasowa: 0x53a04dfa
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000
Identyfikator procesu powodującego błąd: 0x1ac8
Godzina uruchomienia aplikacji powodującej błąd: 0xavgui.exe0
Ścieżka aplikacji powodującej błąd: avgui.exe1
Ścieżka modułu powodującego błąd: avgui.exe2
Identyfikator raportu: avgui.exe3
Pełna nazwa pakietu powodującego błąd: avgui.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: avgui.exe5

Error: (07/23/2014 11:29:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/23/2014 11:14:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/23/2014 10:59:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/23/2014 10:44:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/23/2014 10:29:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/23/2014 10:14:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.

Error: (07/23/2014 09:59:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Aktywacja aplikacji Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App nie powiodła się. Błąd: -2147009284. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.


System errors:
=============
Error: (07/23/2014 10:48:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT)
Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80246013: Aktualizacja zabezpieczeń pakietu redystrybucyjnego programu Microsoft Visual C++ 2005 z dodatkiem Service Pack 1 (KB2538242).

Error: (07/23/2014 09:52:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT)
Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Definition Update for Windows Defender - KB2267602 (Definition 1.179.799.0).

Error: (07/23/2014 08:30:47 AM) (Source: DCOM) (EventID: 10016) (User: D4N10)
Description: właściwe dla aplikacjiLokalnyUruchom{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}D4n10DanioS-1-5-21-2949727594-1032169731-3388429741-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (07/23/2014 08:30:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Usługa Windows Defender z powodu następującego błędu:
%%577

Error: (07/23/2014 08:30:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi PST Service z powodu następującego błędu:
%%2

Error: (07/22/2014 08:38:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Usługa LogMeIn Hamachi Tunneling Engine jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie.

Error: (07/22/2014 08:37:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Usługa Windows Defender z powodu następującego błędu:
%%577

Error: (07/22/2014 08:37:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi PST Service z powodu następującego błędu:
%%2

Error: (07/22/2014 05:15:18 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Instalator Windows, ale ta akcja nie powiodła się przy następującym błędzie:
%%1056.

Error: (07/22/2014 05:13:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Instalator Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.


Microsoft Office Sessions:
=========================
Error: (07/23/2014 11:59:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2147009284

Error: (07/23/2014 11:44:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2147009284

Error: (07/23/2014 11:39:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgui.exe14.0.0.471453a04dfaunknown0.0.0.000000000c0000005000000001ac801cfa658b7ef646cC:\Program Files (x86)\AVG\AVG2014\avgui.exeunknown344f9c5b-124d-11e4-826f-448a5b81f79e

Error: (07/23/2014 11:29:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2147009284

Error: (07/23/2014 11:14:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2147009284

Error: (07/23/2014 10:59:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2147009284

Error: (07/23/2014 10:44:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2147009284

Error: (07/23/2014 10:29:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2147009284

Error: (07/23/2014 10:14:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2147009284

Error: (07/23/2014 09:59:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D4N10)
Description: Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App-2147009284


CodeIntegrity Errors:
===================================
Date: 2014-07-23 08:30:34.123
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-22 20:37:31.455
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-22 10:40:32.012
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-22 08:18:56.890
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-20 16:46:33.439
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-19 22:19:13.955
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-19 21:57:05.138
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-19 13:14:25.072
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-18 18:36:06.854
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-18 16:30:14.935
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 72%
Total physical RAM: 8119.98 MB
Available physical RAM: 2272.96 MB
Total Pagefile: 16311.98 MB
Available Pagefile: 10533.8 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Dysk D4n10) (Fixed) (Total:931.17 GB) (Free:630.92 GB) NTFS
Drive e: () (Removable) (Total:14.9 GB) (Free:9.68 GB) FAT32
Drive f: (UDISK) (Removable) (Total:7.49 GB) (Free:7.49 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: B6AA4E26)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 5F58CDAC)
Partition 1: (Active) - (Size=8 GB) - (Type=0C)

========================================================
Disk: 2 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

 

Users shortcut scan result (x64) Version: 21-07-2014
Ran by Danio at 2014-07-23 12:13:53
Running from C:\Users\Danio\Downloads
Boot Mode: Normal
==================== Shortcuts =============================

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Basic 2008 Express Edition.lnk -> C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\vbexpress.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast Whistleblower.lnk -> C:\Gry\Outlast Whistleblower\OutlastLauncher.exe (Red Barrels Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast.lnk -> C:\Gry\Outlast\Binaries\Win32\OLGame.exe (Red Barrels Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity\MonoDevelop.lnk -> C:\Program Files (x86)\Unity\MonoDevelop\bin\MonoDevelop.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity\Report a Problem with Unity.lnk -> C:\Program Files (x86)\Unity\Editor\UnityBugReporter.exe (Unity Technologies ApS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity\Uninstall Unity.lnk -> C:\Program Files (x86)\Unity\Editor\Uninstall.exe (Unity Technologies ApS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity\Unity.lnk -> C:\Program Files (x86)\Unity\Editor\Unity.exe (Unity Technologies ApS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 8.lnk -> C:\Windows\Installer\{B9691991-64D3-435B-8A83-69CC21016936}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Studio 8.lnk -> C:\Windows\Installer\{B9691991-64D3-435B-8A83-69CC21016936}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Sony PC Companion 2.1.lnk -> C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype dla Pulpitu.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Samsung Kies 3.lnk -> C:\Program Files (x86)\Samsung\Kies3\Kies3.exe (Samsung)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast PL [bDIP]\CzytajMnie.lnk -> C:\Gry\Outlast\CzytajMnie.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast PL [bDIP]\Deinstalacja programu Outlast PL [bDIP].lnk -> C:\Gry\Outlast\unins001.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast PL [bDIP]\Outlast PL.lnk -> C:\Gry\Outlast\Binaries\Win64\OLGame.exe (Red Barrels Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Narzędzie zgłaszania błędów Origin.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\License (English).lnk -> C:\Program Files\Oracle\VirtualBox\License_en_US.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\Oracle VM VirtualBox.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (CHM, English).lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (PDF, English).lnk -> C:\Program Files\Oracle\VirtualBox\doc\UserManual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO [email protected])
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec\1.0b beta\Uninstall.lnk -> C:\Program Files (x86)\MyFree Codec\1.0b beta\uninstall.exe (Freeware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Mobility\MotoCast.lnk -> C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager\Motorola Device Manager.lnk -> C:\Windows\Installer\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}\_EED70B3E82A514A7A6E8F1.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner\Mobile Partner.lnk -> C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner\Uninstall.lnk -> C:\Program Files (x86)\Mobile Partner\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2008\Visual Studio Tools\Visual Studio 2008 Remote Debugger (x64).lnk -> C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008\Import and Export Data (32-bit).lnk -> C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\DTSWizard.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008\Configuration Tools\SQL Server Error and Usage Reporting.lnk -> C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SqlWtsn.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008\Configuration Tools\SQL Server Installation Center.lnk -> C:\Program Files (x86)\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\LandingPage.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Deinstalacja programu Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> C:\Gry\League of Legends\lol.launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk -> C:\Program Files (x86)\Java\jdk1.8.0_05\bin\jmc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre8\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy\Comrade\GameSpy Comrade.lnk -> C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Deinstalacja programu Gameforge Live.lnk -> C:\Gry\GameforgeLive\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Gameforge Live.lnk -> C:\Gry\GameforgeLive\GameforgeLive.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair\Free Window Registry Repair home.lnk -> C:\Program Files (x86)\Free Window Registry Repair\Regpair.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair\Free Window Registry Repair.lnk -> C:\Program Files (x86)\Free Window Registry Repair\Regpair.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair\Uninstall Free Window Registry Repair.lnk -> C:\Program Files (x86)\Free Window Registry Repair\UNWISE.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe (Tim Kosse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Crysis\Centrum Pomocy Technicznej Electronic Arts.lnk -> C:\Gry\Crysis 1\Support\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Crysis\Graj w Crysis.lnk -> C:\Gry\Crysis 1\Bin32\Crysis.exe (Crytek GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Crysis\Odwiedź witrynę sieciową gry Crysis.lnk -> C:\Gry\Crysis 1\Support\Crysis.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Crysis\Sprawdzaj, czy są aktualizacje gry.lnk -> C:\Gry\Crysis 1\Support\Crysis.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Crysis\Pliki pomocy w wersji węgierskiej\Przejrzyj plik Przeczytaj w wersji węgierskiej.lnk -> C:\Gry\Crysis 1\Support\Olvassel.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Crysis\Pliki pomocy w wersji polskiej\Przejrzyj plik Przeczytaj w wersji polskiej.lnk -> C:\Gry\Crysis 1\Support\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Crysis\Pliki pomocy w wersji francuskiej\Przejrzyj plik Przeczytaj w wersjie francuskiej.lnk -> C:\Gry\Crysis 1\Support\LisezMoi.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Crysis\Pliki pomocy w wersji czeskiej\Przejrzyj plik Przeczytaj w wersji czeskiej.lnk -> C:\Gry\Crysis 1\Support\Cti mne.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\Crysis\Pliki pomocy w wersji angielskiej (UK)\Przejrzyj plik Przeczytaj w wersji angielskiej (Wlk.Bryt.).lnk -> C:\Gry\Crysis 1\Support\Readme (UK).txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA\BioWare\Star Wars - The Old Republic\Uninstall Star Wars - The Old Republic.lnk -> C:\Program Files (x86)\Common Files\BioWare\Uninstall Star Wars - The Old Republic.exe (BioWare, LucasArts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\SPTD Setup.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\SPTDinst-x64.exe (Duplex Secure Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe\Crossfire Europe.lnk -> C:\Gry\Crossfire\Crossfire Europe\CF_SGIN.exe (TODO: )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe\crossfire-eu.com.lnk -> C:\Gry\Crossfire\Crossfire Europe\Crossfire Europe.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe\Uninstall.lnk -> C:\Gry\Crossfire\Crossfire Europe\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3 (32-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-i386.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3 (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine 6.3.lnk -> C:\Program Files (x86)\Cheat Engine 6.3\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine help.lnk -> C:\Program Files (x86)\Cheat Engine 6.3\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Cheat Engine tutorial.lnk -> C:\Program Files (x86)\Cheat Engine 6.3\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Reset settings.lnk -> C:\Program Files (x86)\Cheat Engine 6.3\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Uninstall Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.3\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\Kernel stuff\Unload kernel module.lnk -> C:\Program Files (x86)\Cheat Engine 6.3\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cenega\Royal Quest\Odinstaluj Royal Quest.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{DF3F2F7F-FE61-4BEB-B7DB-BF2D3071431E}\setup.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cenega\Royal Quest\Pierwsza Pomoc.lnk -> C:\Gry\Royal Quest\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Blender.lnk -> C:\Program Files\Blender Foundation\Blender\blender.exe (Blender Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Copyright.lnk -> C:\Program Files\Blender Foundation\Blender\copyright.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\GPL-license.lnk -> C:\Program Files\Blender Foundation\Blender\GPL-license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Readme.lnk -> C:\Program Files\Blender Foundation\Blender\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Uninstall.lnk -> C:\Program Files\Blender Foundation\Blender\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Battlefield 3.lnk -> C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\EA UMOWA UŻYTKOWNIKA.lnk -> C:\Program Files (x86)\Origin Games\Battlefield 3\Support\eula\pl_PL_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Plik Przeczytaj.lnk -> C:\Program Files (x86)\Origin Games\Battlefield 3\Support\readme\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Pomoc techniczna.lnk -> C:\Program Files (x86)\Origin Games\Battlefield 3\Support\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk -> C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS GPU Tweak.lnk -> C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe (ASUS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite\Astroburn Lite.lnk -> C:\Program Files (x86)\Astroburn Lite\AstroburnLite.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Media Center\Media Center Programs\Crysis.lnk -> C:\Gry\Crysis 1\Tools\Crysis.mcl ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company\Off-Road Drive\Pełna instrukcja do gry.lnk -> C:\Gry\Off-Road Drive\manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company\Off-Road Drive\Uruchom grę Off-Road Drive.lnk -> C:\Gry\Off-Road Drive\Binaries\Win32\PP3.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D79A6BAE-8BB3-4F91-AAAF-6C066354D88F}\PlayTasks\4\Detect Tool.lnk -> C:\Gry\AC Director's Cut Edition\Detection\Detection.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D79A6BAE-8BB3-4F91-AAAF-6C066354D88F}\PlayTasks\3\Game Manual.lnk -> C:\Gry\AC Director's Cut Edition\Support\Manual\AssassinsCreed.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D79A6BAE-8BB3-4F91-AAAF-6C066354D88F}\PlayTasks\2\ReadMe.txt.lnk -> C:\Gry\AC Director's Cut Edition\Support\Readme\ReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D79A6BAE-8BB3-4F91-AAAF-6C066354D88F}\PlayTasks\0\Play.lnk -> C:\Gry\AC Director's Cut Edition\AssassinsCreed_Launcher.exe (Ubisoft)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9E114A60-7853-4395-ABFE-9CA7DA4290C3}\PlayTasks\4\Detect Tool.lnk -> C:\Gry\AC Director's Cut Edition\Detection\Detection.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9E114A60-7853-4395-ABFE-9CA7DA4290C3}\PlayTasks\3\Game Manual.lnk -> C:\Gry\AC Director's Cut Edition\Support\Manual\AssassinsCreed.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9E114A60-7853-4395-ABFE-9CA7DA4290C3}\PlayTasks\2\ReadMe.txt.lnk -> C:\Gry\AC Director's Cut Edition\Support\Readme\ReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9E114A60-7853-4395-ABFE-9CA7DA4290C3}\PlayTasks\0\Play.lnk -> C:\Gry\AC Director's Cut Edition\AssassinsCreed_Launcher.exe (Ubisoft)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{34D140C8-E5F5-432F-AACA-18B5F56BF370}\PlayTasks\3\Instrukcja.lnk -> C:\Gry\H.A.W.X. 2\Support\Manual\Polish\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{34D140C8-E5F5-432F-AACA-18B5F56BF370}\PlayTasks\2\Przeczytaj.txt.lnk -> C:\Gry\H.A.W.X. 2\Support\ReadMe\Polish\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{34D140C8-E5F5-432F-AACA-18B5F56BF370}\PlayTasks\1\Graj w DX10-DX11.lnk -> C:\Gry\H.A.W.X. 2\Support\GameUpdater\GU_DX11\gu.exe (Ubisoft)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{34D140C8-E5F5-432F-AACA-18B5F56BF370}\PlayTasks\0\Play DX9.lnk -> C:\Gry\H.A.W.X. 2\Support\GameUpdater\GU_DX9\gu.exe (Ubisoft)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{148FB4B4-1522-4FBF-BBDA-69EA106EB3AC}\PlayTasks\4\Pomoc techniczna.lnk -> C:\Gry\Crysis 2\Support\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{148FB4B4-1522-4FBF-BBDA-69EA106EB3AC}\PlayTasks\3\EA UMOWA UŻYTKOWNIKA.lnk -> C:\Gry\Crysis 2\Support\Eula\pl_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{148FB4B4-1522-4FBF-BBDA-69EA106EB3AC}\PlayTasks\2\Plik Przeczytaj.lnk -> C:\Gry\Crysis 2\Support\Przeczytaj.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{148FB4B4-1522-4FBF-BBDA-69EA106EB3AC}\PlayTasks\0\Crysis® 2.lnk -> C:\Gry\Crysis 2\bin32\Crysis2Launcher.exe (Crytek GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{0581E248-741D-4749-8692-A7FC6A05E616}\PlayTasks\0\Launch.lnk -> C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe (Take-Two Interactive Software, Inc.)
Shortcut: C:\ProgramData\Media Center Programs\gu.lnk -> C:\Gry\H.A.W.X\gu-MCE.mcl (No File)
Shortcut: C:\Users\Danio\Links\Desktop.lnk -> C:\Users\Danio\Desktop ()
Shortcut: C:\Users\Danio\Links\Downloads.lnk -> C:\Users\Danio\Downloads ()
Shortcut: C:\Users\Danio\Links\Dropbox.lnk -> C:\Users\Danio\Dropbox ()
Shortcut: C:\Users\Danio\Links\GG dysk (rem2000-wp_pl).lnk -> C:\Users\Danio\GG dysk (rem2000-wp_pl) (No File)
Shortcut: C:\Users\Danio\Links\GG dysk.lnk -> C:\Users\Danio\GG dysk (No File)
Shortcut: C:\Users\Danio\Favorites\GG dysk (rem2000-wp_pl).lnk -> C:\Users\Danio\GG dysk (rem2000-wp_pl) (No File)
Shortcut: C:\Users\Danio\Favorites\GG dysk.lnk -> C:\Users\Danio\GG dysk (No File)
Shortcut: C:\Users\Danio\Desktop\cmd.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\Desktop\Torrenty\µTorrent.lnk -> C:\Users\Danio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Danio\Desktop\Programy\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\Users\Danio\Desktop\Programy\Astroburn Lite.lnk -> C:\Program Files (x86)\Astroburn Lite\AstroburnLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\Danio\Desktop\Programy\ASUS GPU Tweak.lnk -> C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe (ASUS)
Shortcut: C:\Users\Danio\Desktop\Programy\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Shortcut: C:\Users\Danio\Desktop\Programy\AVG 2014.lnk -> C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\Users\Danio\Desktop\Programy\Blender.lnk -> C:\Program Files\Blender Foundation\Blender\blender.exe (Blender Foundation)
Shortcut: C:\Users\Danio\Desktop\Programy\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Danio\Desktop\Programy\Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.3\Cheat Engine.exe ()
Shortcut: C:\Users\Danio\Desktop\Programy\CPUID CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\Users\Danio\Desktop\Programy\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\Danio\Desktop\Programy\FileZilla Client.lnk -> C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\Users\Danio\Desktop\Programy\Free Window Registry Repair.lnk -> C:\Program Files (x86)\Free Window Registry Repair\Regpair.exe ()
Shortcut: C:\Users\Danio\Desktop\Programy\Gameforge Live.lnk -> C:\Gry\GameforgeLive\GameforgeLive.exe ()
Shortcut: C:\Users\Danio\Desktop\Programy\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\Users\Danio\Desktop\Programy\GG.lnk -> C:\Users\Danio\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Danio\Desktop\Programy\Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\Users\Danio\Desktop\Programy\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\Users\Danio\Desktop\Programy\Mobile Partner.lnk -> C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe ()
Shortcut: C:\Users\Danio\Desktop\Programy\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Danio\Desktop\Programy\Oracle VM VirtualBox.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
Shortcut: C:\Users\Danio\Desktop\Programy\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Danio\Desktop\Programy\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\Users\Danio\Desktop\Programy\Samsung Kies 3.lnk -> C:\Program Files (x86)\Samsung\Kies3\Kies3.exe (Samsung)
Shortcut: C:\Users\Danio\Desktop\Programy\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\Users\Danio\Desktop\Programy\Sony PC Companion 2.1.lnk -> C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
Shortcut: C:\Users\Danio\Desktop\Programy\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Danio\Desktop\Programy\TeamSpeak 3 Client.lnk -> C:\Users\Danio\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Danio\Desktop\Programy\TeamViewer 9.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\Users\Danio\Desktop\Programy\Unified Remote.lnk -> C:\Program Files (x86)\Unified Remote\RemoteServer.exe (Unified Intents AB)
Shortcut: C:\Users\Danio\Desktop\Programy\Unity.lnk -> C:\Program Files (x86)\Unity\Editor\Unity.exe (Unity Technologies ApS)
Shortcut: C:\Users\Danio\Desktop\Programy\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Danio\Desktop\Programy\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Danio\Desktop\Nagrywanie\Camtasia Studio 8.lnk -> C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe ()
Shortcut: C:\Users\Danio\Desktop\Nagrywanie\iFree Skype Recorder.lnk -> C:\Program Files (x86)\iFree Skype Recorder\irecorder.exe (HDSoft)
Shortcut: C:\Users\Danio\Desktop\Gry\AscarialMT2.lnk -> C:\Gry\Metin2\AscarialMT2\Ascarial\Ascarial.exe (Ymir Entertainment)
Shortcut: C:\Users\Danio\Desktop\Gry\Battlefield 3.lnk -> C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
Shortcut: C:\Users\Danio\Desktop\Gry\Battlefield Play4Free.lnk -> C:\Gry\Battlefield Play4Free\BFP4f.exe (Easy)
Shortcut: C:\Users\Danio\Desktop\Gry\Borderlands.lnk -> C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe (Take-Two Interactive Software, Inc.)
Shortcut: C:\Users\Danio\Desktop\Gry\Crossfire Europe.lnk -> C:\Gry\Crossfire\Crossfire Europe\CF_SGIN.exe (TODO: )
Shortcut: C:\Users\Danio\Desktop\Gry\Crysis 3.lnk -> C:\Gry\Crysis 3\Crysis 3\Bin32\Crysis3.exe (Crytek GmbH)
Shortcut: C:\Users\Danio\Desktop\Gry\Crysis.lnk -> C:\Gry\Crysis 1\Bin32\Crysis.exe (Crytek GmbH)
Shortcut: C:\Users\Danio\Desktop\Gry\Crysis2.lnk -> C:\Gry\Crysis 2\bin32\Crysis2.exe (Crytek GmbH)
Shortcut: C:\Users\Danio\Desktop\Gry\H.A.W.X. 1.lnk -> C:\Gry\H.A.W.X. 1\HAWX_dx10.exe ()
Shortcut: C:\Users\Danio\Desktop\Gry\MinecraftZyczu.lnk -> C:\Gry\Minecraft\MinecraftZyczu.bat ()
Shortcut: C:\Users\Danio\Desktop\Gry\Mineshafter-launcher.lnk -> C:\Gry\Minecraft\Mineshafter-launcher.jar ()
Shortcut: C:\Users\Danio\Desktop\Gry\NegrosMT2.lnk -> C:\Gry\Metin2\NegrosMT2\Negros\Negros.exe ()
Shortcut: C:\Users\Danio\Desktop\Gry\Off-Road Drive.lnk -> C:\Gry\Off-Road Drive\Binaries\Win32\PP3.exe ()
Shortcut: C:\Users\Danio\Desktop\Gry\Outlast Whistleblower.lnk -> C:\Gry\Outlast Whistleblower\OutlastLauncher.exe (Red Barrels Inc.)
Shortcut: C:\Users\Danio\Desktop\Gry\Outlast.lnk -> C:\Gry\Outlast\Binaries\Win64\OLGame.exe (Red Barrels Inc.)
Shortcut: C:\Users\Danio\Desktop\Gry\Play League of Legends.lnk -> C:\Gry\League of Legends\lol.launcher.exe ()
Shortcut: C:\Users\Danio\Desktop\Gry\Splinter Cell Pandora Tomorrow.lnk -> C:\Gry\Splinter Cell Pandora Tomorrow\Logo_ubi.exe ()
Shortcut: C:\Users\Danio\Desktop\Gry\VictoriaMT2.lnk -> C:\Gry\Metin2\VictioraMT2\Metin2PL_2013\Metin2.exe ()
Shortcut: C:\Users\Danio\Desktop\Gry\Warblade.lnk -> C:\Gry\Warblade\warblade.exe ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Danio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Danio\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk -> C:\Users\Danio\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> C:\Program Files\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\README.lnk -> C:\Program Files\Unlocker\README.TXT ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Start Unlocker.lnk -> C:\Program Files\Unlocker\Unlocker.exe ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Uninstall.lnk -> C:\Program Files\Unlocker\uninst.exe ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Website.lnk -> C:\Program Files\Unlocker\Unlocker.url ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote\Unified Remote.lnk -> C:\Program Files (x86)\Unified Remote\RemoteServer.exe (Unified Intents AB)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Users\Danio\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Users\Danio\AppData\Local\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamMyGame\Start Server.lnk -> C:\Program Files\StreamMyGame\streamer_server.exe (Tenomichi/SSP Ltd)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StreamMyGame\Video Player.lnk -> C:\Program Files\StreamMyGame\streamer_player.exe (Tenomichi/SSP Ltd)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iFree Skype Recorder\iFree Skype Recorder.lnk -> C:\Program Files (x86)\iFree Skype Recorder\irecorder.exe (HDSoft)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iFree Skype Recorder\Uninstall.lnk -> C:\Program Files (x86)\iFree Skype Recorder\uninst.exe ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iFree Skype Recorder\Website.lnk -> C:\Program Files (x86)\iFree Skype Recorder\iFree Skype Recorder.url ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameSpy Comrade.lnk -> C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe (IGN Entertainment Inc.)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies 3.lnk -> C:\Program Files (x86)\Samsung\Kies3\Kies3.exe (Samsung)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Danio\AppData\Local\GG\Application\gg.lnk -> C:\Users\Danio\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Danio\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Danio\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe ()




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Uninstall Kies 3.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{88547073-C566-4895-9005-EBE98EA3F7C7}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008\Configuration Tools\SQL Server Configuration Manager.lnk -> C:\Windows\SysWOW64\mmc.exe (Microsoft Corporation) -> /32 c:\WINDOWS\SysWOW64\SQLServerManager10.msc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2\Metin2.lnk -> C:\Gry\GameforgeLive\GameforgeLive.exe () -> "C:\Gry\GameforgeLive\Games\POL_pol\Metin2\Metin2.exe" -start Metin2
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {BDA0EB29-8B31-4BF4-8B05-04AA52340AC4} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre8\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre8\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Odinstaluj program Google Earth.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uruchom program Google Earth w trybie DirectX.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) -> -setDX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uruchom program Google Earth w trybie OpenGL.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) -> -setOGL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy\Comrade\Uninstall GameSpy Comrade.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\S.K.I.L.L. - Special Force 2.lnk -> C:\Gry\GameforgeLive\GameforgeLive.exe () -> "C:\Gry\GameforgeLive\Games\POL_pol\S.K.I.L.L\DFUBG.exe" -start SKILL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3\main.lua.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> C:\Program Files (x86)\Cheat Engine 6.3\main.lua
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{D79A6BAE-8BB3-4F91-AAAF-6C066354D88F}\PlayTasks\1\Registration.lnk -> C:\Gry\AC Director's Cut Edition\Register\RegistrationReminder.exe (Ubisoft) -> -g Assassin's Creed -l english -i 3536
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{9E114A60-7853-4395-ABFE-9CA7DA4290C3}\PlayTasks\1\Registration.lnk -> C:\Gry\AC Director's Cut Edition\Register\RegistrationReminder.exe (Ubisoft) -> -g Assassin's Creed -l english -i 3536
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{34D140C8-E5F5-432F-AACA-18B5F56BF370}\PlayTasks\4\Narzędzie identyfikacji sprzętu.lnk -> C:\Gry\H.A.W.X. 2\Support\DetectionTool\detectionui_r.exe () -> POL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{148FB4B4-1522-4FBF-BBDA-69EA106EB3AC}\PlayTasks\1\Crysis® 2 - Cofnij autoryzację tego komputera.lnk -> C:\Gry\Crysis 2\bin32\activation.exe (Tages SAS) -> -revokesilent
ShortcutWithArgument: C:\Users\Danio\Desktop\Programy\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\Users\Danio\Desktop\Gry\H.A.W.X. 2.lnk -> C:\Gry\H.A.W.X. 2\HAWX2_DX11.exe () -> /offline
ShortcutWithArgument: C:\Users\Danio\Desktop\Gry\Metin2.lnk -> C:\Gry\GameforgeLive\GameforgeLive.exe () -> "C:\Gry\GameforgeLive\Games\POL_pol\Metin2\Metin2.exe" -start Metin2
ShortcutWithArgument: C:\Users\Danio\Desktop\Gry\S.K.I.L.L. - Special Force 2.lnk -> C:\Gry\GameforgeLive\GameforgeLive.exe () -> "C:\Gry\GameforgeLive\Games\POL_pol\S.K.I.L.L\DFUBG.exe" -start SKILL
ShortcutWithArgument: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote\Uninstall.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {BD96B1DF-2A2E-4ED1-B255-F8050DEB1B3D}
ShortcutWithArgument: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\Users\Danio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Danio\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast PL [bDIP]\Strona WWW programu Outlast PL [bDIP].url -> hxxp://www.bartledooinpolish.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gearbox Software\Borderlands\Rejestracja gry.url -> hxxp://www.kompania.cenega.pl/profile.php?action=gameregister.start
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gearbox Software\Borderlands\Linki\Kompania Graczy.url -> hxxp://www.kompania.cenega.pl
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gearbox Software\Borderlands\Linki\Pomoc techniczna.url -> hxxp://www.cenega.pl/pomoc.php
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gearbox Software\Borderlands\Linki\Sklep internetowy.url -> hxxp://www.sklep.cenega.pl
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gearbox Software\Borderlands\Linki\Strona firmy Cenega Poland.url -> hxxp://www.cenega.pl
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Strona internetowa Gameforge Live.url -> hxxp://gfl.gameforge.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\Danio\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Danio\Desktop\Gry\Dead Island Epidemic.url -> steam://rungameid/222900
InternetURL: C:\Users\Danio\Desktop\Gry\Dead Island.url -> steam://rungameid/91310
InternetURL: C:\Users\Danio\Desktop\Gry\Metro 2033.url -> steam://rungameid/43110
InternetURL: C:\Users\Danio\Desktop\Gry\Zombie Driver.url -> steam://rungameid/31410
InternetURL: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Ghost Recon Phantoms - EU Poradnik dla początkujących.url -> hxxp://ghost-recon.ubi.com/ghost-recon-phantoms/pl-PL/guide/index.aspx
InternetURL: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Metro 2033.url -> steam://rungameid/43110
InternetURL: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\ORION Dino Horde.url -> steam://rungameid/104900
InternetURL: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery\Order RAR Password Recovery Online!.url -> https://secure.shareit.com/shareit/checkout.html?PRODUCT[184010]=1
InternetURL: C:\Users\Danio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games\Battlefield Play4Free\Battlefield Play4Free.url -> hxxp://battlefield.play4free.com/

==================== End of log =============================

 

Z powodu licznych hejtów w moją stronę, nie będę korzystał więcej z tego konta (prawdopodobnie z forum też). Haters gonna hate...

Nezvik Newbie

Nezvik

Opublikowano
Opublikowano

Skrypt mógł się zawiesić. Wykonaj go jeszcze raz i sprawdź czy będzie to samo. Usuwanie Shelli powoduje, że pendrive podłączony do komputera automatycznie nie startuje. Jeśli infekcja przeniosła się na pendirve (a może tak być) to po usunięciu wirusa z komputera jest to potrzebne, żeby znowu go nie zainfekować (Autorun jest plikiem ukrytym). Moim zdaniem taki kaprys zasilacza ^^ zbieg okoliczności, no chyba, że płyta była na tyle uszkodzona, że prąd płynął w drugą stronę, albo pobierała tyle prądu, że zasilacz nie wyrabiał i się spalał. A z tym hackiem na metale. Kiedy go utworzyłeś? Ma on niedawną modyfikację, czyli może być zarażony przez nethse.

D4n100 Newbie

D4n100

Opublikowano
  • Autor
Opublikowano

Nie wiem, dlatego pobrałem wszystko jak leci. Mam tego dosyć, jak do 12 nie będzie dobrego rozwiązania wyebania tych virusów to robię format.

 

@ EDIT

 

Nawet formata nie idzie zrobić! Klikam prawym na dysk c > formatuj i wywala errora, że nie można formatować partycji systemowej. Włożyłem płytke instalacyjną windowsa, uruchomiłem cmd i wpisałem "format c:". I jest napis "Enter current volume label for drive C:". Wpisałem "vol c:" i wyskoczył napis "Volume in drive C is Zastrzeżone przez system". Jak ja mam ten dysk sformatować?!

Z powodu licznych hejtów w moją stronę, nie będę korzystał więcej z tego konta (prawdopodobnie z forum też). Haters gonna hate...

D4n100 Newbie

D4n100

Opublikowano
  • Autor
Opublikowano

Hmmm, zrobię to co napisałeś, ale mam jeszcze jeden pomysł. Gwarancję na kompa jeszcze mam, a i tak są bad sectory na dysku i gościu powiedział że jak będzie gorzej to mam oddać dysk i dadzą mi nowy. Trza też coś zrobić z windowsem, bo mam pirata (wymienili mi płytę główną bo była uszkodzona i kilka razy spaliła zasilacz), oryginał został na starej płycie. Może powiem im jaka jest sytuacja (po formacie, o wirusach nie muszą wiedzieć :D ) i po prostu dadzą mi nowego windowsa, płytę główną, dysk i wszystko będzie ok???

 

@ EDIT

 

Ten twój skrypt coś nie działa 

k4guq1.png

Z powodu licznych hejtów w moją stronę, nie będę korzystał więcej z tego konta (prawdopodobnie z forum też). Haters gonna hate...

D4n100 Newbie

D4n100

Opublikowano
  • Autor
Opublikowano

Ostatni raz go updatowałem chyba w niedzielę.

 

@ EDIT

 

6 razy uruchomiłem ten skrypt, ciągle się zawiesza. Dr web nic nie wykrył.

 

@ EDIT2

 

Format zrobiony, komp w serwisie. Do zamknięcia.

Z powodu licznych hejtów w moją stronę, nie będę korzystał więcej z tego konta (prawdopodobnie z forum też). Haters gonna hate...

Nezvik Newbie

Nezvik

Opublikowano
Opublikowano

Możesz tak zrobić. Tylko tak. Płyta główna nigdy nie spali zasilacza, tylko odwrotnie. Jeśli komp się tak ciągle spala, to znaczy, że zasilacz to szrot i trzeba go wymienić. Z badsectorami w dysku nic się nie zrobi, więc i tak trzeba go oddać na gwarancje. 

Nezvik Newbie

Nezvik

Opublikowano
Opublikowano

Nic dziwnego. Zmiany mogą już byś tak daleko, że nie uda się uchronić komputera. Mogłeś napisać wcześniej. Neshta to syf. Prawdopodobnie będziesz musiał zrobić format, ale tylko wtedy jak to napiszę.

Nezvik Newbie

Nezvik

Opublikowano
Opublikowano

Dnalo miał wziąć ten temat. Wirus netshta jest ciężki. W OTL na dole wklej podany skrypt, następnie naciśnij wykonaj. Po restarcie komputera pojawi się log, który wrzuć na forum. Po tym wstaw nowe logi FRST.

Robiłeś pełne skanowanie programem Dr. Web. Cure it!? Wykonuj je do momentu wykrycia 0 zagrożeń, a jeśli coś zostanie to podaj ścieżki zarażonych plików. Zarażone pliki LECZ, a nie usuwaj.

To jest ukryta treść, proszę

Zarchiwizowany

Ten temat przebywa obecnie w archiwum. Dodawanie nowych odpowiedzi zostało zablokowane.

Pytania
×
×
  • Dodaj nową pozycję...