kubas

I think that now works everything. Even that thing with proxy. Thank You for help

So we dont do anything with this proxy thing?

I couldnt connect to most of sites I tried. For example to that bleepingcomputer.com or polish news sites. But I can connect to this forum and facebook. I dont mind if there will be proxy if everyting will be ok and safe. Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01Ran by Kuba at 2015-07-02 21:32:02 Run:3Running from C:\Users\Kuba\DownloadsLoaded Profiles: Kuba (Available Profiles: Kuba)Boot Mode: Normal============================================== fixlist content:*****************StartFirewallRules: [{7E6E9DC8-09C6-4F09-a3FA-BB3715E8B3A7}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXEFirewallRules: [{FD14DB2D-91F5-4833-A2DC-F767DCCCA8E1}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXEFirewallRules: [{BD0C0999-5A63-464E-A1FB-59EB0CEFB34E}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXEFirewallRules: [{A038116F-7F3E-41B3-A50F-960A289DC964}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXEFirewallRules: [{914C2546-31A8-43CC-B755-464C36A03C19}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXEEmptytemp:End***************** HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E6E9DC8-09C6-4F09-a3FA-BB3715E8B3A7} => value removed successfullyHKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD14DB2D-91F5-4833-A2DC-F767DCCCA8E1} => value removed successfullyHKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD0C0999-5A63-464E-A1FB-59EB0CEFB34E} => value removed successfullyHKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A038116F-7F3E-41B3-A50F-960A289DC964} => value removed successfullyHKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{914C2546-31A8-43CC-B755-464C36A03C19} => value removed successfullyEmptyTemp: => 635.1 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 21:32:13 ====

SystemLook 30.07.11 by jpshortstuff Log created at 20:23 on 02/07/2015 by Kuba Administrator - Elevation successful ========== filefind ========== Searching for "evoiavi.EXE" No files found. -= EOF =- After removing proxy i couldnt connect to many webstites. I had checkmarked box "Use proxy server for LAN" but no adress in it and then i couldnt connect to websites. http://i.gyazo.com/1b99631d0bcbd2f659e514438a0d53a0.png After that I have changed it to "Automatically detect settings" so maybe thats why there is this proxy server. So i dont know this proxy, it is setted up automatically

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01 Ran by Kuba at 2015-07-02 17:28:07 Running from C:\Users\Kuba\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1149661289-1221717445-1824185903-500 - Administrator - Disabled) Gość (S-1-5-21-1149661289-1221717445-1824185903-501 - Limited - Disabled) Kuba (S-1-5-21-1149661289-1221717445-1824185903-1000 - Administrator - Enabled) => C:\Users\Kuba ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Smart Security 8.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «Portal 2» 2.0.0.1 (HKLM-x32\...\Portal 2_is1) (Version: 2.0.0.1 - VALVE) 010 Editor 6.0.1 (64-bit) (HKLM\...\010 Editor_is1) (Version: - SweetScape Software) A Game of Dwarves (HKLM-x32\...\A Game of Dwarves_is1) (Version: - ) Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.0 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated) Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios) Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version: - Triumph Studios) AMD Catalyst Install Manager (HKLM\...\{F37C2975-92EA-59CA-59E6-50E56F0E76DD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Anki (HKLM-x32\...\Anki) (Version: - ) Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce) Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG) ASRock eXtreme Tuner v0.1.268 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - ) ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - ) ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.) ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.) Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.1.149.0 - Autodesk) Autodesk 3ds Max 2015 (Version: 17.1.149.0 - Autodesk) Hidden Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk) Autodesk 3ds Max 2015 SP1 (HKLM\...\Autodesk 3ds Max 2015 SP1) (Version: 17.1.149.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk) Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk) Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk) Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden Autodesk DirectConnect 2015 64-bit Hotfix1 (HKLM\...\Autodesk DirectConnect 2015 64-bit_9001) (Version: 9.0.56.4 - Autodesk) Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0.2 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.166.0 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.166.0 - Autodesk) Hidden Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC) Banished 1.0.4 (HKLM-x32\...\Banished_is1) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth) Bitwa o Śródziemie™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - ) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.) Car Mechanic Simulator 2015 (HKLM-x32\...\Car Mechanic Simulator 2015_is1) (Version: - ) Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth) Cities in Motion 2 (HKLM-x32\...\Steam App 225420) (Version: - Colossal Order Ltd.) Cities in Motion 2 v1.6.3.8 (HKLM-x32\...\{C4B6EF4A-DC9C-4D67-BDBD-6BF3BC84F0BF}_is1) (Version: 1.6.3.8 - Paradox Interactive) Cities XL Platinum (HKLM-x32\...\Cities XL Platinum_is1) (Version: - ) Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order) Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - ) Company of Heroes (HKLM-x32\...\Steam App 4560) (Version: - Relic Entertainment) Company of Heroes 2 - Beta (HKLM-x32\...\Steam App 317170) (Version: - ) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Company of Heroes: Opposing Fronts (HKLM-x32\...\Steam App 9340) (Version: - Relic Entertainment) Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version: - Relic Entertainment) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Craft The World (HKLM-x32\...\Steam App 248390) (Version: - Dekovir Entertainment) Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.44 - Creative Technology Limited) Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited) Creative AutoMode Switcher (HKLM-x32\...\Creative AutoMode Switcher) (Version: 1.00 - Creative Technology Limited) Creative Console Launcher (HKLM-x32\...\Console Launcher) (Version: 2.61 - Creative Technology Limited) Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited) Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited) Creeper World 3: Arc Eternal (HKLM-x32\...\Steam App 280220) (Version: - Knuckle Cracker) Dassault Systemes Software B18 (HKLM\...\Dassault Systemes B18_0) (Version: - ) Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{82B2394D-F5CC-42F0-8DC1-48B3CAA382CC}) (Version: 8.0.2 - Dassault Systemes) Deathtrap (HKLM-x32\...\Deathtrap_is1) (Version: - NeocoreGames) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dominions 4 (HKLM-x32\...\Steam App 259060) (Version: - Illwinter Game Design) Door Kickers (HKLM-x32\...\1207666463_is1) (Version: 2.0.0.1 - GOG.com) Dragon Age Inquisition version 1.1.0 (HKLM-x32\...\Dragon Age Inquisition_is1) (Version: 1.1.0 - dzrepack) Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts) Dragon UnPACKer 5 (HKLM-x32\...\DragonUnPACKer5_is1) (Version: 5.7.0 Beta - Alexandre Devilliers (aka Elbereth)) Dropbox (HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.) DuckTales Remastered (HKLM-x32\...\RHVja1RhbGVzUmVtYXN0ZXJlZA==_is1) (Version: 1 - ) Duel of Champions (HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\MMDoC-PDCLive) (Version: - Ubisoft) Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios) DXGL Wrapper (HKLM-x32\...\GLWRAPPER) (Version: - ) Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts) Electronic Arts Product Registration (x32 Version: 1.01.0000 - Electronic Arts) Hidden ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) ESET Smart Security (HKLM\...\{F3D78BA2-A8C6-40A3-AEBB-25D8FA49BB9A}) (Version: 8.0.312.4 - ESET, spol s r. o.) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: - ) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.) GemCraft - Chasing Shadows (HKLM-x32\...\Steam App 296490) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: 1.0 - Релиз от R.G. Steamgames) Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games) Grey Goo v.1.0.u2 (HKLM-x32\...\Grey Goo_is1) (Version: - ) GRID (HKLM-x32\...\Steam App 12750) (Version: - Codemasters Studios) Gyazo 2.4 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) Hand of Fate (HKLM-x32\...\1424100574_is1) (Version: 2.0.0.1 - GOG.com) Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version: - ) Harry Potter TM (HKLM-x32\...\{3F50AF3B-8997-4916-0095-99D63DDB785A}) (Version: - ) Impka 2.0.18 (HKLM-x32\...\Impka_is1) (Version: - indevIT) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation) Intel® Smart Connect Technology 2.0 x64 (HKLM\...\{12ABC13D-6540-483D-92B9-30CE1667B002}) (Version: 2.0.1083.0 - Intel) Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) KeyShot 5 64 bit (HKLM-x32\...\KeyShot 5_64) (Version: 5.0 64 bit - Luxion ApS) King Arthur II - The Role-playing Wargame (HKLM-x32\...\Steam App 24480) (Version: - NeocoreGames) Knights of Honor (HKLM-x32\...\Knights of Honor) (Version: 1.05 - ) Król Nazguli™ (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - ) LDraw Parts Library 2014-01 (HKLM-x32\...\{DED4B209-F114-4D85-BADB-2D702B15D2D7}_is1) (Version: - LDraw.org) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden LEGO® Harry Potter™: Years 1-4 (HKLM-x32\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games) LeoCAD (HKLM-x32\...\LeoCAD) (Version: - ) Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios) Magicka: Wizards of the Square Tablet (HKLM-x32\...\Steam App 247580) (Version: - Ludosity) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment) Men of War: Assault Squad 2 (HKLM-x32\...\TWVub2ZXYXJBc3NhdWx0U3F1YWQy_is1) (Version: 1 - ) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Might and Magic Heroes VII Beta (HKLM-x32\...\Uplay Install 1877) (Version: - Ubisoft) Mozilla Firefox 38.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 pl)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) OLYMPUS Digital Camera Updater (HKLM-x32\...\{D18925CE-5AF9-4394-8EF7-1081FFE7E98B}) (Version: 1.2.0 - OLYMPUS IMAGING CORP.) OLYMPUS Viewer 3 (HKLM-x32\...\{144CB8BE-46E5-43AE-ADBB-CCC7AB4E0649}) (Version: 1.4.2 - OLYMPUS IMAGING CORP.) OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) OpenTTD 1.5.1 (HKLM-x32\...\OpenTTD) (Version: 1.5.1 - OpenTTD) Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software) Order of Battle: Pacific Update 1.6.7 (HKLM-x32\...\T3JkZXJvZkJhdHRsZVBhY2lmaWM=_is1) (Version: 1 - ) Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.) Patrician 3 (HKLM-x32\...\Patrician 3_is1) (Version: - GOG.com) Patrician IV Gold Edition (HKLM-x32\...\Patrician IV Gold Edition_is1) (Version: - ) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com) PIT Format 2014 (HKLM-x32\...\PIT Format 2014_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) PowerISO wersja 6.1 (HKLM-x32\...\PowerISO_is1) (Version: 6.1 - ) Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software) Pytacz Master 5 (HKLM-x32\...\{0D2B124C-8E6B-4427-BC36-68676507D5F3}_is1) (Version: 5.3.2 - MichalJe) Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Revo Uninstaller Pro wersja 3.1.0 (HKLM\...\Revo Uninstaller Pro_is1) (Version: 3.1.0 - ) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Setup - The SIMS 4 Deluxe Edition ... (HKLM-x32\...\Setup - The SIMS 4 Deluxe Edition ...) (Version: ... - Electronic Arts) SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts) SketchUp 2015 (HKLM\...\{90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}) (Version: 15.0.9350 - Trimble Navigation Limited) SL-6555-SBK (HKLM-x32\...\{7AB86D35-DF3B-407F-B43E-468345DABF29}) (Version: 1.00.0000 - GASIA) Sleeping Dogs: Definitive Edition (HKLM-x32\...\Steam App 307690) (Version: - United Front Games) SolidWorks 2013 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20130-40000-1100-100) (Version: 21.0.0.5024 - SolidWorks Corporation) SolidWorks 2013 x64 Edition SP0 (Version: 21.100.5024 - SolidWorks) Hidden SolidWorks 2013 x64 Polish Resources (Version: 21.100.5024 - SolidWorks) Hidden SolidWorks eDrawings 2013 x64 Edition SP0 (Version: 13.0.5016 - Dassault Systemes SolidWorks Corp) Hidden SolidWorks Explorer 2013 SP0 x64 Edition (Version: 21.00.5024 - SolidWorks Corporation) Hidden SolidWorks Plastics 2013 SP0 x64 Edition (Version: 21.00.5024 - SolidWorks Corporation) Hidden SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games) SpellForce 2 - Shadow Wars (HKLM-x32\...\SpellForce 2 - Shadow Wars_is1) (Version: - GOG.com) Spelunky (HKLM-x32\...\Steam App 239350) (Version: - ) STATISTICA TRIAL PL 12.5.192.18 (64-bit) (HKLM\...\{59C69694-86AD-4963-8FF8-74F390403535}) (Version: 12.5.192.18 - StatSoft, Inc.) STATNOVAPDF (novaPDF 7.7 printer) (HKLM\...\STATNOVAPDF_is1) (Version: - Softland) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Supreme Ruler Ultimate (HKLM-x32\...\Supreme Ruler Ultimate_is1) (Version: - ) Tablet Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6-3 - Wacom Technology Corp.) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer) TerraTech (HKLM-x32\...\Steam App 285920) (Version: - Payload Studios) The Sims 4 (HKLM-x32\...\The Sims 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm) The Sims 4 Update v1.3.32.1010 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD PROJEKT RED) The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD PROJEKT RED) Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts) Theme Hospital (HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\Theme Hospital) (Version: - ) THX Setup Console (HKLM-x32\...\THX_Console_Unicode) (Version: - ) Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version: - Days of Wonder) TNC620 (817604) (HKLM-x32\...\{A467864C-61FC-4859-9046-A0DE670FDB16}) (Version: 1.3.0 - HEIDENHAIN) TNC640 (340594) (HKLM-x32\...\{C9D98105-ABA6-493D-A40F-86263485E072}) (Version: 4.5.0 - HEIDENHAIN) Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly) Train Fever (HKLM-x32\...\Steam App 304730) (Version: - Urban Games) Trains and Trucks Tycoon (HKLM-x32\...\{ED83A136-0255-11D5-ABDE-00E07D81F9B8}) (Version: - ) Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts) Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft) Valkyria Chronicles (HKLM-x32\...\Valkyria Chronicles_is1) (Version: - ) Valkyria Chronicles DLC Pack (HKLM-x32\...\VmFsa3lyaWFDaHJvbmljbGVz_is1) (Version: 1 - ) VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Volume Panel (HKLM-x32\...\Creative Volume Panel) (Version: 2.21 - Creative Technology Limited) Wargame - Airland Battle (HKLM-x32\...\Wargame - Airland Battle_is1) (Version: - ) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) Worms Revolution (HKLM-x32\...\Worms Revolution_is1) (Version: - ) x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - ) XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn) XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.) XLNation User Interface Mod (HKLM-x32\...\{94BE8E03-7E88-4747-868D-E3BB7ABF1D05}) (Version: 1.79.9 - Altiris) Ziggurat (HKLM-x32\...\Ziggurat_is1) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) ==================== Restore Points ========================= 27-06-2015 15:28:39 Zainstalowany program DirectX 01-07-2015 17:33:35 Removed globalupdate Helper 01-07-2015 19:08:42 Zainstalowany program DirectX 9.0 01-07-2015 21:31:12 Zainstalowany program DirectX 01-07-2015 21:33:26 Zainstalowany program DirectX ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {19CA59E2-2A42-425C-80FC-E971E0E8C8BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-01] (Google Inc.) Task: {366E2700-8E71-458E-A6BA-FABB8C8640EC} - System32\Tasks\{752F5C14-D134-49EB-AEA9-4E26A3C3CAF0} => pcalua.exe -a "C:\Users\Kuba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NISJP4H1\Firefox%20Setup%20Stub%2033.1[1].exe" -d C:\Users\Kuba\Desktop Task: {4EC7D0E4-A77D-4A92-BF30-D7FE79F37DC8} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {6A4D0715-262A-478C-9B53-DB8BD2B2EE1C} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-16] (Microsoft Corporation) Task: {72C627B9-8815-4CE3-968B-2C0A696664AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-29] (Adobe Systems Incorporated) Task: {78894A09-5ABF-41EE-84F3-BC0C676D1EA4} - System32\Tasks\Opera scheduled Autoupdate 1418931874 => d:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software) Task: {7D207B80-4FAC-4800-A55E-40DC76381354} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000Core => C:\Users\Kuba\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.) Task: {A1E61387-E3DA-4CFF-897C-D6B9C811331D} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe Task: {A223B401-8F26-4303-9C6F-0F34F849FC8D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {AECF0A82-8109-4AA6-861D-16DBAD81C24E} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {B4A03E12-18B3-43A4-8934-D60C86C73899} - System32\Tasks\{05D3C354-9436-41CB-9E60-E85480DD8D73} => pcalua.exe -a H:\autorun.exe -d H:\ Task: {BB8A0286-FE69-4898-B181-221805300DFC} - System32\Tasks\{286C3275-9585-401E-B1A0-9E0238932E58} => E:\Program Files (x86)\Kalypso Media\PortRoyale3_Extract.exe [2012-05-20] () Task: {CAED5061-53F5-4EC7-9F15-7E61BAC9A855} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {CBBF7255-9101-42E7-A98A-E62A6E23FEA7} - System32\Tasks\{D4E3833C-FFFE-4BE5-BE8B-AC3833B63838} => pcalua.exe -a "E:\Program Files (x86)\GOG.com\Patrician 3\P3Setup.exe" -d "E:\Program Files (x86)\GOG.com\Patrician 3" Task: {D85B691E-9C99-46D8-A93D-A7B68F98800A} - System32\Tasks\AdobeAAMUpdater-1.0-Kuba-Komputer-Kuba => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {E11FAD57-E198-4E7B-B9CE-B3DF006D0CE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-01] (Google Inc.) Task: {F26EA33E-B76F-4ED3-A1DE-44BE1EC3C0AB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000UA => C:\Users\Kuba\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000Core.job => C:\Users\Kuba\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000UA.job => C:\Users\Kuba\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (Whitelisted) ============== 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-15 01:12 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2012-02-09 17:26 - 2012-02-09 17:26 - 00133632 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe 2012-02-09 17:26 - 2012-02-09 17:26 - 00048128 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll 2012-02-09 17:26 - 2012-02-09 17:26 - 00036864 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetDetect.dll 2014-11-01 00:27 - 2014-11-01 00:27 - 00183488 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2012-04-16 15:45 - 2012-04-16 15:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe 2014-11-13 20:23 - 2009-03-26 15:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL 2014-11-19 20:58 - 2015-04-16 19:40 - 00776192 _____ () e:\Program Files (x86)\Steam\SDL2.dll 2015-02-05 15:56 - 2015-04-23 04:16 - 04962816 _____ () e:\Program Files (x86)\Steam\v8.dll 2015-02-05 15:56 - 2015-04-23 04:16 - 01556992 _____ () e:\Program Files (x86)\Steam\icui18n.dll 2015-02-05 15:56 - 2015-04-23 04:16 - 01187840 _____ () e:\Program Files (x86)\Steam\icuuc.dll 2014-11-19 20:58 - 2015-06-04 20:56 - 02407104 _____ () e:\Program Files (x86)\Steam\video.dll 2014-11-19 20:58 - 2014-12-01 23:31 - 02396672 _____ () e:\Program Files (x86)\Steam\libavcodec-56.dll 2014-11-19 20:58 - 2014-12-01 23:31 - 00442880 _____ () e:\Program Files (x86)\Steam\libavutil-54.dll 2014-11-19 20:58 - 2014-12-01 23:31 - 00479744 _____ () e:\Program Files (x86)\Steam\libavformat-56.dll 2014-11-19 20:58 - 2014-12-01 23:31 - 00332800 _____ () e:\Program Files (x86)\Steam\libavresample-2.dll 2014-11-19 20:58 - 2014-12-01 23:31 - 00485888 _____ () e:\Program Files (x86)\Steam\libswscale-3.dll 2014-11-19 20:58 - 2015-06-04 20:56 - 00703168 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL 2014-12-26 11:43 - 2015-07-01 18:57 - 01007104 _____ () E:\Program Files (x86)\Origin\platforms\qwindows.dll 2014-12-26 11:43 - 2015-07-01 18:56 - 00023552 _____ () E:\Program Files (x86)\Origin\imageformats\qgif.dll 2014-12-26 11:43 - 2015-07-01 18:56 - 00024576 _____ () E:\Program Files (x86)\Origin\imageformats\qico.dll 2014-12-26 11:43 - 2015-07-01 18:56 - 00216576 _____ () E:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2014-12-26 11:43 - 2015-07-01 18:56 - 00261120 _____ () E:\Program Files (x86)\Origin\imageformats\qmng.dll 2014-12-26 11:43 - 2015-07-01 18:56 - 00019456 _____ () E:\Program Files (x86)\Origin\imageformats\qtga.dll 2014-12-26 11:43 - 2015-07-01 18:56 - 00337408 _____ () E:\Program Files (x86)\Origin\imageformats\qtiff.dll 2014-12-26 11:43 - 2015-07-01 18:56 - 00018944 _____ () E:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2014-12-26 11:43 - 2015-07-01 18:57 - 00228352 _____ () E:\Program Files (x86)\Origin\mediaservice\wmfengine.dll 2014-11-19 20:58 - 2015-05-11 21:01 - 36302728 _____ () E:\Program Files (x86)\Steam\bin\libcef.dll 2015-05-14 22:11 - 2015-05-11 21:01 - 08958344 _____ () E:\Program Files (x86)\Steam\bin\pdf.dll 2015-06-05 14:39 - 2015-06-05 14:39 - 41329952 _____ () E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll 2015-06-05 14:39 - 2015-06-05 14:39 - 41329952 _____ () e:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll 2015-06-05 14:39 - 2015-06-05 14:39 - 09588000 _____ () e:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\pdf.dll 2011-08-15 21:12 - 2011-08-15 21:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll 2011-08-15 21:15 - 2011-08-15 21:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll 2011-08-17 17:41 - 2011-08-17 17:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll 2011-08-17 17:48 - 2011-08-17 17:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll 2012-04-16 12:42 - 2012-04-16 12:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll 2011-08-15 21:12 - 2011-08-15 21:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll 2011-08-17 17:48 - 2011-08-17 17:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll 2011-08-15 20:23 - 2011-08-15 20:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll 2012-04-16 12:41 - 2012-04-16 12:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll 2012-04-16 12:56 - 2012-04-16 12:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2012-04-16 12:38 - 2012-04-16 12:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll 2011-07-19 17:05 - 2011-07-19 17:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll 2011-07-19 17:04 - 2011-07-19 17:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll 2011-08-15 21:17 - 2011-08-15 21:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-07-01 17:39 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll 2015-07-01 17:39 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll 2015-07-01 17:39 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: 217.172.224.160 - 89.231.1.206 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{4B3245CE-E8FE-4711-A48A-C2E248EE3922}] => (Allow) LPort=54925 FirewallRules: [{607D5EFC-AA2B-4941-BCF9-E8F3E600E05F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F3452563-282D-46BF-8D58-96FB48E8ED2B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{38E51370-8BB1-4BB9-B2EA-2A452C2E6F09}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F7AF9880-E055-4D14-A9E9-948B095060AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C67DB698-49B1-43CB-BD55-941F4E4197D0}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe FirewallRules: [{1CF3CE1F-4A32-4E58-845A-61F9B6DE13BC}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe FirewallRules: [{145DE055-1694-4DCB-A974-251FC5A60E12}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe FirewallRules: [{9E7CA784-FE85-41E6-BFAD-B7B936B2272D}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe FirewallRules: [{036F52E8-45FA-4725-8128-C1AB2660C24E}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe FirewallRules: [{98BAE858-2C36-41F5-96CF-24FB31284B4D}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe FirewallRules: [{15BBF73C-BFF3-4F75-81D4-FEE914E5B2BE}] => (Allow) D:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{D8687349-C7D5-43CB-B455-55CBBA58AFAB}] => (Allow) D:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{CBCF0B8D-908C-4403-B217-0D4BFD515E85}] => (Allow) C:\Users\Kuba\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{E4A17B95-99BF-441F-B178-6CD9818D06A4}] => (Allow) C:\Users\Kuba\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{03683E42-2BB7-4BC6-875F-5D909E02CE4D}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A79E32FB-756E-451F-91CE-329FF3BE49C6}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7ECE8992-1D84-4DCE-A0BD-7CD0FC81913A}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DEB77D26-8BD2-48F1-B906-344270FA2CAD}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DDEBA640-A037-46B6-887F-939F1537BB33}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{CFE179F2-8231-461C-AE82-29ADE3C37BD7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{BF58C16D-0F7D-48AC-A0C7-23B4C469ED22}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grid\grid.exe FirewallRules: [{90C13255-DD78-45BC-A32F-555C55F81DC9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grid\grid.exe FirewallRules: [{D94D2ACB-BB8C-433A-AD6F-9865B61B7D2F}] => (Allow) E:\Games\Dragon Age\DAOriginsLauncher.exe FirewallRules: [{1B8E0B49-63BA-449F-AFD6-ECB9CBF31E54}] => (Allow) E:\Games\Dragon Age\DAOriginsLauncher.exe FirewallRules: [{8E8F6045-B091-42CE-97C2-6928E6E4A28E}] => (Allow) E:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe FirewallRules: [{0249BCC4-D810-4F4F-866E-AF6B5C3FD81F}] => (Allow) E:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe FirewallRules: [{2C6FEED9-7621-457C-B196-3701987D8DF8}] => (Allow) d:\Program Files\KeyShot5\bin\keyshot5.exe FirewallRules: [{C997A971-4D30-43EE-97ED-A1AD20F3956B}] => (Allow) d:\Program Files\KeyShot5\bin\keyshot_daemon.exe FirewallRules: [{A89B26DC-CC93-4F06-8D8A-3817837BAFDC}] => (Allow) E:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{D679AE2E-ABA2-4F3B-AA55-083258665EE8}] => (Allow) E:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{CE6EFE4D-9B3A-47D0-9DAA-E9BDC6B24651}] => (Allow) E:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{23F00BC8-5ABC-47D1-B132-64473A43854C}] => (Allow) E:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{BC2CB47E-1C59-4990-B52B-64410FFD8B92}] => (Allow) E:\Games\Dragon Age\bin_ship\daorigins.exe FirewallRules: [{6B1885FF-6FD1-418B-93D3-ABB8F1DF690C}] => (Allow) E:\Games\Dragon Age\bin_ship\daorigins.exe FirewallRules: [{45F781DA-0505-4F58-AF14-96C08F1A0F0E}] => (Allow) E:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{95E289F3-CEAB-4EEF-82AA-DB37C1C915DB}] => (Allow) E:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{0223EF3C-E686-4531-816C-4D606681417B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe FirewallRules: [{CC5D72FD-4763-491B-8769-1AF4793E232C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe FirewallRules: [{04D2F3A4-922F-46A7-B25E-C134737D595B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3.exe FirewallRules: [{FC1432B0-E3A0-4252-9760-ADA4591D94BD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3.exe FirewallRules: [{7259F08A-B777-4527-B5D9-3C8B0153D1A9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3_Debug.exe FirewallRules: [{604E8495-2AA1-4EF3-8797-E0861ABF2B3F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3_Debug.exe FirewallRules: [{8B714C14-98F7-4DAC-83C8-3088AA196455}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{16F81846-2414-4488-A17F-6A7F608EF502}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{87C022C7-8AEE-4606-9A51-5BDBB67FCF95}] => (Allow) E:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat FirewallRules: [{235ABB2C-4DA2-48F0-B5B5-77E677641DF5}] => (Allow) E:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat FirewallRules: [{38851F4A-E4CB-471B-9C01-D3C5F2434698}] => (Allow) E:\Program Files (x86)\Electronic Arts\Król Nazguli\game.dat FirewallRules: [{45C80CCE-1AC5-4579-BCD6-AA15C385B49E}] => (Allow) E:\Program Files (x86)\Electronic Arts\Król Nazguli\game.dat FirewallRules: [{367ED138-8ED4-4BF4-BA1B-CB52081A6AEB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe FirewallRules: [{1B9F9010-7855-401D-9392-369E2DB0285E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe FirewallRules: [{0651B92F-675B-4989-89EE-9391E5A1F012}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7A6C29DE-8AC9-409E-B06E-7FECD11B3D02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AAFEE9EA-777C-4E12-AE88-11FB802794E3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{95AF810A-04F1-4FE6-B765-1DAF5634C3E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{4CDEB0EC-A74C-4BDA-A777-2B6C6D3DE233}] => (Allow) E:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe FirewallRules: [{A41075A8-98AA-478C-96CB-59DDAC857954}] => (Allow) E:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe FirewallRules: [{C8A4D50C-E2B2-41C0-8F03-489F10245BF1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{BB4BFBC9-49DE-40CE-A820-88FC13CABC5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{41E15621-4941-4743-A5F0-6F997AB3738E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{84DCA3F8-5543-4B3B-913D-440B647CF5B8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{458EFE31-F02E-4D3C-B7D5-F2C61BB90FF9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities in Motion 2\CIM2.exe FirewallRules: [{8C8231B5-0108-4EA1-8BEC-3383FC98DD6D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities in Motion 2\CIM2.exe FirewallRules: [{257A10D0-3AF4-4A66-83F1-BB4819DA3E24}] => (Allow) E:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe FirewallRules: [{66EB2364-A029-4808-AF4F-EEE2E86F6F8D}] => (Allow) E:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe FirewallRules: [{1ABDBDE4-3F64-4066-ADAC-B7EDF9F725C9}] => (Allow) E:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe FirewallRules: [{120F3BF9-6BEA-42CF-BEB5-48EBF3FED042}] => (Allow) E:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe FirewallRules: [{018260FE-531E-4F45-9400-3039AFA88D5F}] => (Allow) E:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{1186A023-2D59-4640-ADA8-52B5E5AD5CCF}] => (Allow) E:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{E49BDF87-52B7-4D5A-B155-5523093DB980}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{3EDBC4DF-DB20-4222-A705-67E0DAEB1D28}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{15C9CD1A-A017-41BD-A4A0-BD5089A7CD89}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{5A0EAC91-2A39-48E0-BAE7-ED24CE8D99DF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{6F320C9B-D800-4A63-BD1F-DBFD937BCBC9}] => (Allow) D:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{65C75335-576E-42C1-8FFF-35FD12422FEE}] => (Allow) D:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{2E8BBA40-7E6E-4ADF-87D8-0B00AAB6A6F5}] => (Allow) D:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [{F787E07A-0C9D-46A6-91B1-9D5AAA45C0CA}] => (Allow) D:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [{B9C34821-3B52-497A-BCCE-8E56EF791A99}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{9D7B7EA6-2BFC-4878-AA3D-773B8CFEA60A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{11FB6F25-A55D-4DDA-A3F6-7DB57DF055BC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{9BECE8F2-6794-4234-9F7D-A749E088264B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{366CD1D2-0810-4324-B34C-CE8EE35779F3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\TerraTech Beta\TerraTechWin64.exe FirewallRules: [{EAE4C0A1-7BF4-4290-8D43-91B554B2E4A3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\TerraTech Beta\TerraTechWin64.exe FirewallRules: [{48A4CABB-2268-41B6-80CE-D28FC32B3845}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe FirewallRules: [{4CC6DF2D-3F10-466D-BE54-76A3C1CA2E83}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe FirewallRules: [{7C8CBE57-834C-4A16-B0DA-A7F6B4A4BCB4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\KingArthurII\KingArthurII.exe FirewallRules: [{FE941E09-34AA-4B1C-BAB7-D91D57B27061}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\KingArthurII\KingArthurII.exe FirewallRules: [{369180C8-94E4-4604-89BA-B5EC5755EB4D}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{597463BF-299D-44E6-B4AF-391144237A10}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{26CAC777-E8C8-48EF-A7A5-AEE07FC8E2C1}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{4945E03D-DEAF-499D-BECE-C2E427DE4259}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9B4CE312-C5A5-4D6E-BB04-A7BB0F6E1801}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe FirewallRules: [{6FF68EB1-419F-4E56-BA55-4FEC61EA6CE5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe FirewallRules: [{50259DE4-C7EB-44DA-800E-6E99376DAB87}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe FirewallRules: [{B1CD9D78-EFBF-46A2-ADEF-52FD952EB2F2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe FirewallRules: [{3B338015-DC32-45A2-B874-5A4A04349136}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe FirewallRules: [{438B9B55-BC88-4DC4-9466-62A3F4F08271}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe FirewallRules: [{64F501E0-1669-4E61-A300-528011A6E75E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{5A456824-DB7B-4255-8EE0-ECDA687105DD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{228F63CC-29C5-463C-9571-15C8D896E2DF}] => (Allow) E:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{F466F7D2-73F7-4BF3-8DC4-6CBC640DFD1F}] => (Allow) E:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{EEB9AA78-0E20-45A8-BA8B-9D0D0877BEC6}] => (Allow) E:\Games\Grey Goo\ClientLauncherG.cdx FirewallRules: [{C7364417-23E0-4C49-92B1-02DF986DC8DC}] => (Allow) E:\Games\Grey Goo\ClientLauncherG.cdx FirewallRules: [{550E0F9A-533F-4870-8F09-25AE19FA7C62}] => (Allow) E:\Games\Grey Goo\GooG.cdx FirewallRules: [{35293695-4F43-43E3-82F2-74DC660D1312}] => (Allow) E:\Games\Grey Goo\GooG.cdx FirewallRules: [{83004C98-E4A2-4E1E-92A5-4B1CF78FB09D}] => (Allow) E:\Games\Grey Goo\InstanceServerG.cdx FirewallRules: [{734A75EF-8781-4EDA-AB78-105DF9F937FF}] => (Allow) E:\Games\Grey Goo\InstanceServerG.cdx FirewallRules: [{97717030-C8B7-4A08-B073-BD5F022704BB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{5592F8BA-090D-4D52-8B6B-A11B1D90E385}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{3D3D33E1-3797-486A-966E-0F01A9DF8C77}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe FirewallRules: [{62A33B57-C8C7-4EB1-9168-FD194F35F6B6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe FirewallRules: [{E0F5FBCE-7C18-4E31-B371-82EAAFC0FA94}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2 - Beta\RelicCoH2.exe FirewallRules: [{EEB1286C-1ABE-4912-8B4D-661277388C38}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2 - Beta\RelicCoH2.exe FirewallRules: [{FEED9DA6-86AA-4EFF-AB19-E62410C67A1C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes\RelicCOH.exe FirewallRules: [{839B55C8-56B2-4830-9CFB-24926BB4D4BD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes\RelicCOH.exe FirewallRules: [{FF29A07C-9F45-4394-9A24-17D34125A67E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{3D8C3FD7-B76F-4419-A662-F02E919AB5D7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{73AD9650-28A8-4AB8-878E-A6E006CB5728}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{F6C4EE5B-7F93-4ECD-83DE-59030B2172C4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{B74C00D9-E267-438B-9B4A-11533CD12F89}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{12672488-B0D2-43C2-9CEF-6112C4D9E392}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{C19AF0C4-8CC3-477D-A2D3-D33E5196F39A}] => (Allow) LPort=1688 FirewallRules: [{4F4E4296-5C50-4F70-ABAD-8AAEA91B547D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Creeper World 3\CW3.exe FirewallRules: [{A1A307D6-B5E2-4595-89C4-6CFEE43D51E8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Creeper World 3\CW3.exe FirewallRules: [{68077BAF-8CB9-4B8A-AFE9-3F50165EDFA5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe FirewallRules: [{97EBF91A-1203-429C-B957-562426C51C90}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe FirewallRules: [{194B76B8-42B2-47F6-A962-F54D7FFC06B1}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dominions4\Dominions4.exe FirewallRules: [{8C3C1173-B4C0-4939-8BAD-33E98AB7C966}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dominions4\Dominions4.exe FirewallRules: [{3438E433-5619-4E59-85E4-87B1F5EB877E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe FirewallRules: [{C00D0B12-6716-473A-ACBF-74CDF82262A6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe FirewallRules: [{221E1DEE-CE5E-4FC9-B2A6-308917E3BA17}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe FirewallRules: [{19C4F7A6-DB3D-491E-9F11-43994FC62EEF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe FirewallRules: [{EA1493A7-A081-44B1-94EC-2E2E0E15B35B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Train Fever\TrainFever.exe FirewallRules: [{76111F17-3610-4558-9202-DDC138224AE4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Train Fever\TrainFever.exe FirewallRules: [{1BDD97BA-8336-4EF6-837A-A65926353487}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe FirewallRules: [{86FF5AB4-A39E-4362-93F8-E6233A023EF6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe FirewallRules: [{15185ABB-44D2-4BB8-B753-6B0C05B82453}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{7BA95EAD-3FAF-4188-9C5D-96E570EB0C8A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{23DB13FC-0D13-4DF3-B43C-A30AB9DC10A4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe FirewallRules: [{8A5EA8D9-5DD0-47C1-A203-C420FCA9808D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe FirewallRules: [{B2667E25-8FD7-49E7-B95D-CF90A5FDD018}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe FirewallRules: [{59B21C53-52D9-4CC4-B5AF-D51F100AC21E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe FirewallRules: [{686A9CB3-8C99-4620-A5BB-2E365B327EBB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe FirewallRules: [{E7C09A64-FB80-4BAC-BB3A-8E6E8B2CFCAD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe FirewallRules: [{AD62234D-087D-4415-B65C-F9B53DDE1274}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe FirewallRules: [{9EDCAF4B-A2D0-41F1-8EFE-679C8A29FD06}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe FirewallRules: [{BAD8071F-CD54-4744-8BF4-72A65F82B34B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe FirewallRules: [{A0836661-070E-4243-B5E8-C5588F9EE742}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe FirewallRules: [{37916415-58BE-412F-8CF6-70C99EC21F62}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{5A52E8F8-043A-4C33-9D97-ED71CE5D76D6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{3EDE206A-7CC3-4AB2-8CD0-BF8108263219}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{24AE150C-967A-466E-923A-F96A5D44C68B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{C301B92F-B6D8-4F59-BD35-EC7874948B41}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{1A24FFB4-D6CE-4A3B-B059-54A034A7C53B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{99E0CB6D-3B11-4B99-A042-38D5E82331AF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe FirewallRules: [{FE857ABF-C744-4BCD-9C84-DF9E7CA59891}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe FirewallRules: [{13880CF9-BE99-4D33-85CA-A0973557A076}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe FirewallRules: [{FABE9325-5D9A-4FE5-BCB2-B44812CB0386}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe FirewallRules: [{14DB8DF2-E254-4CA8-9D6D-60C51B3D2C71}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe FirewallRules: [{8C8B1B4C-5D28-40E4-88E9-5E15F533EB51}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe FirewallRules: [{BC6963E8-77B2-4819-9111-AECDA5A6150A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\MagickaWotST\iMagicka.exe FirewallRules: [{C624A54F-A8CD-47F1-9136-6675A5429F4F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\MagickaWotST\iMagicka.exe FirewallRules: [{039A923A-3803-4D24-9392-39C7B7E3DF9A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{F87D9E4D-2857-4F01-8085-6947EAB9CD5F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{B961D848-4D92-4AD2-9C72-98D1503F1BCE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe FirewallRules: [{2DF67460-9D47-4669-B025-2094FC1015D9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe FirewallRules: [{7E6E9DC8-09C6-4F09-a3FA-BB3715E8B3A7}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXE FirewallRules: [{FD14DB2D-91F5-4833-A2DC-F767DCCCA8E1}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXE FirewallRules: [{BD0C0999-5A63-464E-A1FB-59EB0CEFB34E}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXE FirewallRules: [{A038116F-7F3E-41B3-A50F-960A289DC964}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXE FirewallRules: [{914C2546-31A8-43CC-B755-464C36A03C19}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXE FirewallRules: [{32D92A8D-7CE6-4BEF-8EEA-FB7C9FAC1CE5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/01/2015 10:03:11 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/01/2015 10:00:07 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/01/2015 05:44:29 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (07/01/2015 05:26:10 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 11:42:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 999 Error: (06/30/2015 11:42:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 999 Error: (06/30/2015 11:42:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/30/2015 09:18:06 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 System errors: ============= Error: (07/01/2015 09:56:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: %%1275 Error: (07/01/2015 09:56:55 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\Users\Kuba\AppData\Local\Temp\ehdrv.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (07/01/2015 09:56:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: %%1275 Error: (07/01/2015 09:56:54 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\Users\Kuba\AppData\Local\Temp\ehdrv.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (07/01/2015 09:56:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: %%1275 Error: (07/01/2015 09:56:54 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\Users\Kuba\AppData\Local\Temp\ehdrv.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (07/01/2015 09:56:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: %%1275 Error: (07/01/2015 09:56:54 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\Users\Kuba\AppData\Local\Temp\ehdrv.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (07/01/2015 09:56:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: %%1275 Error: (07/01/2015 09:56:53 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\Users\Kuba\AppData\Local\Temp\ehdrv.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Microsoft Office: ========================= Error: (07/01/2015 10:03:11 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Kuba\Downloads\esetsmartinstaller_enu.exe Error: (07/01/2015 10:00:07 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (07/01/2015 05:44:29 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (07/01/2015 05:26:10 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 11:42:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 999 Error: (06/30/2015 11:42:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 999 Error: (06/30/2015 11:42:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/30/2015 09:18:06 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 CodeIntegrity Errors: =================================== Date: 2015-05-21 19:33:33.696 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\mc2959C.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-21 19:33:33.665 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\mc2959C.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-21 20:30:11.488 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\mc2D339.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-21 20:30:11.419 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\mc2D339.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-13 14:54:09.668 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-13 14:54:09.615 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-13 13:31:01.682 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-13 13:31:01.604 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-12 22:34:23.078 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-12 22:34:23.000 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel® Core i5-3350P CPU @ 3.10GHz Percentage of memory in use: 80% Total physical RAM: 8140.81 MB Available physical RAM: 1569 MB Total Pagefile: 16279.83 MB Available Pagefile: 7856.15 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:146.48 GB) (Free:57.89 GB) NTFS Drive d: () (Fixed) (Total:117.19 GB) (Free:91.06 GB) NTFS Drive e: () (Fixed) (Total:667.74 GB) (Free:126.73 GB) NTFS Drive j: (USB DISK) (Removable) (Total:3.61 GB) (Free:2.33 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 77BCF882) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=117.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=667.7 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 3.6 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=3.6 GB) - (Type=0B) ==================== End of log ============================

I didnt notice any issues so far. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01Ran by Kuba (administrator) on KUBA-KOMPUTER on 02-07-2015 17:27:36Running from C:\Users\Kuba\DownloadsLoaded Profiles: Kuba (Available Profiles: Kuba)Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe(Electronic Arts) E:\Program Files (x86)\Origin\Origin.exe(Electronic Arts) E:\Program Files (x86)\Origin\OriginClientService.exe(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Ubisoft) E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe(Ubisoft) E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe() C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe(Microsoft Corporation) C:\Windows\System32\taskmgr.exe(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe(Microsoft Corporation) C:\Windows\System32\prevhost.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Farbar) C:\Users\Kuba\Downloads\FRST64 (1).exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2014-11-13] (FNet Co., Ltd.)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)HKLM-x32\...\Run: [VolPanel] => d:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd)HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)HKLM-x32\...\Run: [PWRISOVM.EXE] => d:\Program Files (x86)\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd)HKLM-x32\...\Run: [bCSSync] => D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-31] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [OV3_Monitor] => d:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [55664 2015-02-05] (OLYMPUS IMAGING CORP.)HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\Run: [OV3_Monitor] => D:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [420208 2015-02-05] (OLYMPUS IMAGING CORP.)HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\Run: [Dropbox Update] => C:\Users\Kuba\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-15] (Microsoft Corporation)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk [2014-11-15]ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Pobieracz w tle.lnk [2014-11-15]ShortcutTarget: SolidWorks Pobieracz w tle.lnk -> C:\Program Files (x86)\Common Files\Menedżer instalacji SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-17]ShortcutTarget: Dropbox.lnk -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No FileShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No FileShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No FileShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No FileShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [s-1-5-21-1149661289-1221717445-1824185903-1000] => http=127.0.0.1:9880HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.comHKU\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehpSearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000 -> {390B3803-824C-412d-AFFB-CA53EA1E25C4} URL = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms}BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)BHO: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> D:\Program Files\StatSoft\STATISTICA 12 Trial\StaBHO.dll [2015-01-12] (StatSoft, Inc.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-06] (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)BHO-x32: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> D:\Program Files\StatSoft\STATISTICA 12 Trial\Support\StaBHO.dll [2015-01-12] (StatSoft, Inc.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-06] (Oracle Corporation)Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206Tcpip\..\Interfaces\{3DD15206-C53D-44D4-B89D-35C1E7DC0E7F}: [DhcpNameServer] 217.172.224.160 89.231.1.206 FireFox:========FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\wexac792.defaultFF NetworkProxy: "type", 0FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-29] ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-29] ()FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-06] (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-06] (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)FF Plugin HKU\S-1-5-21-1149661289-1221717445-1824185903-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)FF Extension: Gmail Manager - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\wexac792.default\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi [2014-11-13]FF Extension: Adblock Plus - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\wexac792.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-13] Chrome: =======CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-01]CHR Extension: (Google Docs) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-01]CHR Extension: (Google Drive) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-01]CHR Extension: (YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-01]CHR Extension: (Adblock Plus) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-01]CHR Extension: (Google Search) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-01]CHR Extension: (Google Sheets) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-01]CHR Extension: (Google Wallet) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-01]CHR Extension: (Gmail) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-01] Opera: =======StartMenuInternet: (HKLM) OperaStable - d:\Program Files (x86)\Opera\Launcher.exe http://www.mystartsearch.com/?type=sc&ts=1435599324&z=91f859910ea880a6ecf7893g6z4ccw0w7tftdcco2z&from=wpc&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S029552395523 ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)S2 BBDemon; d:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [36864 2007-05-04] (Dassault Systemes) [File not signed]S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]S2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)S3 CoordinatorServiceHost; D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [76904 2012-09-28] (Dassault Systèmes SolidWorks Corp.)S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-11-13] (Creative Labs) [File not signed]S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-11-13] (Creative Labs) [File not signed]S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-12-19] (Creative Technology Ltd) [File not signed]R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation)R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)S2 MBAMService; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)S3 mi-raysat_3dsmax2015_64; D:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)R3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-01] (Electronic Arts)R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-11-01] ()S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-11-15] (SolidWorks) [File not signed]R2 TeamViewer; d:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)S2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-02-23] (ESET)U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-02-23] (ESET)R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-02-23] (ESET)R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-02-23] (ESET)R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-02-23] (ESET)R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-02-23] (ESET)R3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-05-26] (FNet Co., Ltd.)R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-11-13] (FNet Co., Ltd.)R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-06-30] (Malwarebytes Corporation)S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-09-05] (Razer Inc)R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-11-01] (Razer, Inc.)R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31912 2014-09-05] (Razer Inc)U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-06-30] ()R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-07-01] () ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-01 17:48 - 2015-07-01 17:48 - 00000000 ____D C:\Program Files (x86)\ESET2015-07-01 17:47 - 2015-07-01 17:47 - 02870984 _____ (ESET) C:\Users\Kuba\Downloads\esetsmartinstaller_enu.exe2015-07-01 17:46 - 2015-07-01 17:46 - 00001161 _____ C:\Users\Kuba\Desktop\JRT.txt2015-07-01 17:44 - 2015-07-01 17:44 - 00000207 _____ C:\Windows\tweaking.com-regbackup-KUBA-KOMPUTER-Windows-7-Professional-(64-bit).dat2015-07-01 17:44 - 2015-07-01 17:44 - 00000000 ____D C:\RegBackup2015-07-01 17:39 - 2015-07-02 16:44 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-07-01 17:39 - 2015-07-01 17:44 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-07-01 17:39 - 2015-07-01 17:39 - 00004040 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-07-01 17:39 - 2015-07-01 17:39 - 00003788 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-07-01 17:39 - 2015-07-01 17:39 - 00002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-07-01 17:39 - 2015-07-01 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-07-01 17:26 - 2015-07-01 17:44 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp2015-06-30 21:59 - 2015-06-30 21:59 - 17853688 _____ C:\Users\Kuba\Downloads\RogueKiller (1).exe2015-06-30 21:44 - 2015-06-30 21:49 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys2015-06-30 21:44 - 2015-06-30 21:48 - 00000000 ____D C:\ProgramData\RogueKiller2015-06-30 21:36 - 2015-06-30 21:44 - 00316082 _____ C:\Users\Kuba\Desktop\forum.txt2015-06-30 21:35 - 2015-06-30 21:35 - 00000000 _____ C:\Users\Kuba\Desktop\Nowy dokument tekstowy.txt2015-06-30 21:25 - 2015-06-30 21:26 - 17853688 _____ C:\Users\Kuba\Downloads\RogueKiller.exe2015-06-30 19:19 - 2015-06-30 19:19 - 00448512 _____ (OldTimer Tools) C:\Users\Kuba\Downloads\TFC.exe2015-06-30 17:14 - 2015-06-30 17:14 - 00011678 _____ C:\Users\Kuba\Desktop\malware.txt2015-06-30 17:00 - 2015-06-30 21:22 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-06-30 17:00 - 2015-06-30 20:58 - 00000781 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-06-30 17:00 - 2015-06-30 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-06-30 17:00 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-06-30 17:00 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-06-30 17:00 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-06-30 16:59 - 2015-06-30 16:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Kuba\Downloads\mbam-setup-2.0.4.1028.exe2015-06-29 22:37 - 2015-06-29 22:37 - 02244096 _____ C:\Users\Kuba\Downloads\adwcleaner_4.207.exe2015-06-29 22:36 - 2015-06-29 22:36 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\Kuba\Downloads\flashplayer18au_ha_install.exe2015-06-29 20:35 - 2015-06-29 20:35 - 02112512 _____ (Farbar) C:\Users\Kuba\Downloads\FRST64 (1).exe2015-06-29 20:13 - 2015-06-29 20:13 - 00122480 _____ C:\Users\Kuba\Downloads\Shortcut.txt2015-06-29 20:11 - 2015-06-30 23:42 - 00082116 _____ C:\Users\Kuba\Downloads\Addition.txt2015-06-29 20:10 - 2015-07-02 17:27 - 00028020 _____ C:\Users\Kuba\Downloads\FRST.txt2015-06-29 20:07 - 2015-06-29 20:07 - 02112512 _____ (Farbar) C:\Users\Kuba\Downloads\FRST64.exe2015-06-29 19:37 - 2015-06-29 19:38 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E72015-06-29 19:37 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak2015-06-29 17:41 - 2015-06-29 17:41 - 00000222 _____ C:\Users\Kuba\Desktop\Craft The World.url2015-06-27 20:00 - 2015-06-27 20:00 - 00000000 ____D C:\Users\Kuba\AppData\Local\tt2015-06-27 19:59 - 2015-06-27 19:59 - 00000000 ____D C:\Users\Kuba\AppData\Local\Ticket to Ride2015-06-26 19:12 - 2015-06-26 19:12 - 00000222 _____ C:\Users\Kuba\Desktop\Clicker Heroes.url2015-06-26 19:12 - 2015-06-26 19:12 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\com.playsaurus.heroclicker2015-06-24 20:37 - 2015-06-24 20:37 - 00000802 _____ C:\Users\Kuba\Desktop\Car Mechanic Simulator 2015.lnk2015-06-24 20:37 - 2015-06-24 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Car Mechanic Simulator 20152015-06-24 20:29 - 2015-06-24 20:29 - 00000222 _____ C:\Users\Kuba\Desktop\Magicka Wizards of the Square Tablet.url2015-06-24 20:26 - 2015-06-24 20:26 - 00000221 _____ C:\Users\Kuba\Desktop\Magicka.url2015-06-24 20:14 - 2015-06-24 20:14 - 00028675 _____ C:\Users\Kuba\Downloads\5E181549165F1028F6A962342856EA3F6ABF9A8A.torrent2015-06-24 20:07 - 2015-06-24 20:07 - 00000222 _____ C:\Users\Kuba\Desktop\Ticket to Ride.url2015-06-23 21:34 - 2015-06-23 21:34 - 00000000 ____D C:\Users\Kuba\Documents\SavedGames2015-06-23 21:33 - 2015-06-23 21:33 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA2015-06-22 19:39 - 2015-06-23 19:50 - 00000000 ____D C:\Users\Kuba\AppData\Local\The Witcher2015-06-22 19:39 - 2015-06-22 20:25 - 00000000 ____D C:\Users\Kuba\Documents\The Witcher2015-06-22 19:37 - 2015-06-22 19:37 - 00000000 ____D C:\Users\Public\Documents\The Witcher2015-06-22 17:55 - 2015-06-22 17:55 - 00000222 _____ C:\Users\Kuba\Desktop\Age of Empires III Complete Collection.url2015-06-22 17:55 - 2015-06-22 17:55 - 00000221 _____ C:\Users\Kuba\Desktop\The Witcher Enhanced Edition.url2015-06-22 17:55 - 2015-06-22 17:55 - 00000221 _____ C:\Users\Kuba\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url2015-06-22 16:50 - 2015-06-22 16:50 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-06-22 16:49 - 2015-07-02 16:54 - 00001158 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000UA.job2015-06-22 16:49 - 2015-07-02 16:54 - 00001106 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000Core.job2015-06-22 16:49 - 2015-06-22 16:49 - 00004130 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000UA2015-06-22 16:49 - 2015-06-22 16:49 - 00003734 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000Core2015-06-22 16:49 - 2015-06-22 16:49 - 00000000 ____D C:\Users\Kuba\AppData\Local\Dropbox2015-06-22 16:49 - 2015-06-22 16:49 - 00000000 ____D C:\ProgramData\Dropbox2015-06-18 21:37 - 2015-06-18 21:37 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\GCCS2015-06-18 21:33 - 2015-06-18 21:33 - 00000222 _____ C:\Users\Kuba\Desktop\GemCraft - Chasing Shadows.url2015-06-17 19:35 - 2015-06-17 19:35 - 00000222 _____ C:\Users\Kuba\Desktop\Train Fever.url2015-06-17 19:35 - 2015-06-17 19:35 - 00000222 _____ C:\Users\Kuba\Desktop\SpeedRunners.url2015-06-17 19:35 - 2015-06-17 19:35 - 00000222 _____ C:\Users\Kuba\Desktop\Banished.url2015-06-17 05:54 - 2015-06-17 05:54 - 00172330 ___HT C:\Users\Kuba\Downloads\~1414717_826755837431691_600950962_n.tmp2015-06-16 19:43 - 2015-06-16 19:45 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Dominions42015-06-16 19:21 - 2015-06-16 19:21 - 00000222 _____ C:\Users\Kuba\Desktop\Spelunky.url2015-06-16 19:02 - 2015-06-16 19:02 - 00000222 _____ C:\Users\Kuba\Desktop\Dominions 4.url2015-06-16 19:02 - 2015-06-16 19:02 - 00000222 _____ C:\Users\Kuba\Desktop\Antichamber.url2015-06-14 22:51 - 2015-06-14 22:51 - 00000222 _____ C:\Users\Kuba\Desktop\Castle Crashers.url2015-06-14 22:29 - 2015-06-14 22:29 - 00015833 _____ C:\Users\Kuba\Downloads\CV (1).odt2015-06-13 18:50 - 2015-06-13 18:50 - 00000000 ____D C:\Users\Kuba\Documents\creeperworld32015-06-13 18:49 - 2015-06-13 18:51 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\creeperworld32015-06-13 18:35 - 2015-06-13 18:35 - 00000222 _____ C:\Users\Kuba\Desktop\Creeper World 3 Arc Eternal.url2015-06-12 23:14 - 2015-06-12 23:14 - 00016545 _____ C:\Users\Kuba\Downloads\CV.odt2015-06-11 22:16 - 2015-06-11 22:16 - 05776646 _____ C:\Users\Kuba\Downloads\Plan Outdoor-Tomczak.xlsx2015-06-11 19:52 - 2015-06-11 19:53 - 19105854 _____ C:\Users\Kuba\Downloads\010sel0311.avi2015-06-10 20:34 - 2015-06-10 20:34 - 00000659 _____ C:\Users\Public\Desktop\Order of Battle Pacific.lnk2015-06-10 20:34 - 2015-06-10 20:34 - 00000659 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Order of Battle Pacific.lnk2015-06-10 19:43 - 2015-06-10 19:43 - 00000930 _____ C:\Users\Public\Desktop\Wargame - Airland Battle.lnk2015-06-10 19:43 - 2015-06-10 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eugen Systems2015-06-10 17:46 - 2015-06-10 17:50 - 100440072 _____ C:\Users\Kuba\Downloads\155sel0211.avi2015-06-10 16:17 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-06-10 16:17 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-06-10 16:17 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-06-10 16:17 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-06-10 16:17 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-06-10 16:17 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-06-10 16:17 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-06-10 16:17 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-06-10 16:17 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2015-06-10 16:17 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-06-10 16:17 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-06-10 16:17 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-06-10 16:17 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-06-10 16:17 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-06-10 16:17 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2015-06-10 16:17 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-06-10 16:17 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-06-10 16:17 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-06-10 16:17 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-06-10 16:17 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-06-10 16:17 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-06-10 16:17 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-06-10 16:17 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-06-10 16:17 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-06-10 16:17 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-06-10 16:17 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-06-10 16:17 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-06-10 16:17 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-06-10 16:17 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-06-10 16:17 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-06-10 16:17 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-06-10 16:17 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-06-10 16:17 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-06-10 16:17 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-06-10 16:17 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-06-10 16:17 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2015-06-10 16:17 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-06-10 16:17 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-06-10 16:17 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-06-10 16:17 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-06-10 16:17 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-06-10 16:17 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-06-10 16:17 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-06-10 16:17 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-06-10 16:17 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-06-10 16:17 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-06-10 16:17 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-06-10 16:17 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-06-10 16:17 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-06-10 16:17 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-06-10 16:17 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-06-10 16:17 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-06-10 16:17 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-06-10 16:17 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-06-10 16:17 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-06-10 16:17 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-06-10 16:17 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-06-10 16:17 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-06-10 16:17 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-06-10 16:17 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-06-10 16:15 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-06-10 16:15 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-06-10 16:15 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-06-10 16:15 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2015-06-10 16:15 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-06-10 16:15 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll2015-06-10 16:15 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2015-06-10 16:15 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2015-06-10 16:15 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll2015-06-10 16:15 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe2015-06-10 16:15 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe2015-06-10 16:15 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-06-10 16:15 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2015-06-10 16:15 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe2015-06-10 16:15 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-06-10 16:15 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe2015-06-10 16:15 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2015-06-10 16:15 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe2015-06-10 16:15 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-06-10 16:15 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-06-10 16:15 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe2015-06-10 16:15 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-06-10 16:15 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-06-10 16:15 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-06-10 16:15 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-06-10 16:15 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2015-06-10 16:15 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe2015-06-10 16:15 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe2015-06-10 16:15 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-06-10 16:15 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe2015-06-10 16:15 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe2015-06-10 16:15 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2015-06-10 16:15 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe2015-06-10 16:15 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2015-06-10 16:15 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2015-06-10 16:15 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-06-10 16:15 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2015-06-10 16:15 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-06-10 16:15 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-06-10 16:15 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll2015-06-10 16:15 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2015-06-10 16:15 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2015-06-10 16:15 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2015-06-10 16:15 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2015-06-10 16:15 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-06-10 16:15 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2015-06-10 16:15 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-06-10 16:15 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-06-10 16:15 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2015-06-10 16:15 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll2015-06-10 16:15 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2015-06-10 16:15 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2015-06-10 16:15 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll2015-06-10 16:15 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll2015-06-10 16:15 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx2015-06-10 16:15 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll2015-06-10 16:15 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL2015-06-10 16:15 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll2015-06-10 16:15 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll2015-06-10 16:15 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx2015-06-10 16:15 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll2015-06-10 16:15 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL2015-06-10 16:15 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll2015-06-10 16:15 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll2015-06-10 16:15 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys2015-06-09 22:13 - 2015-06-09 22:13 - 00000234 _____ C:\Users\Kuba\Desktop\Might and Magic Heroes VII Beta.url2015-06-09 22:09 - 2015-06-09 22:12 - 00000000 ____D C:\Users\Kuba\AppData\Local\Ubisoft Game Launcher2015-06-09 22:09 - 2015-06-09 22:09 - 00000870 _____ C:\Users\Kuba\Desktop\Uplay.lnk2015-06-09 22:09 - 2015-06-09 22:09 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft2015-06-09 21:40 - 2015-06-09 21:40 - 61778376 _____ (Ubisoft) C:\Users\Kuba\Downloads\UplayInstaller.exe2015-06-09 20:37 - 2015-06-09 20:37 - 00000000 ____D C:\Users\Kuba\Documents\Banished2015-06-09 17:51 - 2015-06-09 18:32 - 00011189 _____ C:\Users\Kuba\Desktop\Lista zakupów.xlsx2015-06-09 17:50 - 2015-06-09 17:50 - 00000885 _____ C:\Users\Public\Desktop\Banished.lnk2015-06-09 17:50 - 2015-06-09 17:50 - 00000885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Banished.lnk2015-06-08 18:15 - 2015-06-08 18:50 - 163906256 _____ C:\Users\Kuba\Downloads\L1456.mp42015-06-08 16:17 - 2015-06-08 16:17 - 00320140 _____ C:\Users\Kuba\Downloads\smouczek schematowy by KJ (1).sav2015-06-07 17:51 - 2015-06-07 17:51 - 00320140 _____ C:\Users\Kuba\Downloads\smouczek schematowy by KJ.sav2015-06-05 23:27 - 2015-06-05 23:27 - 00000508 _____ C:\Users\Public\Desktop\OpenTTD.lnk2015-06-05 23:27 - 2015-06-05 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD2015-06-05 23:24 - 2015-06-08 20:57 - 00000000 ____D C:\Users\Kuba\Documents\OpenTTD2015-06-05 23:22 - 2015-06-05 23:23 - 11359588 _____ C:\Users\Kuba\Downloads\opensfx-0.2.3-all.zip2015-06-05 23:21 - 2015-06-05 23:21 - 07926644 _____ (OpenTTD Developers) C:\Users\Kuba\Downloads\openttd-1.5.1-windows-win64.exe2015-06-05 23:21 - 2015-06-05 23:21 - 00136981 _____ C:\Users\Kuba\Downloads\openmsx-0.3.1-all.zip2015-06-05 23:20 - 2015-06-05 23:21 - 03547661 _____ C:\Users\Kuba\Downloads\opengfx-0.5.2-all.zip2015-06-05 18:37 - 2015-06-05 18:43 - 128626286 _____ C:\Users\Kuba\Downloads\web_cute_018_251.wmv2015-06-05 17:01 - 2015-06-05 17:01 - 00000830 _____ C:\Users\Kuba\Desktop\Supreme Ruler Ultimate.lnk2015-06-05 17:01 - 2015-06-05 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supreme Ruler Ultimate2015-06-04 22:49 - 2015-06-04 22:49 - 00000753 _____ C:\Users\Kuba\Desktop\Portal 2.lnk2015-06-04 22:49 - 2015-06-04 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst2015-06-04 11:51 - 2015-06-05 16:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2015-06-04 11:41 - 2015-06-04 11:41 - 00000940 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk2015-06-04 11:41 - 2015-06-04 11:41 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Ashampoo2015-06-04 11:41 - 2015-06-04 11:41 - 00000000 ____D C:\Users\Kuba\AppData\Local\ashampoo2015-06-04 11:41 - 2015-06-04 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo2015-06-04 11:41 - 2015-06-04 11:41 - 00000000 ____D C:\ProgramData\Ashampoo2015-06-04 11:40 - 2015-06-04 11:41 - 32768992 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Kuba\Downloads\ashampoo_burning_studio_free_1.14.5_sm.exe2015-06-04 11:39 - 2015-06-04 11:39 - 98327200 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Kuba\Downloads\ashampoo_burning_studio_2015_18299.exe2015-06-04 11:37 - 2015-06-04 11:37 - 98327200 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Kuba\Downloads\Niepotwierdzony 862945.crdownload2015-06-04 11:33 - 2015-06-04 11:33 - 09588264 _____ (Disc Soft Ltd) C:\Users\Kuba\Downloads\Niepotwierdzony 508553.crdownload2015-06-04 11:25 - 2015-06-04 11:25 - 00000000 ____D C:\Users\Kuba\Downloads\Nero.Burning.ROM.2015.16.0.027002015-06-04 11:24 - 2015-06-04 11:24 - 93154777 _____ C:\Users\Kuba\Downloads\Nero.Burning.ROM.2015.16.0.02700.rar2015-06-04 11:18 - 2015-06-04 11:18 - 00000000 ____D C:\Users\Kuba\Downloads\Nero 2015 Platinum 16.0.04200 Final Retail2015-06-04 11:16 - 2015-06-04 11:17 - 250058319 _____ C:\Users\Kuba\Downloads\Nero 2015 Platinum 16.0.04200 Final Retail.rar2015-06-04 11:11 - 2015-06-04 11:11 - 00000000 ____D C:\Users\Kuba\Downloads\nero-burning-rom-2014-pl2015-06-04 11:01 - 2015-06-04 11:10 - 87035085 _____ C:\Users\Kuba\Downloads\nero-burning-rom-2014-pl.rar2015-06-04 10:54 - 2015-06-04 10:54 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\dvdcss2015-06-04 08:52 - 2015-06-04 08:52 - 00008982 _____ C:\Users\Kuba\Downloads\izzyKONTO nr _63912771 za 2015-05.htm2015-06-03 05:53 - 2015-06-03 05:53 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-02 17:27 - 2014-12-28 17:05 - 00000000 ____D C:\FRST2015-07-02 17:13 - 2014-11-13 23:12 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2015-07-02 16:38 - 2014-11-12 23:25 - 01459048 _____ C:\Windows\WindowsUpdate.log2015-07-02 16:33 - 2009-07-14 06:45 - 00027584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-07-02 16:33 - 2009-07-14 06:45 - 00027584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-07-02 05:56 - 2014-11-13 23:11 - 00000000 ____D C:\Users\Kuba\AppData\Local\Adobe2015-07-01 21:35 - 2014-11-15 21:47 - 00367629 _____ C:\Windows\DirectX.log2015-07-01 19:19 - 2014-11-13 19:08 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job2015-07-01 19:10 - 2015-01-05 23:29 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2015-07-01 19:04 - 2015-05-30 20:09 - 00000219 _____ C:\Users\Kuba\Desktop\Counter-Strike Global Offensive.url2015-07-01 18:58 - 2014-12-26 11:44 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Origin2015-07-01 18:58 - 2014-12-26 11:42 - 00000000 ____D C:\ProgramData\Origin2015-07-01 17:44 - 2014-11-17 23:37 - 00000000 ___RD C:\Users\Kuba\Dropbox2015-07-01 17:44 - 2014-11-17 23:36 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Dropbox2015-07-01 17:44 - 2014-11-13 19:10 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys2015-07-01 17:39 - 2015-03-12 19:49 - 00000000 ____D C:\Users\Kuba\AppData\Local\Google2015-07-01 17:39 - 2015-03-12 19:49 - 00000000 ____D C:\Program Files (x86)\Google2015-07-01 17:26 - 2014-11-13 19:08 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job2015-07-01 17:25 - 2014-11-13 19:16 - 00785236 _____ C:\Windows\PFRO.log2015-07-01 17:25 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-07-01 17:25 - 2009-07-14 06:51 - 00063823 _____ C:\Windows\setupact.log2015-06-30 21:17 - 2009-07-14 20:09 - 00000000 ____D C:\Windows\CSC2015-06-30 19:28 - 2015-01-02 11:44 - 00000000 ____D C:\AdwCleaner2015-06-30 17:58 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Offline Web Pages2015-06-29 22:39 - 2014-11-13 23:12 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-06-29 22:39 - 2014-11-13 23:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-06-29 22:39 - 2014-11-13 23:12 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-06-29 19:53 - 2015-05-24 16:21 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher2015-06-29 19:53 - 2015-02-01 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valkyria Chronicles2015-06-29 19:53 - 2015-01-20 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Hospital2015-06-29 19:52 - 2015-05-24 16:21 - 00000569 _____ C:\Users\Kuba\Desktop\Duel of Champions Launcher.lnk2015-06-29 19:52 - 2015-04-20 20:32 - 00000762 _____ C:\Users\Kuba\Desktop\Launcher — skrót.lnk2015-06-29 19:52 - 2014-12-18 21:44 - 00000693 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk2015-06-29 19:45 - 2014-11-13 19:21 - 00001947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2015-06-27 22:06 - 2014-11-15 23:55 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\vlc2015-06-27 19:24 - 2009-07-14 19:55 - 00743484 _____ C:\Windows\system32\perfh015.dat2015-06-27 19:24 - 2009-07-14 19:55 - 00156966 _____ C:\Windows\system32\perfc015.dat2015-06-27 19:24 - 2009-07-14 07:13 - 01678098 _____ C:\Windows\system32\PerfStringBackup.INI2015-06-27 15:26 - 2014-11-18 21:14 - 00000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps2015-06-25 22:21 - 2014-12-18 21:44 - 00003882 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 14189318742015-06-24 20:22 - 2015-04-04 23:41 - 00000031 _____ C:\Users\Kuba\Desktop\energa.txt2015-06-23 21:32 - 2014-11-13 19:44 - 00000000 ____D C:\ProgramData\Package Cache2015-06-17 05:59 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD2015-06-11 19:58 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk2015-06-11 05:57 - 2014-11-24 23:20 - 00000000 __SHD C:\Users\Kuba\AppData\Local\EmieUserList2015-06-11 05:57 - 2014-11-24 23:20 - 00000000 __SHD C:\Users\Kuba\AppData\Local\EmieSiteList2015-06-11 05:57 - 2014-11-24 23:20 - 00000000 __SHD C:\Users\Kuba\AppData\Local\EmieBrowserModeList2015-06-11 04:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache2015-06-11 03:28 - 2014-11-13 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2015-06-11 03:28 - 2009-07-14 06:45 - 05172104 _____ C:\Windows\system32\FNTCACHE.DAT2015-06-11 03:26 - 2014-12-10 22:47 - 00000000 ____D C:\Windows\system32\appraiser2015-06-11 03:26 - 2014-11-14 18:07 - 00000000 ___SD C:\Windows\system32\CompatTel2015-06-11 03:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions2015-06-11 03:08 - 2014-11-14 23:31 - 00000000 ____D C:\ProgramData\Microsoft Help2015-06-11 03:04 - 2009-07-14 04:34 - 00000580 _____ C:\Windows\win.ini2015-06-10 20:41 - 2014-11-22 10:59 - 00000000 ____D C:\Users\Kuba\Documents\my games2015-06-08 17:17 - 2009-07-14 07:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT2015-06-05 20:14 - 2015-05-23 15:29 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Kalypso Media2015-06-04 22:49 - 2014-11-15 21:47 - 00000000 ____D C:\Windows\SysWOW64\directx ==================== Files in the root of some directories ======= 2015-02-23 21:21 - 2015-02-23 21:21 - 0000132 _____ () C:\Users\Kuba\AppData\Roaming\Preferencje CC formatu PNG firmy Adobe2014-11-13 19:11 - 2014-11-13 19:11 - 0000003 _____ () C:\Users\Kuba\AppData\Local\user_data.ini Some files in TEMP:====================C:\Users\Kuba\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnsjror.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-11 03:58 ==================== End of log ============================

Hi, thanks for Your help. I think that fixlist solved main problem: popubs in browser. Anyway there are logs: Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01Ran by Kuba at 2015-07-01 17:23:05 Run:2Running from C:\Users\Kuba\DownloadsLoaded Profiles: Kuba (Available Profiles: Kuba)Boot Mode: Normal============================================== fixlist content:*****************StartHKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2015-04-30] (Nota Inc.)C:\Program Files (x86)\Gyazo\GyStation.exeC:\Program Files (x86)\GyazoHKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\MountPoints2: G - G:\Launcher.exeHKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\MountPoints2: H - H:\setup.exeHKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\MountPoints2: I - I:\setup.exeHKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\MountPoints2: {b45236cd-6ab1-11e4-abd9-806e6f6e6963} - F:\ASRSetup.exeIFEO\CCleaner64.exe: [Debugger] svchost.exeCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONProxyEnable: [s-1-5-21-1149661289-1221717445-1824185903-1000] => Internet Explorer proxy is enabledProxyServer: [s-1-5-21-1149661289-1221717445-1824185903-1000] => http=127.0.0.1:9880R2 LriedGvanellius; C:\Program Files (x86)\LriedGvanellius\LriedGvanellius.exe [281088 2015-06-16] () [File not signed] <==== ATTENTIONC:\Program Files (x86)\LriedGvanellius\LriedGvanellius.exeC:\Program Files (x86)\LriedGvanellius C:\Windows\SysWOW64\Tulvae.iniC:\Users\Kuba\AppData\Roaming\uTorrentC:\Users\Kuba\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppmy3gi.dllglobalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTIONCustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max2015\Inventor Server\Bin\TestServer.dll No FileCustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No FileCustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No FileCustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\GG \ggdrive\ggdrive-menu.dll No FileTask: {17695013-37DE-45E6-8EFF-B13E9571EA58} - System32\Tasks\WINshell Event Logging => C:\Users\Kuba\AppData\Local\Temp\Dscp1.exe <==== ATTENTIONC:\Users\Kuba\AppData\Local\Temp\Dscp1.exeTask: {3DA7F6A6-61DC-429D-9F40-6AE2546F1B25} - \{65B2DFDA-CA9A-44CA-8084-AADF646BB635} No Task File <==== ATTENTIONTask: {C8CC1364-209A-493F-89FB-AC768E32D3E8} - System32\Tasks\WINshell Event Notification => C:\Users\Kuba\AppData\Local\Temp\SBCint2.exe <==== ATTENTIONC:\Users\Kuba\AppData\Local\Temp\SBCint2.exeHKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tulvae => ""="service"Emptytemp:End***************** HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Gyazo => value removed successfullyC:\Program Files (x86)\Gyazo\GyStation.exe => moved successfully.C:\Program Files (x86)\Gyazo => moved successfully."HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => key removed successfully"HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H" => key removed successfully"HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I" => key removed successfully"HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b45236cd-6ab1-11e4-abd9-806e6f6e6963}" => key removed successfullyHKCR\CLSID\{b45236cd-6ab1-11e4-abd9-806e6f6e6963} => key not found. "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CCleaner64.exe" => key removed successfully"HKLM\SOFTWARE\Policies\Google" => key removed successfullyHKU\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfullyHKU\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfullyLriedGvanellius => Unable to stop service.LriedGvanellius => Service removed successfullyC:\Program Files (x86)\LriedGvanellius\LriedGvanellius.exe => moved successfully.C:\Program Files (x86)\LriedGvanellius => moved successfully.C:\Windows\SysWOW64\Tulvae.ini => moved successfully.C:\Users\Kuba\AppData\Roaming\uTorrent => moved successfully.C:\Users\Kuba\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppmy3gi.dll => moved successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => value removed successfully"HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}" => key removed successfully2015\Inventor Server\Bin\TestServer.dll No File => Error: No automatic fix found for this entry."HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}" => key removed successfully2015\Inventor Server\Bin\TestServer.dll No File => Error: No automatic fix found for this entry."HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}" => key removed successfully2015\Inventor Server\Bin\TestServer.dll No File => Error: No automatic fix found for this entry."HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}" => key removed successfully\ggdrive\ggdrive-menu.dll No File => Error: No automatic fix found for this entry."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17695013-37DE-45E6-8EFF-B13E9571EA58}" => key removed successfully"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17695013-37DE-45E6-8EFF-B13E9571EA58}" => key removed successfullyC:\Windows\System32\Tasks\WINshell Event Logging => moved successfully."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WINshell Event Logging" => key removed successfully"C:\Users\Kuba\AppData\Local\Temp\Dscp1.exe" => File/Folder not found."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DA7F6A6-61DC-429D-9F40-6AE2546F1B25}" => key removed successfully"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DA7F6A6-61DC-429D-9F40-6AE2546F1B25}" => key removed successfully"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{65B2DFDA-CA9A-44CA-8084-AADF646BB635}" => key removed successfully"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8CC1364-209A-493F-89FB-AC768E32D3E8}" => key removed successfully"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8CC1364-209A-493F-89FB-AC768E32D3E8}" => key removed successfullyC:\Windows\System32\Tasks\WINshell Event Notification => moved successfully."HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WINshell Event Notification" => key removed successfully"C:\Users\Kuba\AppData\Local\Temp\SBCint2.exe" => File/Folder not found."HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Tulvae" => key removed successfullyEmptyTemp: => 1005.1 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 17:23:43 ==== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by MalwarebytesVersion: 7.2.5 (07.01.2015:1)OS: Windows 7 Professional x64Ran by Kuba on 2015-07-01 at 17:44:01,71~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys ~~~ Files Successfully deleted: [File] C:\Users\Kuba\AppData\Roaming\speedrunnerslog.txt ~~~ Folders ~~~ FireFox ~~~ Chrome [C:\Users\Kuba\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Kuba\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Kuba\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Kuba\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:[] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 2015-07-01 at 17:46:38,70End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ESETSmartInstaller@High as downloader log:all ok# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# EOSSerial=6df5599abe08384081c82fea4d5cb757# end=init# utc_time=2015-07-01 03:48:15# local_time=2015-07-01 05:48:15 )# country="Poland"# osver=6.1.7601 NT Service Pack 1# nod_component=V3 Build:0x30000000Update InitUpdate DownloadUpdate FinalizeUpdated modules version: 24593# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# EOSSerial=6df5599abe08384081c82fea4d5cb757# end=updated# utc_time=2015-07-01 03:51:40# local_time=2015-07-01 05:51:40 )# country="Poland"# osver=6.1.7601 NT Service Pack 1# nod_component=V3 Build:0x30000000# product=EOS# version=8# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.7777# api_version=3.1.1# EOSSerial=6df5599abe08384081c82fea4d5cb757# engine=24593# end=finished# remove_checked=true# archives_checked=true# unwanted_checked=true# unsafe_checked=true# antistealth_checked=true# utc_time=2015-07-01 07:56:52# local_time=2015-07-01 09:56:52 )# country="Poland"# lang=1033# osver=6.1.7601 NT Service Pack 1# compatibility_mode_1=''# compatibility_mode=5893 16776574 100 94 441837 187410462 0 0# compatibility_mode_1='ESET Smart Security 8.0'# compatibility_mode=8228 16777213 100 100 6589784 13337318 0 0# scanned=746175# found=55# cleaned=55# scan_time=14711# nod_component=V3 Build:0x30000000sh=0D8687219C021EDDB7DE81572BC041BE4AD3FAB0 ft=1 fh=5586eae44615a68f vn="a variant of Win32/BrowseFox.O potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\aceracebho.dll.vir"sh=AE36D2582F0B5EB725E6C3C1CEE69AD28D0225CF ft=1 fh=65a3232c471ef39c vn="Win32/BrowseFox.C potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\aceraceUninstall.exe.vir"sh=0DCBEF5990F604CC03BE51818B6A938513E24DC5 ft=1 fh=370f98ae0c6dfbd6 vn="a variant of MSIL/BrowseFox.H potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\updateacerace.exe.vir"sh=4241CFBB4781B890C812FD332C692E47CEFA0F4E ft=1 fh=7f86d38259689652 vn="a variant of Win32/BrowseFox.N potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\55318141dabf4786b4b2.dll.vir"sh=459176422787D9D1F9AAE699F98C81955BDB717B ft=1 fh=0803ca7eda76c550 vn="a variant of Win64/BrowseFox.CI potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\55318141dabf4786b4b264.dll.vir"sh=2249FD688054951EC93200357B96DEB340B8B98E ft=1 fh=14cecb48cb394ffd vn="a variant of Win32/BrowseFox.P potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\acerace.BrowserAdapter.exe.vir"sh=7575F760208889C81F6A463B4F2D5FCCB348C0B7 ft=1 fh=ef58d45a3d395263 vn="a variant of Win64/BrowseFox.CN potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\acerace.BrowserAdapter64.exe.vir"sh=47D1CD1B8249DB2D094287A3A9CD1A2DD0C6EAB2 ft=1 fh=3c79af9f2099aa77 vn="a variant of Win32/BrowseFox.AA potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\acerace.expext.exe.vir"sh=1DA6C6FAC1F75953832214ADEAB95B906B1CD3C7 ft=1 fh=e232553874fd144b vn="a variant of Win64/BrowseFox.CJ potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\acerace.expextdll.dll.vir"sh=94E40C3F4C0F510654C547CF6428C5F1BA4A4FEC ft=1 fh=6a857149b9285693 vn="a variant of Win64/BrowseFox.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\acerace.PurBrowse64.exe.vir"sh=6AC4226B685F3BC817B7559AF012D6AAB4B2AA38 ft=1 fh=95100bb343cfb151 vn="a variant of MSIL/BrowseFox.H potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\tmp895B.tmp.vir"sh=0DCBEF5990F604CC03BE51818B6A938513E24DC5 ft=1 fh=370f98ae0c6dfbd6 vn="a variant of MSIL/BrowseFox.H potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\utilacerace.exe.vir"sh=F54AACDF7BC20160D367121E74EB85BCCA3E3D4E ft=1 fh=d5ef2c728c7bb841 vn="a variant of Win32/BrowseFox.M potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\{55318141-dabf-4786-b4b2-f50790587c26}.dll.vir"sh=A73798694B64FA98B68C5952B2911B732D0C6F39 ft=1 fh=aecf596988d9ef5f vn="a variant of Win64/BrowseFox.CK potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\{55318141-dabf-4786-b4b2-f50790587c26}64.dll.vir"sh=9035635660ADC45F40DFE97401B2DA8372290306 ft=1 fh=08cce4b2fbedba77 vn="a variant of MSIL/BrowseFox.G potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\plugins\acerace.Bromon.dll.vir"sh=D13FBE11F529FA46CF8D6ED286CF3046D8DAA549 ft=1 fh=00714ca3219cbb1c vn="a variant of MSIL/BrowseFox.G potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\plugins\acerace.BroStats.dll.vir"sh=4DB169224B1CA14E8DDA47D8E04F5E5068D36115 ft=1 fh=c083ac1201114e60 vn="a variant of MSIL/BrowseFox.L potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\plugins\acerace.BrowserAdapter.dll.vir"sh=394B60C753422BB6CCB874803494941562F8E45B ft=1 fh=a75e713ca6e3cfcf vn="a variant of MSIL/BrowseFox.G potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\plugins\acerace.CompatibilityChecker.dll.vir"sh=DDC999100C8B961BD3D4CA1A9767E0C41E916F36 ft=1 fh=b91103782ed323fb vn="a variant of MSIL/BrowseFox.L potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\plugins\acerace.ExpExt.dll.vir"sh=9532B36CEC92B137E1655F225163234FC3D0E69F ft=1 fh=13d20abae8cad493 vn="a variant of MSIL/BrowseFox.L potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\plugins\acerace.FFUpdate.dll.vir"sh=CCF52DF322D394CF8F12EA6D27A13E292DA75E6C ft=1 fh=972922a4ea35cca3 vn="a variant of MSIL/BrowseFox.L potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\plugins\acerace.GCUpdate.dll.vir"sh=9FBD60BB91795AE5524B0E7FEDE36A2156A24AF3 ft=1 fh=2dc21349204dcdf4 vn="a variant of MSIL/BrowseFox.L potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\plugins\acerace.IEUpdate.dll.vir"sh=BCD454EBA05F77AD6D5DC86CBC75C307EC14A2D8 ft=1 fh=39856bc65b7e09bb vn="a variant of MSIL/BrowseFox.L potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ace race\bin\plugins\acerace.PurBrowseG.dll.vir"sh=DD4605E26B48B7C231DBEBA5E8FAA91F33D21B2B ft=1 fh=bb1ffd2794ad6ec5 vn="Win32/AlteredSoftware.F potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\globalupdate.exe.vir"sh=DD4605E26B48B7C231DBEBA5E8FAA91F33D21B2B ft=1 fh=bb1ffd2794ad6ec5 vn="Win32/AlteredSoftware.F potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe.vir"sh=08976B0143D7A77694D2B3014053542C42F4774E ft=1 fh=67450ef68c8fc670 vn="Win32/AlteredSoftware.H potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe.vir"sh=DD4605E26B48B7C231DBEBA5E8FAA91F33D21B2B ft=1 fh=bb1ffd2794ad6ec5 vn="Win32/AlteredSoftware.F potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe.vir"sh=FE3BD67B77BB38A3110091D17DE69012FAAD4FA6 ft=1 fh=67450ef6f68fd149 vn="Win32/AlteredSoftware.H potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe.vir"sh=CBB725FF6614ABE40724C158B5B357F162908E96 ft=1 fh=c71c00119a74eb7c vn="a variant of Win32/AlteredSoftware.E potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll.vir"sh=BD08E733D803A193E4FA4118A6D52BCD0FC98F81 ft=1 fh=c71c0011371aa7ff vn="a variant of Win32/AlteredSoftware.G potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir"sh=9AE1636DE7E3CB630B3A2C11E41C76BF0B716CCD ft=1 fh=c71c0011864645d3 vn="a variant of Win32/AlteredSoftware.G potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir"sh=4AF3A473484FF3C31A277033D51690D1FCA5135E ft=1 fh=714f483c8c7b5811 vn="a variant of Win32/Adware.MultiPlug.MT application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\{62dc3a1b-536e-79ae-62dc-c3a1b536e86d}\sevensetup.exe.vir"sh=B4450C96172B08E942FA291973FBF835B07A30C5 ft=1 fh=14d0cf0229e4805e vn="Win32/Adware.ConvertAd.TT application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kuba\AppData\Local\03000200-1435606784-0500-0006-000700080009\onslDFE5.tmp.vir"sh=491164FE123DB6DA6E777864326D6213AD986A78 ft=1 fh=3cc6bbefcd819d9d vn="Win32/Adware.ConvertAd.UC application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kuba\AppData\Local\03000200-1435606784-0500-0006-000700080009\snslDFE3.tmp.vir"sh=C2CDF8F5CF8F8E7082898326B1937499DEFA5C63 ft=1 fh=4dce2de995a2d99e vn="a variant of Win32/Toolbar.CrossRider.CB potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kuba\AppData\Roaming\7vMT96rTsxR3j.exe.vir"sh=085F77EB21E35804B09F1D53064AD09EDFD30F3B ft=1 fh=30d6e2c5eecf8f6b vn="a variant of Win32/Toolbar.CrossRider.CB potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kuba\AppData\Roaming\adxvOa9Xf0yRKuEjvDWmK.exe.vir"sh=171D0DFAD4ABC8BFCFC3DE6AD9EB03DBA9CB60AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kuba\AppData\Roaming\adxvOa9Xf0yRKuEjvDWmK.vir"sh=858524ED0C62DA7FEE38A551865CCDE45A41C289 ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\wexac792.default\Extensions\sweetsearch@gmail.com\chrome\content\toolbar.js.vir"sh=84730F690AA638528028E40631FDCA75AF2F99A9 ft=1 fh=bc0f44c01306a343 vn="a variant of Win64/NetFilter.A potentially unsafe application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{55318141-dabf-4786-b4b2-f50790587c26}Gw64.sys.vir"sh=117B708AA171989B1C23FF89FD01EE49CA792876 ft=1 fh=c71c00112ad6fd0f vn="Win32/VOPackage.BS potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Kuba\AppData\Local\nsi2144.tmp.xBAD"sh=4D3E21625C5AD2AEE079626F24F7600A6F1617D4 ft=1 fh=e406dfd9120a65ec vn="a variant of Win32/Toolbar.CrossRider.CH potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Kuba\AppData\Roaming\DOUHXLN.exe.xBAD"sh=26AB544781DB9D6448F5A842E45A14A0FD8973FA ft=1 fh=c904259ef33e33ff vn="a variant of Win32/Toolbar.CrossRider.BV potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Kuba\AppData\Roaming\XTHXCX.exe.xBAD"sh=D75B56A31E49BD3AD1D132ECC7D27ECBA1A427CA ft=1 fh=72f8ac517a1c63e0 vn="a variant of Win32/OpenCandy.C potentially unsafe application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Kuba\AppData\Roaming\uTorrent\updates\3.4.2_36044.exe"sh=12643ADE5DB429463E11FBA97B47816E7DEB13EF ft=1 fh=05e346422660ecf1 vn="a variant of Win32/OpenCandy.C potentially unsafe application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Kuba\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe"sh=317110667071552409A0A748EE7B6251441C4852 ft=1 fh=420885c2925f7928 vn="a variant of Win32/OpenCandy.C potentially unsafe application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Kuba\AppData\Roaming\uTorrent\updates\3.4.2_38913.exe"sh=88651B7BB781F0F08E6EA3716384F0F43D3D72C5 ft=1 fh=934825ff88455227 vn="Win32/DepoDownloader.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Kuba\Downloads\dfdownloader_YojGYL_.exe"sh=32D70DC377E33491541B76A0A6FFDEA7BE1F85CA ft=1 fh=43d4960ae008201e vn="a variant of Win32/InstallCore.QC potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="E:\Pobrane\directx 9.0c.exe"sh=7BD36860B0FE4F95CFB567A85844881F7C734B29 ft=1 fh=e417e38bb4c4a878 vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="E:\Pobrane\NapiProjektBuild_2.2.0.2399(dobreprogramy.pl).exe"sh=C51130851F032A87973CB9ADBD943BCBC795DE9A ft=1 fh=e12444e53a4b377c vn="a variant of Win32/InstallCore.SO potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="E:\Pobrane\Photoscape(12505)-dp.exe"sh=1923B77132D5F5B83216036FD443FF23A0D5E348 ft=1 fh=083e734e0a848a6b vn="a variant of Win32/OpenCandy.C potentially unsafe application (cleaned by deleting - quarantined)"

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01 Ran by Kuba at 2015-06-30 21:25:59 Running from C:\Users\Kuba\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1149661289-1221717445-1824185903-500 - Administrator - Disabled) Gość (S-1-5-21-1149661289-1221717445-1824185903-501 - Limited - Disabled) Kuba (S-1-5-21-1149661289-1221717445-1824185903-1000 - Administrator - Enabled) => C:\Users\Kuba ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Smart Security 8.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 8.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «Portal 2» 2.0.0.1 (HKLM-x32\...\Portal 2_is1) (Version: 2.0.0.1 - VALVE) 010 Editor 6.0.1 (64-bit) (HKLM\...\010 Editor_is1) (Version: - SweetScape Software) A Game of Dwarves (HKLM-x32\...\A Game of Dwarves_is1) (Version: - ) Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.0 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated) Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios) Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version: - Triumph Studios) AMD Catalyst Install Manager (HKLM\...\{F37C2975-92EA-59CA-59E6-50E56F0E76DD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Anki (HKLM-x32\...\Anki) (Version: - ) Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce) Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG) ASRock eXtreme Tuner v0.1.268 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - ) ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - ) ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.) ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.) Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.1.149.0 - Autodesk) Autodesk 3ds Max 2015 (Version: 17.1.149.0 - Autodesk) Hidden Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk) Autodesk 3ds Max 2015 SP1 (HKLM\...\Autodesk 3ds Max 2015 SP1) (Version: 17.1.149.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk) Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk) Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk) Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden Autodesk DirectConnect 2015 64-bit Hotfix1 (HKLM\...\Autodesk DirectConnect 2015 64-bit_9001) (Version: 9.0.56.4 - Autodesk) Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0.2 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.166.0 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.166.0 - Autodesk) Hidden Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC) Banished 1.0.4 (HKLM-x32\...\Banished_is1) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth) Bitwa o Śródziemie™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - ) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.) Car Mechanic Simulator 2015 (HKLM-x32\...\Car Mechanic Simulator 2015_is1) (Version: - ) Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth) Cities in Motion 2 (HKLM-x32\...\Steam App 225420) (Version: - Colossal Order Ltd.) Cities in Motion 2 v1.6.3.8 (HKLM-x32\...\{C4B6EF4A-DC9C-4D67-BDBD-6BF3BC84F0BF}_is1) (Version: 1.6.3.8 - Paradox Interactive) Cities XL Platinum (HKLM-x32\...\Cities XL Platinum_is1) (Version: - ) Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order) Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - ) Company of Heroes (HKLM-x32\...\Steam App 4560) (Version: - Relic Entertainment) Company of Heroes 2 - Beta (HKLM-x32\...\Steam App 317170) (Version: - ) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Company of Heroes: Opposing Fronts (HKLM-x32\...\Steam App 9340) (Version: - Relic Entertainment) Company of Heroes: Tales of Valor (HKLM-x32\...\Steam App 20540) (Version: - Relic Entertainment) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Craft The World (HKLM-x32\...\Steam App 248390) (Version: - Dekovir Entertainment) Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.44 - Creative Technology Limited) Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited) Creative AutoMode Switcher (HKLM-x32\...\Creative AutoMode Switcher) (Version: 1.00 - Creative Technology Limited) Creative Console Launcher (HKLM-x32\...\Console Launcher) (Version: 2.61 - Creative Technology Limited) Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited) Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited) Creeper World 3: Arc Eternal (HKLM-x32\...\Steam App 280220) (Version: - Knuckle Cracker) Dassault Systemes Software B18 (HKLM\...\Dassault Systemes B18_0) (Version: - ) Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{82B2394D-F5CC-42F0-8DC1-48B3CAA382CC}) (Version: 8.0.2 - Dassault Systemes) Deathtrap (HKLM-x32\...\Deathtrap_is1) (Version: - NeocoreGames) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dominions 4 (HKLM-x32\...\Steam App 259060) (Version: - Illwinter Game Design) Door Kickers (HKLM-x32\...\1207666463_is1) (Version: 2.0.0.1 - GOG.com) Dragon Age Inquisition version 1.1.0 (HKLM-x32\...\Dragon Age Inquisition_is1) (Version: 1.1.0 - dzrepack) Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts) Dragon UnPACKer 5 (HKLM-x32\...\DragonUnPACKer5_is1) (Version: 5.7.0 Beta - Alexandre Devilliers (aka Elbereth)) Dropbox (HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.) DuckTales Remastered (HKLM-x32\...\RHVja1RhbGVzUmVtYXN0ZXJlZA==_is1) (Version: 1 - ) Duel of Champions (HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\MMDoC-PDCLive) (Version: - Ubisoft) Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version: - AMPLITUDE Studios) DXGL Wrapper (HKLM-x32\...\GLWRAPPER) (Version: - ) Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts) Electronic Arts Product Registration (x32 Version: 1.01.0000 - Electronic Arts) Hidden ESET Smart Security (HKLM\...\{F3D78BA2-A8C6-40A3-AEBB-25D8FA49BB9A}) (Version: 8.0.312.4 - ESET, spol s r. o.) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: - ) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.) GemCraft - Chasing Shadows (HKLM-x32\...\Steam App 296490) (Version: - ) globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: 1.0 - Релиз от R.G. Steamgames) Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games) Grey Goo v.1.0.u2 (HKLM-x32\...\Grey Goo_is1) (Version: - ) GRID (HKLM-x32\...\Steam App 12750) (Version: - Codemasters Studios) Gyazo 2.4 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) Hand of Fate (HKLM-x32\...\1424100574_is1) (Version: 2.0.0.1 - GOG.com) Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version: - ) Harry Potter TM (HKLM-x32\...\{3F50AF3B-8997-4916-0095-99D63DDB785A}) (Version: - ) Impka 2.0.18 (HKLM-x32\...\Impka_is1) (Version: - indevIT) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation) Intel® Smart Connect Technology 2.0 x64 (HKLM\...\{12ABC13D-6540-483D-92B9-30CE1667B002}) (Version: 2.0.1083.0 - Intel) Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) KeyShot 5 64 bit (HKLM-x32\...\KeyShot 5_64) (Version: 5.0 64 bit - Luxion ApS) King Arthur II - The Role-playing Wargame (HKLM-x32\...\Steam App 24480) (Version: - NeocoreGames) Knights of Honor (HKLM-x32\...\Knights of Honor) (Version: 1.05 - ) Król Nazguli™ (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - ) LDraw Parts Library 2014-01 (HKLM-x32\...\{DED4B209-F114-4D85-BADB-2D702B15D2D7}_is1) (Version: - LDraw.org) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden LEGO® Harry Potter™: Years 1-4 (HKLM-x32\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games) LeoCAD (HKLM-x32\...\LeoCAD) (Version: - ) Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios) Magicka: Wizards of the Square Tablet (HKLM-x32\...\Steam App 247580) (Version: - Ludosity) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment) Men of War: Assault Squad 2 (HKLM-x32\...\TWVub2ZXYXJBc3NhdWx0U3F1YWQy_is1) (Version: 1 - ) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Might and Magic Heroes VII Beta (HKLM-x32\...\Uplay Install 1877) (Version: - Ubisoft) Mozilla Firefox 38.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 pl)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) OLYMPUS Digital Camera Updater (HKLM-x32\...\{D18925CE-5AF9-4394-8EF7-1081FFE7E98B}) (Version: 1.2.0 - OLYMPUS IMAGING CORP.) OLYMPUS Viewer 3 (HKLM-x32\...\{144CB8BE-46E5-43AE-ADBB-CCC7AB4E0649}) (Version: 1.4.2 - OLYMPUS IMAGING CORP.) OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) OpenTTD 1.5.1 (HKLM-x32\...\OpenTTD) (Version: 1.5.1 - OpenTTD) Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software) Order of Battle: Pacific Update 1.6.7 (HKLM-x32\...\T3JkZXJvZkJhdHRsZVBhY2lmaWM=_is1) (Version: 1 - ) Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.) Patrician 3 (HKLM-x32\...\Patrician 3_is1) (Version: - GOG.com) Patrician IV Gold Edition (HKLM-x32\...\Patrician IV Gold Edition_is1) (Version: - ) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com) PIT Format 2014 (HKLM-x32\...\PIT Format 2014_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) PowerISO wersja 6.1 (HKLM-x32\...\PowerISO_is1) (Version: 6.1 - ) Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software) Pytacz Master 5 (HKLM-x32\...\{0D2B124C-8E6B-4427-BC36-68676507D5F3}_is1) (Version: 5.3.2 - MichalJe) Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Revo Uninstaller Pro wersja 3.1.0 (HKLM\...\Revo Uninstaller Pro_is1) (Version: 3.1.0 - ) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0- A52B21A49B5B}) (Version: - Microsoft) Setup - The SIMS 4 Deluxe Edition ... (HKLM-x32\...\Setup - The SIMS 4 Deluxe Edition ...) (Version: ... - Electronic Arts) SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts) SketchUp 2015 (HKLM\...\{90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}) (Version: 15.0.9350 - Trimble Navigation Limited) SL-6555-SBK (HKLM-x32\...\{7AB86D35-DF3B-407F-B43E-468345DABF29}) (Version: 1.00.0000 - GASIA) Sleeping Dogs: Definitive Edition (HKLM-x32\...\Steam App 307690) (Version: - United Front Games) SolidWorks 2013 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20130-40000-1100-100) (Version: 21.0.0.5024 - SolidWorks Corporation) SolidWorks 2013 x64 Edition SP0 (Version: 21.100.5024 - SolidWorks) Hidden SolidWorks 2013 x64 Polish Resources (Version: 21.100.5024 - SolidWorks) Hidden SolidWorks eDrawings 2013 x64 Edition SP0 (Version: 13.0.5016 - Dassault Systemes SolidWorks Corp) Hidden SolidWorks Explorer 2013 SP0 x64 Edition (Version: 21.00.5024 - SolidWorks Corporation) Hidden SolidWorks Plastics 2013 SP0 x64 Edition (Version: 21.00.5024 - SolidWorks Corporation) Hidden SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games) SpellForce 2 - Shadow Wars (HKLM-x32\...\SpellForce 2 - Shadow Wars_is1) (Version: - GOG.com) Spelunky (HKLM-x32\...\Steam App 239350) (Version: - ) STATISTICA TRIAL PL 12.5.192.18 (64-bit) (HKLM\...\{59C69694-86AD-4963-8FF8-74F390403535}) (Version: 12.5.192.18 - StatSoft, Inc.) STATNOVAPDF (novaPDF 7.7 printer) (HKLM\...\STATNOVAPDF_is1) (Version: - Softland) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Supreme Ruler Ultimate (HKLM-x32\...\Supreme Ruler Ultimate_is1) (Version: - ) Tablet Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6-3 - Wacom Technology Corp.) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer) TerraTech (HKLM-x32\...\Steam App 285920) (Version: - Payload Studios) The Sims 4 (HKLM-x32\...\The Sims 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm) The Sims 4 Update v1.3.32.1010 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD PROJEKT RED) The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD PROJEKT RED) Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts) Theme Hospital (HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\Theme Hospital) (Version: - ) THX Setup Console (HKLM-x32\...\THX_Console_Unicode) (Version: - ) Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version: - Days of Wonder) TNC620 (817604) (HKLM-x32\...\{A467864C-61FC-4859-9046-A0DE670FDB16}) (Version: 1.3.0 - HEIDENHAIN) TNC640 (340594) (HKLM-x32\...\{C9D98105-ABA6-493D-A40F-86263485E072}) (Version: 4.5.0 - HEIDENHAIN) Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly) Train Fever (HKLM-x32\...\Steam App 304730) (Version: - Urban Games) Trains and Trucks Tycoon (HKLM-x32\...\{ED83A136-0255-11D5-ABDE-00E07D81F9B8}) (Version: - ) Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts) Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft) Valkyria Chronicles (HKLM-x32\...\Valkyria Chronicles_is1) (Version: - ) Valkyria Chronicles DLC Pack (HKLM-x32\...\VmFsa3lyaWFDaHJvbmljbGVz_is1) (Version: 1 - ) VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Volume Panel (HKLM-x32\...\Creative Volume Panel) (Version: 2.21 - Creative Technology Limited) Wargame - Airland Battle (HKLM-x32\...\Wargame - Airland Battle_is1) (Version: - ) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) Worms Revolution (HKLM-x32\...\Worms Revolution_is1) (Version: - ) x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - ) XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn) XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.) XLNation User Interface Mod (HKLM-x32\...\{94BE8E03-7E88-4747-868D-E3BB7ABF1D05}) (Version: 1.79.9 - Altiris) Ziggurat (HKLM-x32\...\Ziggurat_is1) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kuba\AppData\Roaming\Dropbox \bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins \npWacomTabletPlugin.dll (Wacom) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll No File CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\GG \ggdrive\ggdrive-menu.dll No File CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox \bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox \bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox \bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox \bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox \bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox \bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox \bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox \bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kuba\AppData\Roaming\Dropbox \bin\DropboxExt64.26.dll (Dropbox, Inc.) ==================== Restore Points ========================= 22-06-2015 19:37:47 Zainstalowany program DirectX 23-06-2015 16:27:30 Windows Update 23-06-2015 21:31:57 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 23-06-2015 21:32:34 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 23-06-2015 21:32:46 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 23-06-2015 21:33:36 Zainstalowany program DirectX 27-06-2015 15:28:39 Zainstalowany program DirectX ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {17695013-37DE-45E6-8EFF-B13E9571EA58} - System32\Tasks\WINshell Event Logging => C:\Users\Kuba\AppData\Local\Temp\Dscp1.exe <==== ATTENTION Task: {366E2700-8E71-458E-A6BA-FABB8C8640EC} - System32\Tasks\{752F5C14-D134-49EB-AEA9-4E26A3C3CAF0} => pcalua.exe -a "C:\Users\Kuba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NISJP4H1\Firefox%20Setup%20Stub%2033.1[1].exe" -d C:\Users\Kuba\Desktop Task: {3DA7F6A6-61DC-429D-9F40-6AE2546F1B25} - \{65B2DFDA-CA9A-44CA-8084-AADF646BB635} No Task File <==== ATTENTION Task: {4EC7D0E4-A77D-4A92-BF30-D7FE79F37DC8} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {6A4D0715-262A-478C-9B53-DB8BD2B2EE1C} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-16] (Microsoft Corporation) Task: {72C627B9-8815-4CE3-968B-2C0A696664AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-29] (Adobe Systems Incorporated) Task: {78894A09-5ABF-41EE-84F3-BC0C676D1EA4} - System32\Tasks\Opera scheduled Autoupdate 1418931874 => d:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software) Task: {7D207B80-4FAC-4800-A55E-40DC76381354} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000Core => C:\Users\Kuba\AppData\Local\Dropbox \Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.) Task: {875F33C8-4A79-45F2-ADE2-E6341B9950A5} - System32\Tasks\AutoPico Daily Restart => d:\Program Files\KMSpico\AutoPico.exe [2014-03-02] () Task: {A1E61387-E3DA-4CFF-897C-D6B9C811331D} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-04-30] () Task: {A223B401-8F26-4303-9C6F-0F34F849FC8D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation) Task: {AECF0A82-8109-4AA6-861D-16DBAD81C24E} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink \InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {B4A03E12-18B3-43A4-8934-D60C86C73899} - System32\Tasks\{05D3C354-9436-41CB-9E60-E85480DD8D73} => pcalua.exe -a H:\autorun.exe -d H:\ Task: {BB8A0286-FE69-4898-B181-221805300DFC} - System32\Tasks\{286C3275-9585-401E-B1A0-9E0238932E58} => E:\Program Files (x86)\Kalypso Media\PortRoyale3_Extract.exe [2012-05- 20] () Task: {C8CC1364-209A-493F-89FB-AC768E32D3E8} - System32\Tasks\WINshell Event Notification => C:\Users\Kuba\AppData\Local\Temp\SBCint2.exe <==== ATTENTION Task: {CBBF7255-9101-42E7-A98A-E62A6E23FEA7} - System32\Tasks\{D4E3833C-FFFE-4BE5-BE8B-AC3833B63838} => pcalua.exe -a "E:\Program Files (x86)\GOG.com\Patrician 3\P3Setup.exe" -d "E:\Program Files (x86)\GOG.com\Patrician 3" Task: {D85B691E-9C99-46D8-A93D-A7B68F98800A} - System32\Tasks\AdobeAAMUpdater-1.0-Kuba-Komputer-Kuba => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA \UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {F26EA33E-B76F-4ED3-A1DE-44BE1EC3C0AB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000UA => C:\Users\Kuba\AppData\Local\Dropbox \Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.) Task: {F8D89394-FD2C-4583-867E-5582EEB37039} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000Core.job => C:\Users\Kuba\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000UA.job => C:\Users\Kuba\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (Whitelisted) ============== 2012-02-09 17:26 - 2012-02-09 17:26 - 00133632 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe 2012-02-09 17:26 - 2012-02-09 17:26 - 00048128 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll 2012-02-09 17:26 - 2012-02-09 17:26 - 00036864 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetDetect.dll 2015-06-29 19:45 - 2015-06-16 08:50 - 00281088 ___SH () C:\Program Files (x86)\LriedGvanellius\LriedGvanellius.exe 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-29 18:03 - 2013-06-06 04:09 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2014-11-15 01:12 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2014-11-01 00:27 - 2014-11-01 00:27 - 00183488 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2012-04-16 15:45 - 2012-04-16 15:45 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe 2012-09-28 06:50 - 2012-09-28 06:50 - 00272488 _____ () D:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll 2014-11-07 04:23 - 2014-11-07 04:23 - 00289792 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2015-03-21 20:40 - 2014-12-05 04:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2015-03-21 20:40 - 2014-12-05 04:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2011-08-15 21:12 - 2011-08-15 21:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll 2011-08-17 17:48 - 2011-08-17 17:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll 2011-08-15 21:15 - 2011-08-15 21:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll 2011-08-17 17:48 - 2011-08-17 17:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll 2011-08-15 20:23 - 2011-08-15 20:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll 2012-04-16 12:37 - 2012-04-16 12:37 - 00071680 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ServiceManagerStarter.dll 2011-08-15 21:12 - 2011-08-15 21:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll 2011-08-17 17:41 - 2011-08-17 17:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll 2012-04-16 12:42 - 2012-04-16 12:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll 2012-04-16 12:41 - 2012-04-16 12:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll 2012-04-16 12:56 - 2012-04-16 12:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2012-04-16 12:38 - 2012-04-16 12:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll 2011-07-19 17:05 - 2011-07-19 17:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtWebKit4.dll 2011-07-19 17:04 - 2011-07-19 17:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\phonon4.dll 2011-08-15 21:17 - 2011-08-15 21:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtGui4.dll 2015-05-09 20:07 - 2006-09-04 20:26 - 00014336 _____ () D:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll 2015-05-09 20:07 - 2014-09-26 10:18 - 00118784 _____ () D:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll 2015-05-09 20:07 - 2011-08-09 15:22 - 00450560 _____ () D:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll 2014-11-13 20:23 - 2009-03-26 15:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL 2014-11-13 20:23 - 2009-02-06 19:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL 2014-11-15 01:12 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2015-06-30 21:19 - 2015-06-30 21:19 - 00043008 _____ () c:\users\kuba\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppmy3gi.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Kuba\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Kuba\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Kuba\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Kuba\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Kuba\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Kuba\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Kuba\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2014-11-13 21:53 - 2014-01-04 02:20 - 34755072 _____ () C:\Users\Kuba\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2014-11-07 04:21 - 2014-11-07 04:21 - 00193024 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll 2015-06-30 21:19 - 2014-12-05 04:27 - 00104328 _____ () C:\Users\Kuba\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-13 21:53 - 2014-01-04 02:20 - 00970240 _____ () C:\Users\Kuba\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\ffmpegsumo.dll 2015-06-22 22:02 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll 2015-06-22 22:02 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll 2014-11-16 13:41 - 2014-11-16 13:41 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2dace9622c68c6ce58d55a6950eeaa95\IsdiInterop.ni.dll 2014-11-13 19:05 - 2012-05-30 14:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll 2014-11-13 19:07 - 2012-07-18 20:55 - 01198912 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll 2015-06-22 22:02 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tulvae => ""="service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: 217.172.224.160 - 89.231.1.206 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{4B3245CE-E8FE-4711-A48A-C2E248EE3922}] => (Allow) LPort=54925 FirewallRules: [{607D5EFC-AA2B-4941-BCF9-E8F3E600E05F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F3452563-282D-46BF-8D58-96FB48E8ED2B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{38E51370-8BB1-4BB9-B2EA-2A452C2E6F09}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F7AF9880-E055-4D14-A9E9-948B095060AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C67DB698-49B1-43CB-BD55-941F4E4197D0}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe FirewallRules: [{1CF3CE1F-4A32-4E58-845A-61F9B6DE13BC}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe FirewallRules: [{145DE055-1694-4DCB-A974-251FC5A60E12}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe FirewallRules: [{9E7CA784-FE85-41E6-BFAD-B7B936B2272D}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe FirewallRules: [{036F52E8-45FA-4725-8128-C1AB2660C24E}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe FirewallRules: [{98BAE858-2C36-41F5-96CF-24FB31284B4D}] => (Allow) D:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe FirewallRules: [{15BBF73C-BFF3-4F75-81D4-FEE914E5B2BE}] => (Allow) D:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{D8687349-C7D5-43CB-B455-55CBBA58AFAB}] => (Allow) D:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{CBCF0B8D-908C-4403-B217-0D4BFD515E85}] => (Allow) C:\Users\Kuba\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{E4A17B95-99BF-441F-B178-6CD9818D06A4}] => (Allow) C:\Users\Kuba\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{03683E42-2BB7-4BC6-875F-5D909E02CE4D}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A79E32FB-756E-451F-91CE-329FF3BE49C6}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7ECE8992-1D84-4DCE-A0BD-7CD0FC81913A}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DEB77D26-8BD2-48F1-B906-344270FA2CAD}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DDEBA640-A037-46B6-887F-939F1537BB33}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{CFE179F2-8231-461C-AE82-29ADE3C37BD7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{BF58C16D-0F7D-48AC-A0C7-23B4C469ED22}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grid\grid.exe FirewallRules: [{90C13255-DD78-45BC-A32F-555C55F81DC9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grid\grid.exe FirewallRules: [{D94D2ACB-BB8C-433A-AD6F-9865B61B7D2F}] => (Allow) E:\Games\Dragon Age\DAOriginsLauncher.exe FirewallRules: [{1B8E0B49-63BA-449F-AFD6-ECB9CBF31E54}] => (Allow) E:\Games\Dragon Age\DAOriginsLauncher.exe FirewallRules: [{8E8F6045-B091-42CE-97C2-6928E6E4A28E}] => (Allow) E:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe FirewallRules: [{0249BCC4-D810-4F4F-866E-AF6B5C3FD81F}] => (Allow) E:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe FirewallRules: [{2C6FEED9-7621-457C-B196-3701987D8DF8}] => (Allow) d:\Program Files\KeyShot5\bin\keyshot5.exe FirewallRules: [{C997A971-4D30-43EE-97ED-A1AD20F3956B}] => (Allow) d:\Program Files\KeyShot5\bin\keyshot_daemon.exe FirewallRules: [{A89B26DC-CC93-4F06-8D8A-3817837BAFDC}] => (Allow) E:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{D679AE2E-ABA2-4F3B-AA55-083258665EE8}] => (Allow) E:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{CE6EFE4D-9B3A-47D0-9DAA-E9BDC6B24651}] => (Allow) E:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{23F00BC8-5ABC-47D1-B132-64473A43854C}] => (Allow) E:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{BC2CB47E-1C59-4990-B52B-64410FFD8B92}] => (Allow) E:\Games\Dragon Age\bin_ship\daorigins.exe FirewallRules: [{6B1885FF-6FD1-418B-93D3-ABB8F1DF690C}] => (Allow) E:\Games\Dragon Age\bin_ship\daorigins.exe FirewallRules: [{45F781DA-0505-4F58-AF14-96C08F1A0F0E}] => (Allow) E:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{95E289F3-CEAB-4EEF-82AA-DB37C1C915DB}] => (Allow) E:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{0223EF3C-E686-4531-816C-4D606681417B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe FirewallRules: [{CC5D72FD-4763-491B-8769-1AF4793E232C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe FirewallRules: [{04D2F3A4-922F-46A7-B25E-C134737D595B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3.exe FirewallRules: [{FC1432B0-E3A0-4252-9760-ADA4591D94BD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3.exe FirewallRules: [{7259F08A-B777-4527-B5D9-3C8B0153D1A9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3_Debug.exe FirewallRules: [{604E8495-2AA1-4EF3-8797-E0861ABF2B3F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3_Debug.exe FirewallRules: [{8B714C14-98F7-4DAC-83C8-3088AA196455}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{16F81846-2414-4488-A17F-6A7F608EF502}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{87C022C7-8AEE-4606-9A51-5BDBB67FCF95}] => (Allow) E:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat FirewallRules: [{235ABB2C-4DA2-48F0-B5B5-77E677641DF5}] => (Allow) E:\Program Files (x86)\Electronic Arts\Bitwa o Śródziemie II\game.dat FirewallRules: [{38851F4A-E4CB-471B-9C01-D3C5F2434698}] => (Allow) E:\Program Files (x86)\Electronic Arts\Król Nazguli\game.dat FirewallRules: [{45C80CCE-1AC5-4579-BCD6-AA15C385B49E}] => (Allow) E:\Program Files (x86)\Electronic Arts\Król Nazguli\game.dat FirewallRules: [{367ED138-8ED4-4BF4-BA1B-CB52081A6AEB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe FirewallRules: [{1B9F9010-7855-401D-9392-369E2DB0285E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dungeon of the Endless\DungeonoftheEndless.exe FirewallRules: [{0651B92F-675B-4989-89EE-9391E5A1F012}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7A6C29DE-8AC9-409E-B06E-7FECD11B3D02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AAFEE9EA-777C-4E12-AE88-11FB802794E3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{95AF810A-04F1-4FE6-B765-1DAF5634C3E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{4CDEB0EC-A74C-4BDA-A777-2B6C6D3DE233}] => (Allow) E:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe FirewallRules: [{A41075A8-98AA-478C-96CB-59DDAC857954}] => (Allow) E:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe FirewallRules: [{C8A4D50C-E2B2-41C0-8F03-489F10245BF1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{BB4BFBC9-49DE-40CE-A820-88FC13CABC5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{41E15621-4941-4743-A5F0-6F997AB3738E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{84DCA3F8-5543-4B3B-913D-440B647CF5B8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{458EFE31-F02E-4D3C-B7D5-F2C61BB90FF9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities in Motion 2\CIM2.exe FirewallRules: [{8C8231B5-0108-4EA1-8BEC-3383FC98DD6D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities in Motion 2\CIM2.exe FirewallRules: [{257A10D0-3AF4-4A66-83F1-BB4819DA3E24}] => (Allow) E:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe FirewallRules: [{66EB2364-A029-4808-AF4F-EEE2E86F6F8D}] => (Allow) E:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe FirewallRules: [{1ABDBDE4-3F64-4066-ADAC-B7EDF9F725C9}] => (Allow) E:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe FirewallRules: [{120F3BF9-6BEA-42CF-BEB5-48EBF3FED042}] => (Allow) E:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe FirewallRules: [{018260FE-531E-4F45-9400-3039AFA88D5F}] => (Allow) E:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{1186A023-2D59-4640-ADA8-52B5E5AD5CCF}] => (Allow) E:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{E49BDF87-52B7-4D5A-B155-5523093DB980}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{3EDBC4DF-DB20-4222-A705-67E0DAEB1D28}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{15C9CD1A-A017-41BD-A4A0-BD5089A7CD89}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{5A0EAC91-2A39-48E0-BAE7-ED24CE8D99DF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{6F320C9B-D800-4A63-BD1F-DBFD937BCBC9}] => (Allow) D:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{65C75335-576E-42C1-8FFF-35FD12422FEE}] => (Allow) D:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{2E8BBA40-7E6E-4ADF-87D8-0B00AAB6A6F5}] => (Allow) D:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [{F787E07A-0C9D-46A6-91B1-9D5AAA45C0CA}] => (Allow) D:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [{B9C34821-3B52-497A-BCCE-8E56EF791A99}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{9D7B7EA6-2BFC-4878-AA3D-773B8CFEA60A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{11FB6F25-A55D-4DDA-A3F6-7DB57DF055BC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{9BECE8F2-6794-4234-9F7D-A749E088264B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{366CD1D2-0810-4324-B34C-CE8EE35779F3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\TerraTech Beta\TerraTechWin64.exe FirewallRules: [{EAE4C0A1-7BF4-4290-8D43-91B554B2E4A3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\TerraTech Beta\TerraTechWin64.exe FirewallRules: [{48A4CABB-2268-41B6-80CE-D28FC32B3845}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe FirewallRules: [{4CC6DF2D-3F10-466D-BE54-76A3C1CA2E83}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\AoW3\AoW3Launcher.exe FirewallRules: [{7C8CBE57-834C-4A16-B0DA-A7F6B4A4BCB4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\KingArthurII\KingArthurII.exe FirewallRules: [{FE941E09-34AA-4B1C-BAB7-D91D57B27061}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\KingArthurII\KingArthurII.exe FirewallRules: [{369180C8-94E4-4604-89BA-B5EC5755EB4D}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{597463BF-299D-44E6-B4AF-391144237A10}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{26CAC777-E8C8-48EF-A7A5-AEE07FC8E2C1}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{4945E03D-DEAF-499D-BECE-C2E427DE4259}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9B4CE312-C5A5-4D6E-BB04-A7BB0F6E1801}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe FirewallRules: [{6FF68EB1-419F-4E56-BA55-4FEC61EA6CE5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe FirewallRules: [{50259DE4-C7EB-44DA-800E-6E99376DAB87}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries \Win64\MarvelHeroes2015.exe FirewallRules: [{B1CD9D78-EFBF-46A2-ADEF-52FD952EB2F2}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries \Win64\MarvelHeroes2015.exe FirewallRules: [{3B338015-DC32-45A2-B874-5A4A04349136}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe FirewallRules: [{438B9B55-BC88-4DC4-9466-62A3F4F08271}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SleepingDogsDefinitiveEdition\sdhdship.exe FirewallRules: [{64F501E0-1669-4E61-A300-528011A6E75E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{5A456824-DB7B-4255-8EE0-ECDA687105DD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{228F63CC-29C5-463C-9571-15C8D896E2DF}] => (Allow) E:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{F466F7D2-73F7-4BF3-8DC4-6CBC640DFD1F}] => (Allow) E:\Program Files (x86)\Origin Games\Ultima 8\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{EEB9AA78-0E20-45A8-BA8B-9D0D0877BEC6}] => (Allow) E:\Games\Grey Goo\ClientLauncherG.cdx FirewallRules: [{C7364417-23E0-4C49-92B1-02DF986DC8DC}] => (Allow) E:\Games\Grey Goo\ClientLauncherG.cdx FirewallRules: [{550E0F9A-533F-4870-8F09-25AE19FA7C62}] => (Allow) E:\Games\Grey Goo\GooG.cdx FirewallRules: [{35293695-4F43-43E3-82F2-74DC660D1312}] => (Allow) E:\Games\Grey Goo\GooG.cdx FirewallRules: [{83004C98-E4A2-4E1E-92A5-4B1CF78FB09D}] => (Allow) E:\Games\Grey Goo\InstanceServerG.cdx FirewallRules: [{734A75EF-8781-4EDA-AB78-105DF9F937FF}] => (Allow) E:\Games\Grey Goo\InstanceServerG.cdx FirewallRules: [{97717030-C8B7-4A08-B073-BD5F022704BB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{5592F8BA-090D-4D52-8B6B-A11B1D90E385}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{3D3D33E1-3797-486A-966E-0F01A9DF8C77}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe FirewallRules: [{62A33B57-C8C7-4EB1-9168-FD194F35F6B6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe FirewallRules: [{E0F5FBCE-7C18-4E31-B371-82EAAFC0FA94}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2 - Beta\RelicCoH2.exe FirewallRules: [{EEB1286C-1ABE-4912-8B4D-661277388C38}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2 - Beta\RelicCoH2.exe FirewallRules: [{FEED9DA6-86AA-4EFF-AB19-E62410C67A1C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes\RelicCOH.exe FirewallRules: [{839B55C8-56B2-4830-9CFB-24926BB4D4BD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Company of Heroes\RelicCOH.exe FirewallRules: [{FF29A07C-9F45-4394-9A24-17D34125A67E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{3D8C3FD7-B76F-4419-A662-F02E919AB5D7}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{73AD9650-28A8-4AB8-878E-A6E006CB5728}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{F6C4EE5B-7F93-4ECD-83DE-59030B2172C4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{B74C00D9-E267-438B-9B4A-11533CD12F89}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{12672488-B0D2-43C2-9CEF-6112C4D9E392}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{C19AF0C4-8CC3-477D-A2D3-D33E5196F39A}] => (Allow) LPort=1688 FirewallRules: [{4F4E4296-5C50-4F70-ABAD-8AAEA91B547D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Creeper World 3\CW3.exe FirewallRules: [{A1A307D6-B5E2-4595-89C4-6CFEE43D51E8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Creeper World 3\CW3.exe FirewallRules: [{68077BAF-8CB9-4B8A-AFE9-3F50165EDFA5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe FirewallRules: [{97EBF91A-1203-429C-B957-562426C51C90}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CastleCrashers\castle.exe FirewallRules: [{194B76B8-42B2-47F6-A962-F54D7FFC06B1}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dominions4\Dominions4.exe FirewallRules: [{8C3C1173-B4C0-4939-8BAD-33E98AB7C966}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Dominions4\Dominions4.exe FirewallRules: [{3438E433-5619-4E59-85E4-87B1F5EB877E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe FirewallRules: [{C00D0B12-6716-473A-ACBF-74CDF82262A6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe FirewallRules: [{221E1DEE-CE5E-4FC9-B2A6-308917E3BA17}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe FirewallRules: [{19C4F7A6-DB3D-491E-9F11-43994FC62EEF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe FirewallRules: [{EA1493A7-A081-44B1-94EC-2E2E0E15B35B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Train Fever\TrainFever.exe FirewallRules: [{76111F17-3610-4558-9202-DDC138224AE4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Train Fever\TrainFever.exe FirewallRules: [{1BDD97BA-8336-4EF6-837A-A65926353487}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe FirewallRules: [{86FF5AB4-A39E-4362-93F8-E6233A023EF6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe FirewallRules: [{15185ABB-44D2-4BB8-B753-6B0C05B82453}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{7BA95EAD-3FAF-4188-9C5D-96E570EB0C8A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{23DB13FC-0D13-4DF3-B43C-A30AB9DC10A4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe FirewallRules: [{8A5EA8D9-5DD0-47C1-A203-C420FCA9808D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GemCraft Chasing Shadows\GemCraft Chasing Shadows.exe FirewallRules: [{B2667E25-8FD7-49E7-B95D-CF90A5FDD018}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe FirewallRules: [{59B21C53-52D9-4CC4-B5AF-D51F100AC21E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe FirewallRules: [{686A9CB3-8C99-4620-A5BB-2E365B327EBB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe FirewallRules: [{E7C09A64-FB80-4BAC-BB3A-8E6E8B2CFCAD}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe FirewallRules: [{AD62234D-087D-4415-B65C-F9B53DDE1274}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe FirewallRules: [{9EDCAF4B-A2D0-41F1-8EFE-679C8A29FD06}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe FirewallRules: [{8936A40C-3447-4B2D-B82D-8D7E60DEE949}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{BAD8071F-CD54-4744-8BF4-72A65F82B34B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe FirewallRules: [{A0836661-070E-4243-B5E8-C5588F9EE742}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe FirewallRules: [{37916415-58BE-412F-8CF6-70C99EC21F62}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{5A52E8F8-043A-4C33-9D97-ED71CE5D76D6}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{3EDE206A-7CC3-4AB2-8CD0-BF8108263219}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{24AE150C-967A-466E-923A-F96A5D44C68B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{C301B92F-B6D8-4F59-BD35-EC7874948B41}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{1A24FFB4-D6CE-4A3B-B059-54A034A7C53B}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{99E0CB6D-3B11-4B99-A042-38D5E82331AF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe FirewallRules: [{FE857ABF-C744-4BCD-9C84-DF9E7CA59891}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Total War Arena\launcher\launcher.exe FirewallRules: [{13880CF9-BE99-4D33-85CA-A0973557A076}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe FirewallRules: [{FABE9325-5D9A-4FE5-BCB2-B44812CB0386}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Ticket to Ride\Ticket to Ride.exe FirewallRules: [{14DB8DF2-E254-4CA8-9D6D-60C51B3D2C71}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe FirewallRules: [{8C8B1B4C-5D28-40E4-88E9-5E15F533EB51}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe FirewallRules: [{BC6963E8-77B2-4819-9111-AECDA5A6150A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\MagickaWotST\iMagicka.exe FirewallRules: [{C624A54F-A8CD-47F1-9136-6675A5429F4F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\MagickaWotST\iMagicka.exe FirewallRules: [{039A923A-3803-4D24-9392-39C7B7E3DF9A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{F87D9E4D-2857-4F01-8085-6947EAB9CD5F}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{B961D848-4D92-4AD2-9C72-98D1503F1BCE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe FirewallRules: [{2DF67460-9D47-4669-B025-2094FC1015D9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\CraftTheWorld\CraftWorld.exe FirewallRules: [{7E6E9DC8-09C6-4F09-a3FA-BB3715E8B3A7}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXE FirewallRules: [{FD14DB2D-91F5-4833-A2DC-F767DCCCA8E1}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXE FirewallRules: [{BD0C0999-5A63-464E-A1FB-59EB0CEFB34E}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXE FirewallRules: [{A038116F-7F3E-41B3-A50F-960A289DC964}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXE FirewallRules: [{914C2546-31A8-43CC-B755-464C36A03C19}] => (Allow) C:\ProgramData\VagJelr\evoiavi.EXE ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (06/30/2015 09:18:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Service_KMS.exe, wersja: 13.0.0.0, sygnatura czasowa: 0x5312d36b Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0x00000000 Przesunięcie błędu: 0x000007fe96ee0368 Identyfikator procesu powodującego błąd: 0x9d8 Godzina uruchomienia aplikacji powodującej błąd: 0xService_KMS.exe0 Ścieżka aplikacji powodującej błąd: Service_KMS.exe1 Ścieżka modułu powodującego błąd: Service_KMS.exe2 Identyfikator raportu: Service_KMS.exe3 Error: (06/30/2015 09:18:06 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 07:25:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Service_KMS.exe, wersja: 13.0.0.0, sygnatura czasowa: 0x5312d36b Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0x00000000 Przesunięcie błędu: 0x000007fe99190368 Identyfikator procesu powodującego błąd: 0x940 Godzina uruchomienia aplikacji powodującej błąd: 0xService_KMS.exe0 Ścieżka aplikacji powodującej błąd: Service_KMS.exe1 Ścieżka modułu powodującego błąd: Service_KMS.exe2 Identyfikator raportu: Service_KMS.exe3 Error: (06/30/2015 07:25:15 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 07:24:12 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 07:14:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Service_KMS.exe, wersja: 13.0.0.0, sygnatura czasowa: 0x5312d36b Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0x00000000 Przesunięcie błędu: 0x000007fe98bf0368 Identyfikator procesu powodującego błąd: 0x954 Godzina uruchomienia aplikacji powodującej błąd: 0xService_KMS.exe0 Ścieżka aplikacji powodującej błąd: Service_KMS.exe1 Ścieżka modułu powodującego błąd: Service_KMS.exe2 Identyfikator raportu: Service_KMS.exe3 Error: (06/30/2015 07:12:34 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 07:11:12 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 06:34:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Service_KMS.exe, wersja: 13.0.0.0, sygnatura czasowa: 0x5312d36b Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0x00000000 Przesunięcie błędu: 0x000007fe98ed0368 Identyfikator procesu powodującego błąd: 0x934 Godzina uruchomienia aplikacji powodującej błąd: 0xService_KMS.exe0 Ścieżka aplikacji powodującej błąd: Service_KMS.exe1 Ścieżka modułu powodującego błąd: Service_KMS.exe2 Identyfikator raportu: Service_KMS.exe3 Error: (06/30/2015 06:33:47 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 System errors: ============= Error: (06/30/2015 09:20:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%2 Error: (06/30/2015 09:19:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Service KMSELDI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/30/2015 07:27:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Google Update (gupdate) z powodu następującego błędu: %%2 Error: (06/30/2015 07:26:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Service KMSELDI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/30/2015 07:24:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Intel® Capability Licensing Service Interface niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/30/2015 07:24:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa LriedGvanellius niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 1000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/30/2015 07:24:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator modułów systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/30/2015 07:24:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel® ME Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/30/2015 07:24:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel® Rapid Storage Technology niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/30/2015 07:24:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel® Management and Security Application User Notification Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office: ========================= Error: (06/30/2015 09:18:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Service_KMS.exe13.0.0.05312d36bunknown0.0.0.00000000000000000000007fe96ee03689d801d0b36981121dbbd:\Program Files\KMSpico\Service_KMS.exeunknownd6db6df4-1f5c-11e5 -8637-bc5ff4711915 Error: (06/30/2015 09:18:06 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 07:25:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Service_KMS.exe13.0.0.05312d36bunknown0.0.0.00000000000000000000007fe9919036894001d0b359bc3cf26cd:\Program Files\KMSpico\Service_KMS.exeunknown0e8028ba-1f4d-11e5 -8e41-bc5ff4711915 Error: (06/30/2015 07:25:15 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 07:24:12 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 07:14:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Service_KMS.exe13.0.0.05312d36bunknown0.0.0.00000000000000000000007fe98bf036895401d0b357f0838e0dd:\Program Files\KMSpico\Service_KMS.exeunknown7327dc15-1f4b-11e5 -8ac8-bc5ff4711915 Error: (06/30/2015 07:12:34 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 07:11:12 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (06/30/2015 06:34:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Service_KMS.exe13.0.0.05312d36bunknown0.0.0.00000000000000000000007fe98ed036893401d0b3528b6b022ad:\Program Files\KMSpico\Service_KMS.exeunknowndb403d9f-1f45-11e5 -8d8e-bc5ff4711915 Error: (06/30/2015 06:33:47 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 CodeIntegrity Errors: =================================== Date: 2015-05-21 19:33:33.696 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\mc2959C.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-21 19:33:33.665 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\mc2959C.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-21 20:30:11.488 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\mc2D339.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-21 20:30:11.419 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Kuba\AppData\Local\Temp\mc2D339.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-13 14:54:09.668 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-13 14:54:09.615 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-13 13:31:01.682 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-13 13:31:01.604 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-12 22:34:23.078 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-12 22:34:23.000 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel® Core i5-3350P CPU @ 3.10GHz Percentage of memory in use: 61% Total physical RAM: 8140.81 MB Available physical RAM: 3134.2 MB Total Pagefile: 16279.83 MB Available Pagefile: 10640.49 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:146.48 GB) (Free:58.03 GB) NTFS Drive d: () (Fixed) (Total:117.19 GB) (Free:91.06 GB) NTFS Drive e: () (Fixed) (Total:667.74 GB) (Free:126.61 GB) NTFS Drive j: (USB DISK) (Removable) (Total:3.61 GB) (Free:2.33 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 77BCF882) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=117.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=667.7 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 3.6 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=3.6 GB) - (Type=0B) ==================== End of log ============================ RogueKiller V10.8.7.0 [Jun 29 2015] od Adlice Software e-mail : http://www.adlice.com/contact/ Komentarze : http://forum.adlice.com Strona internetowa : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com System operacyjny : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Uruchomiono : Tryb normalny Użytkownik : Kuba [Administrator] Uruchomiony z : C:\Users\Kuba\Downloads\RogueKiller.exe Tryb : Skanowanie -- Data : 06/30/2015 22:08:24 ¤¤¤ Procesy : 0 ¤¤¤ ¤¤¤ Rejestr : 18 ¤¤¤ [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay1 | (default) : {E68D0A50-3C40-4712-B90D-DCFA93FF2534} [x] -> Znaleziono [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay2 | (default) : {E68D0A51-3C40-4712-B90D-DCFA93FF2534} [x] -> Znaleziono [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay3 | (default) : {E68D0A52-3C40-4712-B90D-DCFA93FF2534} [x] -> Znaleziono [suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay4 | (default) : {E68D0A53-3C40-4712-B90D-DCFA93FF2534} [x] -> Znaleziono [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Znaleziono [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Znaleziono [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:9880 -> Znaleziono [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:9880 -> Znaleziono [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 217.172.224.160 89.231.1.206 [-][(Unknown Country?) (XX)] -> Znaleziono [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 217.172.224.160 89.231.1.206 [-][(Unknown Country?) (XX)] -> Znaleziono [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 217.172.224.160 89.231.1.206 [-][(Unknown Country?) (XX)] -> Znaleziono [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3DD15206-C53D-44D4-B89D-35C1E7DC0E7F} | DhcpNameServer : 217.172.224.160 89.231.1.206 [-][(Unknown Country?) (XX)] -> Znaleziono [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3DD15206-C53D-44D4-B89D-35C1E7DC0E7F} | DhcpNameServer : 217.172.224.160 89.231.1.206 [-][(Unknown Country?) (XX)] -> Znaleziono [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3DD15206-C53D-44D4-B89D-35C1E7DC0E7F} | DhcpNameServer : 217.172.224.160 89.231.1.206 [-][(Unknown Country?) (XX)] -> Znaleziono [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Znaleziono [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Znaleziono [PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Znaleziono [PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Znaleziono ¤¤¤ Zaplanowane zadania : 2 ¤¤¤ [suspicious.Path] \\WINshell Event Logging -- "C:\Users\Kuba\AppData\Local\Temp\Dscp1.exe" -> Znaleziono [suspicious.Path] \\WINshell Event Notification -- "C:\Users\Kuba\AppData\Local\Temp\SBCint2.exe" -> Znaleziono ¤¤¤ Pliki : 0 ¤¤¤ ¤¤¤ Plik hosts : 0 ¤¤¤ ¤¤¤ Rootkity : 0 (Driver: Nie załadowano [0xc000036b]) ¤¤¤ ¤¤¤ Przeglądarki : 0 ¤¤¤ ¤¤¤ Sprawdzenie MBR : ¤¤¤ +++++ PhysicalDrive0: WDC WD10EZEX-00RKKA0 +++++ --- User --- [MBR] a7459b63e31c65074d87c4222561a453 [bSP] 134ca19c8312fc416145445a5d841747 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 150000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 307406848 | Size: 120000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 553166848 | Size: 683766 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Mass Storage Device USB Device +++++ Error reading User MBR! ([15] Urz?dzenie nie jest gotowe. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] ??danie nie jest obs?ugiwane. ) +++++ PhysicalDrive2: USB DISK 2.0 USB Device +++++ --- User --- [MBR] ab3a92b2c7b94063d5c1e1699c6461ed [bSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code Partition table: 0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 8064 | Size: 3696 MB Error reading LL1 MBR! ([5aa] Zasoby systemowe nie wystarczaj? do uko?czenia ??danej us?ugi. ) Error reading LL2 MBR! ([32] ??danie nie jest obs?ugiwane. ) ============================================ RKreport_SCN_06302015_215920.log

Hi, thanks for reply. There are logs: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 2015-06-30 Scan Time: 21:00 Logfile: Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.06.30.06 Rootkit Database: v2015.06.30.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Kuba Scan Type: Threat Scan Result: Completed Objects Scanned: 451875 Time Elapsed: 13 min, 54 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 1 PUM.Bad.Proxy, HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:9880, Quarantined, [6c722799800a5fd7462ebe60788ce51b] Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 2 PUP.Optional.ShoppingGate.A, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, Delete-on-Reboot, [c6184878ec9eb581bce7f043ef15c53b], PUP.Optional.ShoppingGate.A, C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, Delete-on-Reboot, [a539c1ff2e5c61d5e6bd38fb91736d93], Physical Sectors: 0 (No malicious items detected) (end) Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01 Ran by Kuba (administrator) on KUBA-KOMPUTER on 30-06-2015 21:25:21 Running from C:\Users\Kuba\Downloads Loaded Profiles: Kuba (Available Profiles: Kuba) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Dassault Systemes) D:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe () C:\Program Files (x86)\LriedGvanellius\LriedGvanellius.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe (TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe () C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (OLYMPUS IMAGING CORP.) D:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe (FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Creative Technology Ltd) D:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Power Software Ltd) D:\Program Files (x86)\PowerISO\PWRISOVM.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (Dassault Systèmes SolidWorks Corp.) D:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe (Dropbox, Inc.) C:\Users\Kuba\AppData\Roaming\Dropbox\bin\Dropbox.exe (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe () C:\Program Files (x86)\LriedGvanellius\LriedGvanellius.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Autodesk Inc.) C:\Users\Kuba\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe (Razer, Inc.) C:\Users\Kuba\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Farbar) C:\Users\Kuba\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-10-19] (cFos Software GmbH) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation) HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation) HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2014-11-13] (FNet Co., Ltd.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [VolPanel] => d:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.) HKLM-x32\...\Run: [PWRISOVM.EXE] => d:\Program Files (x86)\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd) HKLM-x32\...\Run: [bCSSync] => D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-31] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [OV3_Monitor] => d:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [55664 2015-02-05] (OLYMPUS IMAGING CORP.) HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2015-04-30] (Nota Inc.) HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\Run: [OV3_Monitor] => D:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [420208 2015-02-05] (OLYMPUS IMAGING CORP.) HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\Run: [Dropbox Update] => C:\Users\Kuba\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.) HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\MountPoints2: G - G:\Launcher.exe HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\MountPoints2: H - H:\setup.exe HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\MountPoints2: I - I:\setup.exe HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\...\MountPoints2: {b45236cd-6ab1-11e4-abd9-806e6f6e6963} - F:\ASRSetup.exe HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-15] (Microsoft Corporation) IFEO\CCleaner64.exe: [Debugger] svchost.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk [2014-11-15] ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Pobieracz w tle.lnk [2014-11-15] ShortcutTarget: SolidWorks Pobieracz w tle.lnk -> C:\Program Files (x86)\Common Files\Menedżer instalacji SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.) Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-17] ShortcutTarget: Dropbox.lnk -> C:\Users\Kuba\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll No File ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kuba\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [s-1-5-21-1149661289-1221717445-1824185903-1000] => Internet Explorer proxy is enabled ProxyServer: [s-1-5-21-1149661289-1221717445-1824185903-1000] => http=127.0.0.1:9880 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\S-1-5-21-1149661289-1221717445-1824185903-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1149661289-1221717445-1824185903-1000 -> {390B3803-824C-412d-AFFB-CA53EA1E25C4} URL = http://www.google.com/custom?client=pub- 3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC %3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> D:\Program Files\StatSoft\STATISTICA 12 Trial\StaBHO.dll [2015-01-12] (StatSoft, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-06] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> D:\Program Files\StatSoft\STATISTICA 12 Trial\Support\StaBHO.dll [2015-01-12] (StatSoft, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-06] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206 Tcpip\..\Interfaces\{3DD15206-C53D-44D4-B89D-35C1E7DC0E7F}: [DhcpNameServer] 217.172.224.160 89.231.1.206 FireFox: ======== FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\wexac792.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-29] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-29] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06 -07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-06] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> d:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems) FF Plugin HKU\S-1-5-21-1149661289-1221717445-1824185903-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Extension: Gmail Manager - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\wexac792.default\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi [2014-11-13] FF Extension: Adblock Plus - C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\wexac792.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-13] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default Opera: ======= StartMenuInternet: (HKLM) OperaStable - d:\Program Files (x86)\Opera\Launcher.exe http://www.mystartsearch.com/? type=sc&ts=1435599324&z=91f859910ea880a6ecf7893g6z4ccw0w7tftdcco2z&from=wpc&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S029552395523 ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.) R2 BBDemon; d:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [36864 2007-05-04] (Dassault Systemes) [File not signed] R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed] R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH) S3 CoordinatorServiceHost; D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [76904 2012-09-28] (Dassault Systèmes SolidWorks Corp.) S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-11-13] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-11-13] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-12-19] (Creative Technology Ltd) [File not signed] R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation) R2 LriedGvanellius; C:\Program Files (x86)\LriedGvanellius\LriedGvanellius.exe [281088 2015-06-16] () [File not signed] <==== ATTENTION S2 MBAMService; d:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 mi-raysat_3dsmax2015_64; D:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed] S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation) S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-17] (Electronic Arts) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-11-01] () S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-11-15] (SolidWorks) [File not signed] R2 TeamViewer; d:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-02-23] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-02-23] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-02-23] (ESET) R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-02-23] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-02-23] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-02-23] (ESET) R3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-05-26] (FNet Co., Ltd.) R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-11-13] (FNet Co., Ltd.) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-06-30] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-09-05] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-11-01] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.) R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31912 2014-09-05] (Razer Inc) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-06-30] () ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-30 19:19 - 2015-06-30 19:19 - 00448512 _____ (OldTimer Tools) C:\Users\Kuba\Downloads\TFC.exe 2015-06-30 18:01 - 2015-06-30 21:18 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2015-06-30 17:14 - 2015-06-30 17:14 - 00011678 _____ C:\Users\Kuba\Desktop\malware.txt 2015-06-30 17:00 - 2015-06-30 21:22 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-30 17:00 - 2015-06-30 20:58 - 00000781 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-06-30 17:00 - 2015-06-30 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-06-30 17:00 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-30 17:00 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-30 17:00 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-30 16:59 - 2015-06-30 16:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Kuba\Downloads\mbam-setup-2.0.4.1028.exe 2015-06-29 22:37 - 2015-06-29 22:37 - 02244096 _____ C:\Users\Kuba\Downloads\adwcleaner_4.207.exe 2015-06-29 22:36 - 2015-06-29 22:36 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\Kuba\Downloads\flashplayer18au_ha_install.exe 2015-06-29 20:35 - 2015-06-29 20:35 - 02112512 _____ (Farbar) C:\Users\Kuba\Downloads\FRST64 (1).exe 2015-06-29 20:13 - 2015-06-29 20:13 - 00122480 _____ C:\Users\Kuba\Downloads\Shortcut.txt 2015-06-29 20:11 - 2015-06-29 20:13 - 00083717 _____ C:\Users\Kuba\Downloads\Addition.txt 2015-06-29 20:10 - 2015-06-30 21:25 - 00030500 _____ C:\Users\Kuba\Downloads\FRST.txt 2015-06-29 20:07 - 2015-06-29 20:07 - 02112512 _____ (Farbar) C:\Users\Kuba\Downloads\FRST64.exe 2015-06-29 19:45 - 2015-06-29 19:45 - 00000000 __SHD C:\Program Files (x86)\LriedGvanellius 2015-06-29 19:39 - 2015-06-29 19:39 - 00004688 _____ C:\Windows\SysWOW64\Tulvae.ini 2015-06-29 19:37 - 2015-06-29 19:38 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-06-29 19:37 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hp.bak 2015-06-29 17:41 - 2015-06-29 17:41 - 00000222 _____ C:\Users\Kuba\Desktop\Craft The World.url 2015-06-27 20:00 - 2015-06-27 20:00 - 00000000 ____D C:\Users\Kuba\AppData\Local\tt 2015-06-27 19:59 - 2015-06-27 19:59 - 00000000 ____D C:\Users\Kuba\AppData\Local\Ticket to Ride 2015-06-26 19:12 - 2015-06-26 19:12 - 00000222 _____ C:\Users\Kuba\Desktop\Clicker Heroes.url 2015-06-26 19:12 - 2015-06-26 19:12 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\com.playsaurus.heroclicker 2015-06-24 20:37 - 2015-06-24 20:37 - 00000802 _____ C:\Users\Kuba\Desktop\Car Mechanic Simulator 2015.lnk 2015-06-24 20:37 - 2015-06-24 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Car Mechanic Simulator 2015 2015-06-24 20:29 - 2015-06-24 20:29 - 00000222 _____ C:\Users\Kuba\Desktop\Magicka Wizards of the Square Tablet.url 2015-06-24 20:26 - 2015-06-24 20:26 - 00000221 _____ C:\Users\Kuba\Desktop\Magicka.url 2015-06-24 20:07 - 2015-06-24 20:07 - 00000222 _____ C:\Users\Kuba\Desktop\Ticket to Ride.url 2015-06-23 21:34 - 2015-06-23 21:34 - 00000000 ____D C:\Users\Kuba\Documents\SavedGames 2015-06-23 21:33 - 2015-06-23 21:33 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA 2015-06-22 19:39 - 2015-06-23 19:50 - 00000000 ____D C:\Users\Kuba\AppData\Local\The Witcher 2015-06-22 19:39 - 2015-06-22 20:25 - 00000000 ____D C:\Users\Kuba\Documents\The Witcher 2015-06-22 19:37 - 2015-06-22 19:37 - 00000000 ____D C:\Users\Public\Documents\The Witcher 2015-06-22 17:55 - 2015-06-22 17:55 - 00000222 _____ C:\Users\Kuba\Desktop\Age of Empires III Complete Collection.url 2015-06-22 17:55 - 2015-06-22 17:55 - 00000221 _____ C:\Users\Kuba\Desktop\The Witcher Enhanced Edition.url 2015-06-22 17:55 - 2015-06-22 17:55 - 00000221 _____ C:\Users\Kuba\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url 2015-06-22 16:50 - 2015-06-22 16:50 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-06-22 16:49 - 2015-06-30 20:54 - 00001158 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000UA.job 2015-06-22 16:49 - 2015-06-30 16:54 - 00001106 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000Core.job 2015-06-22 16:49 - 2015-06-22 16:49 - 00004130 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000UA 2015-06-22 16:49 - 2015-06-22 16:49 - 00003734 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1149661289-1221717445-1824185903-1000Core 2015-06-22 16:49 - 2015-06-22 16:49 - 00000000 ____D C:\Users\Kuba\AppData\Local\Dropbox 2015-06-22 16:49 - 2015-06-22 16:49 - 00000000 ____D C:\ProgramData\Dropbox 2015-06-18 21:37 - 2015-06-18 21:37 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\GCCS 2015-06-18 21:33 - 2015-06-18 21:33 - 00000222 _____ C:\Users\Kuba\Desktop\GemCraft - Chasing Shadows.url 2015-06-17 19:35 - 2015-06-17 19:35 - 00000222 _____ C:\Users\Kuba\Desktop\Train Fever.url 2015-06-17 19:35 - 2015-06-17 19:35 - 00000222 _____ C:\Users\Kuba\Desktop\SpeedRunners.url 2015-06-17 19:35 - 2015-06-17 19:35 - 00000222 _____ C:\Users\Kuba\Desktop\Banished.url 2015-06-17 05:54 - 2015-06-17 05:54 - 00172330 ___HT C:\Users\Kuba\Downloads\~1414717_826755837431691_600950962_n.tmp 2015-06-16 19:43 - 2015-06-16 19:45 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Dominions4 2015-06-16 19:21 - 2015-06-16 19:21 - 00000222 _____ C:\Users\Kuba\Desktop\Spelunky.url 2015-06-16 19:02 - 2015-06-16 19:02 - 00000222 _____ C:\Users\Kuba\Desktop\Dominions 4.url 2015-06-16 19:02 - 2015-06-16 19:02 - 00000222 _____ C:\Users\Kuba\Desktop\Antichamber.url 2015-06-14 22:51 - 2015-06-14 22:51 - 00000222 _____ C:\Users\Kuba\Desktop\Castle Crashers.url 2015-06-14 22:29 - 2015-06-14 22:29 - 00015833 _____ C:\Users\Kuba\Downloads\CV (1).odt 2015-06-13 18:50 - 2015-06-13 18:50 - 00000000 ____D C:\Users\Kuba\Documents\creeperworld3 2015-06-13 18:49 - 2015-06-13 18:51 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\creeperworld3 2015-06-13 18:35 - 2015-06-13 18:35 - 00000222 _____ C:\Users\Kuba\Desktop\Creeper World 3 Arc Eternal.url 2015-06-12 23:14 - 2015-06-12 23:14 - 00016545 _____ C:\Users\Kuba\Downloads\CV.odt 2015-06-11 22:16 - 2015-06-11 22:16 - 05776646 _____ C:\Users\Kuba\Downloads\Plan Outdoor-Tomczak.xlsx 2015-06-11 19:52 - 2015-06-11 19:53 - 19105854 _____ C:\Users\Kuba\Downloads\010sel0311.avi 2015-06-10 20:34 - 2015-06-10 20:34 - 00000659 _____ C:\Users\Public\Desktop\Order of Battle Pacific.lnk 2015-06-10 20:34 - 2015-06-10 20:34 - 00000659 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Order of Battle Pacific.lnk 2015-06-10 19:43 - 2015-06-10 19:43 - 00000930 _____ C:\Users\Public\Desktop\Wargame - Airland Battle.lnk 2015-06-10 19:43 - 2015-06-10 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eugen Systems 2015-06-10 16:17 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 16:17 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-06-10 16:17 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 16:17 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-06-10 16:17 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-06-10 16:17 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-06-10 16:17 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-06-10 16:17 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-06-10 16:17 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-06-10 16:17 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-06-10 16:17 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-06-10 16:17 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-06-10 16:17 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-06-10 16:17 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-06-10 16:17 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-06-10 16:17 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-06-10 16:17 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-06-10 16:17 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-06-10 16:17 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-06-10 16:17 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-06-10 16:17 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-06-10 16:17 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-06-10 16:17 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-06-10 16:17 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-06-10 16:17 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-06-10 16:17 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-06-10 16:17 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-06-10 16:17 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-06-10 16:17 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-06-10 16:17 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-06-10 16:17 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 16:17 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-10 16:17 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-10 16:17 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 16:17 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 16:17 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 16:17 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-10 16:17 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-10 16:17 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 16:17 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 16:17 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-10 16:17 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 16:17 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 16:17 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 16:17 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 16:17 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-10 16:17 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-10 16:17 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 16:17 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-10 16:17 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-10 16:17 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 16:17 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 16:17 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-10 16:17 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 16:17 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 16:17 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-10 16:17 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 16:17 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 16:17 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 16:17 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 16:15 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-10 16:15 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-10 16:15 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-10 16:15 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-06-10 16:15 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-06-10 16:15 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-10 16:15 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-10 16:15 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-10 16:15 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-10 16:15 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-10 16:15 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-10 16:15 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-10 16:15 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-10 16:15 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-10 16:15 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-10 16:15 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-10 16:15 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-10 16:15 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-10 16:15 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-10 16:15 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-06-10 16:15 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-06-10 16:15 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-06-10 16:15 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-06-10 16:15 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-06-10 16:15 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-06-10 16:15 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-06-10 16:15 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-06-10 16:15 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-06-10 16:15 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-06-10 16:15 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-06-10 16:15 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-06-10 16:15 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-06-10 16:15 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-06-10 16:15 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-06-10 16:15 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-06-10 16:15 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-10 16:15 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-10 16:15 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-06-10 16:15 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-06-10 16:15 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 16:15 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-06-10 16:15 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-10 16:15 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-10 16:15 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-10 16:15 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-10 16:15 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-10 16:15 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-10 16:15 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-10 16:15 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-10 16:15 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-10 16:15 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-10 16:15 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-10 16:15 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-10 16:15 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 16:15 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-06-10 16:15 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-06-10 16:15 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-06-10 16:15 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-06-10 16:15 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-06-10 16:15 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-10 16:15 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-06-10 16:15 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2015-06-09 22:13 - 2015-06-09 22:13 - 00000234 _____ C:\Users\Kuba\Desktop\Might and Magic Heroes VII Beta.url 2015-06-09 22:09 - 2015-06-09 22:12 - 00000000 ____D C:\Users\Kuba\AppData\Local\Ubisoft Game Launcher 2015-06-09 22:09 - 2015-06-09 22:09 - 00000870 _____ C:\Users\Kuba\Desktop\Uplay.lnk 2015-06-09 22:09 - 2015-06-09 22:09 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-06-09 21:40 - 2015-06-09 21:40 - 61778376 _____ (Ubisoft) C:\Users\Kuba\Downloads\UplayInstaller.exe 2015-06-09 20:37 - 2015-06-09 20:37 - 00000000 ____D C:\Users\Kuba\Documents\Banished 2015-06-09 17:51 - 2015-06-09 18:32 - 00011189 _____ C:\Users\Kuba\Desktop\Lista zakupów.xlsx 2015-06-09 17:50 - 2015-06-09 17:50 - 00000885 _____ C:\Users\Public\Desktop\Banished.lnk 2015-06-09 17:50 - 2015-06-09 17:50 - 00000885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Banished.lnk 2015-06-08 16:17 - 2015-06-08 16:17 - 00320140 _____ C:\Users\Kuba\Downloads\smouczek schematowy by KJ (1).sav 2015-06-07 17:51 - 2015-06-07 17:51 - 00320140 _____ C:\Users\Kuba\Downloads\smouczek schematowy by KJ.sav 2015-06-05 23:27 - 2015-06-05 23:27 - 00000508 _____ C:\Users\Public\Desktop\OpenTTD.lnk 2015-06-05 23:27 - 2015-06-05 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD 2015-06-05 23:24 - 2015-06-08 20:57 - 00000000 ____D C:\Users\Kuba\Documents\OpenTTD 2015-06-05 23:22 - 2015-06-05 23:23 - 11359588 _____ C:\Users\Kuba\Downloads\opensfx-0.2.3-all.zip 2015-06-05 23:21 - 2015-06-05 23:21 - 07926644 _____ (OpenTTD Developers) C:\Users\Kuba\Downloads\openttd-1.5.1-windows-win64.exe 2015-06-05 23:21 - 2015-06-05 23:21 - 00136981 _____ C:\Users\Kuba\Downloads\openmsx-0.3.1-all.zip 2015-06-05 23:20 - 2015-06-05 23:21 - 03547661 _____ C:\Users\Kuba\Downloads\opengfx-0.5.2-all.zip 2015-06-05 17:01 - 2015-06-05 17:01 - 00000830 _____ C:\Users\Kuba\Desktop\Supreme Ruler Ultimate.lnk 2015-06-05 17:01 - 2015-06-05 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Supreme Ruler Ultimate 2015-06-05 16:54 - 2015-06-05 16:55 - 00003368 _____ C:\Windows\System32\Tasks\WINshell Event Logging 2015-06-05 16:54 - 2015-06-05 16:54 - 00003372 _____ C:\Windows\System32\Tasks\WINshell Event Notification 2015-06-04 22:49 - 2015-06-04 22:49 - 00000753 _____ C:\Users\Kuba\Desktop\Portal 2.lnk 2015-06-04 22:49 - 2015-06-04 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst 2015-06-04 11:51 - 2015-06-05 16:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-06-04 11:41 - 2015-06-04 11:41 - 00000940 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk 2015-06-04 11:41 - 2015-06-04 11:41 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Ashampoo 2015-06-04 11:41 - 2015-06-04 11:41 - 00000000 ____D C:\Users\Kuba\AppData\Local\ashampoo 2015-06-04 11:41 - 2015-06-04 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2015-06-04 11:41 - 2015-06-04 11:41 - 00000000 ____D C:\ProgramData\Ashampoo 2015-06-04 11:40 - 2015-06-04 11:41 - 32768992 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Kuba\Downloads\ashampoo_burning_studio_free_1.14.5_sm.exe 2015-06-04 11:39 - 2015-06-04 11:39 - 98327200 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Kuba\Downloads\ashampoo_burning_studio_2015_18299.exe 2015-06-04 11:37 - 2015-06-04 11:37 - 98327200 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Kuba\Downloads\Niepotwierdzony 862945.crdownload 2015-06-04 11:33 - 2015-06-04 11:33 - 09588264 _____ (Disc Soft Ltd) C:\Users\Kuba\Downloads\Niepotwierdzony 508553.crdownload 2015-06-04 10:54 - 2015-06-04 10:54 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\dvdcss 2015-06-04 08:52 - 2015-06-04 08:52 - 00008982 _____ C:\Users\Kuba\Downloads\izzyKONTO nr _63912771 za 2015-05.htm 2015-06-03 05:53 - 2015-06-03 05:53 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2015-06-01 18:16 - 2015-06-01 18:16 - 00000000 ____D C:\Users\Kuba\AppData\Local\GWX 2015-05-31 16:48 - 2015-05-31 16:48 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Wayforward Technologies 2015-05-31 16:47 - 2015-05-31 16:47 - 00000711 _____ C:\Users\Public\Desktop\DuckTales Remastered.lnk 2015-05-31 16:47 - 2015-05-31 16:47 - 00000711 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DuckTales Remastered.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-30 21:25 - 2014-12-28 17:05 - 00000000 ____D C:\FRST 2015-06-30 21:23 - 2014-11-12 23:25 - 01360782 _____ C:\Windows\WindowsUpdate.log 2015-06-30 21:20 - 2014-11-17 23:37 - 00000000 ___RD C:\Users\Kuba\Dropbox 2015-06-30 21:20 - 2014-11-17 23:36 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Dropbox 2015-06-30 21:18 - 2014-11-13 19:10 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys 2015-06-30 21:18 - 2014-11-13 19:08 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2015-06-30 21:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-30 21:18 - 2009-07-14 06:51 - 00063767 _____ C:\Windows\setupact.log 2015-06-30 21:18 - 2009-07-14 06:45 - 00027584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-30 21:18 - 2009-07-14 06:45 - 00027584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-30 21:17 - 2014-11-13 19:16 - 00784658 _____ C:\Windows\PFRO.log 2015-06-30 21:17 - 2009-07-14 20:09 - 00000000 ____D C:\Windows\CSC 2015-06-30 21:13 - 2014-11-13 23:12 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-30 20:57 - 2014-11-15 23:42 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\uTorrent 2015-06-30 19:28 - 2015-01-02 11:44 - 00000000 ____D C:\AdwCleaner 2015-06-30 19:19 - 2014-11-13 19:08 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2015-06-30 17:58 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Offline Web Pages 2015-06-30 05:56 - 2014-11-13 23:11 - 00000000 ____D C:\Users\Kuba\AppData\Local\Adobe 2015-06-29 22:39 - 2014-11-13 23:12 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-06-29 22:39 - 2014-11-13 23:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-29 22:39 - 2014-11-13 23:12 - 00003868 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-06-29 19:53 - 2015-05-24 16:21 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duel of Champions Launcher 2015-06-29 19:53 - 2015-02-01 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valkyria Chronicles 2015-06-29 19:53 - 2015-01-20 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Hospital 2015-06-29 19:52 - 2015-05-24 16:21 - 00000569 _____ C:\Users\Kuba\Desktop\Duel of Champions Launcher.lnk 2015-06-29 19:52 - 2015-04-20 20:32 - 00000762 _____ C:\Users\Kuba\Desktop\Launcher — skrót.lnk 2015-06-29 19:52 - 2014-12-18 21:44 - 00000693 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-06-29 19:45 - 2014-11-13 19:21 - 00001947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-06-27 22:06 - 2014-11-15 23:55 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\vlc 2015-06-27 19:24 - 2009-07-14 19:55 - 00743484 _____ C:\Windows\system32\perfh015.dat 2015-06-27 19:24 - 2009-07-14 19:55 - 00156966 _____ C:\Windows\system32\perfc015.dat 2015-06-27 19:24 - 2009-07-14 07:13 - 01678098 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-27 15:30 - 2014-11-15 21:47 - 00301314 _____ C:\Windows\DirectX.log 2015-06-27 15:26 - 2014-11-18 21:14 - 00000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps 2015-06-25 22:21 - 2014-12-18 21:44 - 00003882 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1418931874 2015-06-24 20:22 - 2015-04-04 23:41 - 00000031 _____ C:\Users\Kuba\Desktop\energa.txt 2015-06-23 21:32 - 2014-11-13 19:44 - 00000000 ____D C:\ProgramData\Package Cache 2015-06-17 05:59 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2015-06-11 19:58 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-06-11 05:57 - 2014-11-24 23:20 - 00000000 __SHD C:\Users\Kuba\AppData\Local\EmieUserList 2015-06-11 05:57 - 2014-11-24 23:20 - 00000000 __SHD C:\Users\Kuba\AppData\Local\EmieSiteList 2015-06-11 05:57 - 2014-11-24 23:20 - 00000000 __SHD C:\Users\Kuba\AppData\Local\EmieBrowserModeList 2015-06-11 04:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-06-11 03:28 - 2014-11-13 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-06-11 03:28 - 2009-07-14 06:45 - 05172104 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-11 03:26 - 2014-12-10 22:47 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-11 03:26 - 2014-11-14 18:07 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-11 03:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-06-11 03:08 - 2014-11-14 23:31 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-06-11 03:04 - 2009-07-14 04:34 - 00000580 _____ C:\Windows\win.ini 2015-06-10 20:41 - 2014-11-22 10:59 - 00000000 ____D C:\Users\Kuba\Documents\my games 2015-06-08 17:17 - 2009-07-14 07:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-06-05 20:14 - 2015-05-23 15:29 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Kalypso Media 2015-06-04 22:49 - 2014-11-15 21:47 - 00000000 ____D C:\Windows\SysWOW64\directx 2015-06-03 05:52 - 2015-03-12 19:49 - 00000000 ____D C:\Program Files (x86)\Google 2015-05-31 14:49 - 2015-05-30 23:45 - 00131749 _____ C:\Users\Kuba\Desktop\Katarzyna Wawrzyniak.ods ==================== Files in the root of some directories ======= 2015-02-23 21:21 - 2015-02-23 21:21 - 0000132 _____ () C:\Users\Kuba\AppData\Roaming\Preferencje CC formatu PNG firmy Adobe 2015-06-23 21:34 - 2015-06-23 21:36 - 0002036 _____ () C:\Users\Kuba\AppData\Roaming\SpeedRunnersLog.txt 2014-11-13 19:11 - 2014-11-13 19:11 - 0000003 _____ () C:\Users\Kuba\AppData\Local\user_data.ini Some files in TEMP: ==================== C:\Users\Kuba\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppmy3gi.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-11 03:58 ==================== End of log ============================

Hi, I have revenclty installed some malware on my PC. I tried to fix with malwarebytes anti-malware and adwclenar and they remowed plenty of files but I still have popups when for example clicking in some links. Adwcleaner everytime finds these: http://gyazo.com/92f550a5358b8fbda4be4a04dcfcbbc4I'm keeping deleting this but after every reset of computer they are still there. Here is FRST scan: http://www.wklej.org/id/1749280/