"Deamon Tools przestał działać" lub "Program "X" przestał działać"

larw4 · 2 Listopada 2013

Witam, chciałem dzisiaj odpalić plik .iso w Deamon Tools. Włączam i ok, jest, pojawia mi się okienko do aktualizacji, więc zaaktualizowałem. I tutaj pojawia się problem. Kiedy chciałem uruchomić deamon tools, pojawiał się komunikat "Deamon Tools przestał działać" i sugeruje mi zamknięcie programu. Przy aktualizacji ściągnął mi dziwny program o nazwie "Optimizer Pro Web".. avast zaczął też wtedy szaleć że wykrywa i usunął wirusa, więc natychmiast usunąłem program, lecz i tak problem się nie rozwiązał. Usunięcie i reinstall programu też nie działa bo wyskakuje podczas usuwania ten sam komunikat. Odpaliłem plik .iso programem UltraISO ale i tak podczas instalacji wyskoczył mi "Program "nazwa instalatora" przestał działać".. Zrobiłem CCleaner'em i nic, nadal to samo . Posiadam win 7 Home 64-bit.. Przy starcie systemu też pojawia się komunikat o deamon tools. Podrzucam screen'a i logi z OTL, MBAM, AdwCleaner. Słyszałem że trzeba jakiś skrypt do OTL dodać, ale jaki ? Pomocy, pilna pomoc, a szybko potrzebuje deamon tools'a! Z góry dziękuję
OTL.txt:

OTL logfile created on: 2013-11-01 20:38:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Pictures
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,93 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 55,66% Memory free
7,87 Gb Paging File | 5,90 Gb Available in Paging File | 74,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,23 Gb Total Space | 368,03 Gb Free Space | 83,03% Space Free | Partition Type: NTFS
Drive D: | 488,18 Gb Total Space | 362,96 Gb Free Space | 74,35% Space Free | Partition Type: NTFS

Computer Name: MATEUSZ-KOMP | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-11-01 20:31:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Pictures\OTL.exe
PRC - [2013-10-30 20:25:56 | 000,566,696 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013-10-30 20:25:54 | 001,820,584 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2013-10-23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013-10-18 02:35:01 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013-10-18 02:34:28 | 001,914,656 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013-10-16 14:40:56 | 003,561,816 | ---- | M] (Electronic Arts) -- D:\Program Files (x86)\Origin\Origin.exe
PRC - [2013-09-30 16:43:40 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013-09-22 13:19:44 | 000,825,920 | ---- | M] (Wsys Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe
PRC - [2013-08-30 08:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-08-30 08:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- d:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-08-03 02:09:24 | 028,057,256 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mateusz\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013-04-04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-07-27 17:52:56 | 000,495,616 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
PRC - [2012-07-12 09:31:34 | 004,267,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
PRC - [2012-07-12 09:30:46 | 000,047,368 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
PRC - [2012-06-29 16:56:30 | 000,136,704 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
PRC - [2012-03-29 06:38:22 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012-03-29 06:38:16 | 000,133,400 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe
PRC - [2012-03-29 06:38:06 | 000,165,144 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2012-03-26 18:14:26 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

========== Modules (No Company Name) ==========

MOD - [2013-10-30 20:25:56 | 001,123,240 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013-10-24 18:45:32 | 000,691,200 | ---- | M] () -- D:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013-10-23 21:07:26 | 020,625,832 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013-10-16 14:40:57 | 000,062,976 | ---- | M] () -- D:\Program Files (x86)\Origin\tufao.dll
MOD - [2013-09-13 18:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013-09-13 18:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013-06-15 00:49:12 | 001,100,800 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013-06-15 00:49:12 | 000,192,000 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013-06-15 00:49:12 | 000,124,416 | ---- | M] () -- D:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013-03-13 21:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012-11-14 00:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012-07-12 09:31:32 | 000,215,304 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Small Business Advantage\UI\System.ComponentModel.Composition.dll
MOD - [2012-07-12 09:31:30 | 000,051,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Small Business Advantage\UI\Interop.TaskScheduler.dll
MOD - [2009-07-14 18:55:10 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_pl_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009-07-14 18:55:05 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll
MOD - [2009-07-14 18:55:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-07-14 18:54:59 | 000,167,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_pl_b77a5c561934e089\System.Xml.resources.dll
MOD - [2009-07-14 06:00:25 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e033d390dc7e9567b6960b0f530cf30\System.Management.ni.dll
MOD - [2009-07-14 05:56:14 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\1762137638019a091020b3baf52f6de3\System.Core.ni.dll
MOD - [2009-07-14 05:56:11 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\39f5a71b5185d267b0f55cd4cea26d6b\PresentationFramework.Aero.ni.dll
MOD - [2009-07-14 05:55:47 | 014,318,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\68e5eeb3c6ef18ba2dc1ad70eb74aeee\PresentationFramework.ni.dll
MOD - [2009-07-14 05:55:34 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\e71959f4ec6eb386889050ac139835c7\System.ServiceProcess.ni.dll
MOD - [2009-07-14 05:55:34 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\0a5b398e99c5cf468bda55d72b30f127\System.Configuration.Install.ni.dll
MOD - [2009-07-14 05:55:32 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009-07-14 05:55:26 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009-07-14 05:55:24 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\dca322ae03db6422ff99b125d1bdb941\UIAutomationTypes.ni.dll
MOD - [2009-07-14 05:55:24 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\7ce9d463a5d343fe74d6f181f9226cab\UIAutomationProvider.ni.dll
MOD - [2009-07-14 05:55:23 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b459c5815af8123e4bf30d4e05bba65\PresentationCore.ni.dll
MOD - [2009-07-14 05:55:14 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c2f9dd7db911053edcaaadf5fefc500a\WindowsBase.ni.dll
MOD - [2009-07-14 05:55:11 | 000,676,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\5588d54cbc98d72ed01194c6d4146073\System.Security.ni.dll
MOD - [2009-07-14 05:55:09 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009-07-14 05:55:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll
MOD - [2009-07-14 05:55:05 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009-07-14 05:55:00 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013-10-18 02:35:51 | 015,122,208 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2012-03-07 01:00:46 | 000,629,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013-10-30 20:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-10-25 18:33:55 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- d:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2013-10-23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013-10-18 02:34:28 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013-09-30 16:43:40 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013-09-22 13:19:44 | 000,825,920 | ---- | M] (Wsys Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (WsysSvc)
SRV - [2013-09-05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-08-30 08:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- d:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013-07-18 15:39:40 | 000,762,192 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-07-12 09:30:46 | 000,047,368 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe -- (intelsba)
SRV - [2012-06-29 16:56:30 | 000,136,704 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2012-03-29 06:38:24 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-03-29 06:38:22 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-03-29 06:38:06 | 000,165,144 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006-10-26 23:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-09-28 00:01:44 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-08-30 08:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013-08-30 08:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013-08-30 08:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013-08-30 08:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013-08-30 08:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013-08-30 08:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013-08-30 08:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013-08-30 08:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013-06-16 13:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012-12-13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012-08-21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-03-26 18:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012-03-26 18:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012-03-26 18:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012-02-16 06:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-11-10 09:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010-01-29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2010-01-18 09:36:44 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S543690036900&ts=1379851067
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S543690036900&ts=1379851067
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S543690036900&ts=1379851068&type=default&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S543690036900&ts=1379851068&type=default&q={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Mateusz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

[2013-10-07 10:42:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Mateusz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - Extension: Media Hint = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja\0.1.13_0\
CHR - Extension: Dokumenty Google = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RadioEnhancer = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfijnebfkjdclmcedinoknekamigckii\1.4.2_0\
CHR - Extension: Google Wallet = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - d:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - d:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - d:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - d:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Fences] D:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [shadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] d:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [GrooveMonitor] D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [iMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [intelSBA] C:\Program Files (x86)\Intel\Intel® Small Business Advantage\Service\SBALaunchDelay.exe (Intel Corporation)
O4 - HKLM..\Run: [super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [uSB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] d:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [EADM] d:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [steam] D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Mateusz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.114.149.10 194.114.149.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6709EA8B-7CC7-47EE-9E62-4412E343B19F}: DhcpNameServer = 194.114.149.10 194.114.149.11
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - D:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-11-01 20:28:28 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Malwarebytes
[2013-11-01 20:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-11-01 20:28:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-11-01 20:28:20 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013-11-01 20:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013-11-01 20:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013-11-01 17:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
[2013-11-01 17:50:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraISO
[2013-11-01 17:50:37 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My ISO Files
[2013-11-01 17:50:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EZB Systems
[2013-11-01 17:38:43 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Local Settings
[2013-11-01 17:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013-10-30 16:13:05 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\HandBrake
[2013-10-30 16:12:45 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
[2013-10-30 16:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\Handbrake
[2013-10-30 16:12:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
[2013-10-30 16:09:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\FoxTab
[2013-10-30 16:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxtab
[2013-10-29 20:00:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013-10-29 19:57:07 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2013-10-29 19:57:06 | 015,855,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013-10-29 19:57:06 | 009,480,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013-10-29 19:57:06 | 001,241,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013-10-29 19:57:05 | 030,344,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013-10-29 19:57:05 | 022,933,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013-10-29 19:57:05 | 011,374,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013-10-29 19:57:05 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013-10-29 19:57:04 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433165.dll
[2013-10-29 19:57:04 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433165.dll
[2013-10-29 19:57:04 | 000,696,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013-10-29 19:57:04 | 000,655,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013-10-29 19:57:04 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013-10-29 19:57:04 | 000,560,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013-10-29 19:57:04 | 000,479,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2013-10-29 19:57:04 | 000,405,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2013-10-29 19:57:04 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013-10-29 19:57:04 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013-10-29 19:57:04 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013-10-29 19:57:03 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013-10-29 19:57:03 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013-10-29 19:57:03 | 011,426,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013-10-29 19:57:03 | 009,524,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013-10-29 19:57:03 | 003,131,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013-10-29 19:57:03 | 003,124,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013-10-29 19:57:03 | 002,946,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013-10-29 19:57:03 | 002,747,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013-10-29 19:44:00 | 001,063,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2013-10-29 19:44:00 | 000,955,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2013-10-29 19:42:05 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2013-10-29 19:42:05 | 000,028,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2013-10-27 13:08:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\2K Games
[2013-10-27 13:07:45 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013-10-27 13:07:45 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013-10-27 13:07:45 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013-10-27 13:07:45 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013-10-27 13:07:45 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013-10-27 13:07:45 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013-10-27 13:07:43 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013-10-27 13:07:42 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013-10-27 13:07:42 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013-10-27 13:07:41 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013-10-27 13:07:41 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013-10-27 13:07:40 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013-10-27 13:07:40 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013-10-27 13:07:39 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013-10-27 13:07:38 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2013-10-27 13:07:38 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2013-10-27 13:07:38 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2013-10-27 13:07:38 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2013-10-27 13:07:37 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2013-10-27 13:07:37 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2013-10-27 13:07:36 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2013-10-27 13:07:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2013-10-27 13:07:35 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2013-10-27 13:07:35 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013-10-27 13:07:35 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2013-10-27 13:07:35 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2013-10-27 13:07:33 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2013-10-27 13:07:33 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2013-10-27 13:07:23 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2013-10-27 13:07:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2013-10-27 13:07:19 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2013-10-27 13:07:19 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2013-10-27 13:07:18 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013-10-27 13:07:18 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013-10-27 13:07:15 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013-10-27 13:07:15 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013-10-27 13:07:12 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2013-10-27 13:07:12 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2013-10-27 13:07:12 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2013-10-27 13:07:12 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2013-10-27 13:07:11 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2013-10-27 13:07:11 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013-10-27 13:07:10 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2013-10-27 13:07:10 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013-10-27 13:07:10 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2013-10-27 13:07:10 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013-10-27 13:07:09 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2013-10-27 13:07:09 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2013-10-27 13:07:08 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2013-10-27 13:07:08 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013-10-27 13:07:06 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013-10-27 13:07:06 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013-10-27 13:07:06 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013-10-27 13:07:06 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013-10-27 13:07:04 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013-10-27 13:07:04 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013-10-27 13:07:01 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2013-10-27 13:07:01 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2013-10-27 13:07:00 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2013-10-27 13:07:00 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2013-10-27 13:06:58 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2013-10-27 13:06:58 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2013-10-27 13:06:58 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2013-10-27 13:06:58 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2013-10-27 13:06:57 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2013-10-27 13:06:57 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2013-10-27 13:06:57 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2013-10-27 13:06:57 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2013-10-27 13:06:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2013-10-27 13:06:56 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2013-10-27 13:06:54 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2013-10-27 13:06:54 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2013-10-27 13:06:53 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2013-10-27 13:06:52 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2013-10-27 13:06:52 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2013-10-27 13:06:52 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2013-10-27 13:06:52 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2013-10-27 13:06:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2013-10-27 13:06:51 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2013-10-27 13:06:51 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2013-10-27 13:06:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2013-10-27 13:06:49 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2013-10-27 13:06:49 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2013-10-27 13:06:49 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2013-10-27 13:06:49 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2013-10-27 13:06:47 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2013-10-27 13:06:47 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2013-10-27 13:06:46 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2013-10-27 13:06:46 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2013-10-27 13:06:46 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2013-10-27 13:06:46 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2013-10-27 13:06:45 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2013-10-27 13:06:45 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2013-10-27 13:06:43 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2013-10-27 13:06:43 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2013-10-27 13:06:43 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2013-10-27 13:06:43 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2013-10-27 13:06:41 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2013-10-27 13:06:41 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2013-10-27 13:06:41 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2013-10-27 13:06:41 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2013-10-27 13:06:39 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2013-10-27 13:06:39 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2013-10-27 13:06:39 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2013-10-27 13:06:39 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2013-10-27 13:06:37 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2013-10-27 13:06:37 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2013-10-27 13:06:36 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2013-10-27 13:06:36 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2013-10-27 13:06:35 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2013-10-27 13:06:35 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2013-10-27 13:06:35 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2013-10-27 13:06:35 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2013-10-27 13:06:33 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013-10-27 13:06:33 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013-10-27 13:06:32 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2013-10-27 13:06:32 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2013-10-27 13:06:32 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2013-10-27 13:06:32 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2013-10-27 13:06:31 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2013-10-27 13:06:31 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2013-10-27 13:06:31 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2013-10-27 13:06:31 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2013-10-27 13:06:29 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2013-10-27 13:06:29 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2013-10-27 13:06:28 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2013-10-27 13:06:27 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2013-10-27 13:06:27 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2013-10-27 13:06:26 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2013-10-27 13:06:26 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2013-10-27 13:06:26 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2013-10-27 13:06:26 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2013-10-27 13:06:24 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2013-10-27 13:06:24 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2013-10-27 13:06:23 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2013-10-27 13:06:23 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2013-10-27 13:06:22 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2013-10-27 13:06:22 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2013-10-27 13:06:21 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2013-10-27 13:06:21 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2013-10-27 13:06:20 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013-10-27 13:06:20 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013-10-27 13:06:19 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2013-10-27 13:06:19 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2013-10-27 13:06:18 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2013-10-27 13:06:18 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2013-10-27 13:06:17 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2013-10-27 13:06:17 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2013-10-27 13:06:16 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2013-10-27 13:06:16 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2013-10-27 13:06:15 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2013-10-27 13:06:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2013-10-27 13:06:14 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2013-10-27 13:06:14 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2013-10-27 13:06:13 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2013-10-27 13:06:13 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2013-10-27 13:06:12 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2013-10-27 13:06:12 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2013-10-27 13:06:05 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013-10-27 13:06:05 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013-10-27 13:06:03 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2013-10-27 13:06:03 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2013-10-27 13:06:03 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2013-10-27 13:06:03 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2013-10-27 13:06:01 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2013-10-27 13:06:01 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2013-10-27 13:05:59 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2013-10-27 13:05:59 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2013-10-27 13:05:57 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2013-10-27 13:05:57 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2013-10-27 13:05:54 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2013-10-27 13:05:54 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2013-10-27 13:05:52 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2013-10-27 13:05:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2013-10-27 13:05:48 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2013-10-27 13:05:48 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2013-10-25 17:32:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Adobe
[2013-10-25 17:32:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013-10-25 17:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013-10-25 15:31:18 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\NVIDIA
[2013-10-25 15:29:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\WB Games
[2013-10-23 17:24:53 | 006,669,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013-10-23 17:24:53 | 003,489,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013-10-23 17:24:53 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013-10-23 17:24:53 | 000,219,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013-10-23 17:24:53 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013-10-23 17:24:23 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013-10-23 17:24:23 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013-10-23 17:23:00 | 001,435,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013-10-23 17:22:58 | 018,199,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013-10-23 17:22:58 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433158.dll
[2013-10-23 17:22:58 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433158.dll
[2013-10-23 16:37:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013-10-23 03:02:36 | 000,589,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013-10-19 17:34:21 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Awesomium
[2013-10-19 17:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
[2013-10-19 17:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios
[2013-10-14 19:00:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Nero_AG
[2013-10-14 18:59:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Nero
[2013-10-14 18:56:32 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Nero
[2013-10-14 18:52:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2013-10-14 18:52:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2013-10-14 18:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2013-10-14 18:51:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013-10-14 18:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013-10-14 18:49:53 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-10-14 18:49:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013-10-12 08:55:35 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\EA Games
[2013-10-07 19:58:30 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Rockstar Games
[2013-10-07 19:44:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013-10-07 18:00:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\Games for Windows - LIVE Demos
[2013-10-07 17:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2013-10-07 17:50:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013-10-07 17:33:06 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Rockstar Games
[2013-10-07 17:32:35 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2013-10-07 17:30:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2013-10-07 17:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2013-10-07 17:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2013-10-07 10:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unitech LLC
[2013-10-07 10:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-10-07 10:42:26 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Unitech LLC
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-11-01 20:36:58 | 000,000,927 | ---- | M] () -- C:\Users\Mateusz\Desktop\Purchase Fences.lnk
[2013-11-01 20:35:09 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-11-01 20:34:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-11-01 20:34:56 | 3168,374,784 | -HS- | M] () -- C:\hiberfil.sys
[2013-11-01 20:28:22 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-11-01 20:19:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-11-01 20:10:00 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\FoxTab.job
[2013-11-01 20:09:01 | 000,005,492 | ---- | M] () -- C:\Users\Mateusz\Documents\cc_20131101_200851.reg
[2013-11-01 20:08:19 | 000,061,184 | ---- | M] () -- C:\Users\Mateusz\Documents\cc_20131101_200812.reg
[2013-11-01 20:05:45 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-11-01 18:52:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2033321191-3486086700-1024027682-1000UA.job
[2013-11-01 17:50:38 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\UltraISO.lnk
[2013-11-01 17:49:11 | 000,019,488 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-11-01 17:49:11 | 000,019,488 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-11-01 17:48:00 | 001,661,232 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-11-01 17:48:00 | 000,737,242 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-11-01 17:48:00 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-11-01 17:48:00 | 000,153,930 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-11-01 17:48:00 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-11-01 17:37:46 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013-11-01 12:01:58 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013-11-01 12:01:58 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013-11-01 12:01:34 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013-10-31 21:52:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2033321191-3486086700-1024027682-1000Core.job
[2013-10-30 16:12:45 | 000,000,824 | ---- | M] () -- C:\Users\Mateusz\Desktop\Handbrake.lnk
[2013-10-30 16:09:13 | 000,364,318 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\foxtab_speeddial.crx
[2013-10-28 16:20:08 | 000,250,978 | ---- | M] () -- C:\Users\Mateusz\Documents\s.xps
[2013-10-27 13:04:41 | 000,000,194 | ---- | M] () -- C:\Users\Mateusz\Desktop\Mafia II.lnk
[2013-10-25 17:32:32 | 000,001,761 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013-10-23 16:39:48 | 000,001,351 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013-10-23 15:00:21 | 000,000,636 | ---- | M] () -- C:\Users\Mateusz\Desktop\Mirror's Edge™.lnk
[2013-10-23 11:30:23 | 030,344,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013-10-23 11:30:23 | 025,257,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013-10-23 11:30:23 | 022,933,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013-10-23 11:30:23 | 018,286,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013-10-23 11:30:23 | 018,199,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013-10-23 11:30:23 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013-10-23 11:30:23 | 015,855,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013-10-23 11:30:23 | 015,212,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013-10-23 11:30:23 | 011,426,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013-10-23 11:30:23 | 011,374,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013-10-23 11:30:23 | 009,524,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013-10-23 11:30:23 | 009,480,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013-10-23 11:30:23 | 003,131,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013-10-23 11:30:23 | 003,124,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013-10-23 11:30:23 | 003,067,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013-10-23 11:30:23 | 002,946,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013-10-23 11:30:23 | 002,747,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013-10-23 11:30:23 | 002,695,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013-10-23 11:30:23 | 001,884,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433165.dll
[2013-10-23 11:30:23 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433165.dll
[2013-10-23 11:30:23 | 001,435,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013-10-23 11:30:23 | 001,241,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013-10-23 11:30:23 | 000,696,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013-10-23 11:30:23 | 000,655,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013-10-23 11:30:23 | 000,599,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013-10-23 11:30:23 | 000,560,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013-10-23 11:30:23 | 000,479,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2013-10-23 11:30:23 | 000,405,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2013-10-23 11:30:23 | 000,317,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013-10-23 11:30:23 | 000,266,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013-10-23 11:30:23 | 000,168,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013-10-23 11:30:23 | 000,141,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013-10-23 11:30:23 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013-10-23 11:30:23 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013-10-23 11:30:23 | 000,023,287 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013-10-23 09:20:08 | 006,669,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013-10-23 09:20:07 | 003,489,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013-10-23 09:20:05 | 002,559,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013-10-23 09:20:05 | 000,219,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013-10-23 09:20:05 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013-10-23 09:20:03 | 003,426,956 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013-10-23 03:02:36 | 000,589,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013-10-19 19:38:06 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013-10-19 17:30:02 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\Smite.lnk
[2013-10-19 17:30:02 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
[2013-10-18 02:36:09 | 001,063,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2013-10-18 02:36:08 | 000,955,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2013-10-16 20:21:54 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-10-16 01:48:05 | 001,884,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433158.dll
[2013-10-16 01:48:05 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433158.dll
[2013-10-14 18:55:42 | 000,002,913 | ---- | M] () -- C:\Users\Public\Desktop\Nero 2014.lnk
[2013-10-12 14:58:21 | 000,000,666 | ---- | M] () -- C:\Users\Mateusz\Desktop\Crysis® 2.lnk
[2013-10-07 19:06:10 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2013-10-07 17:32:35 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2013-10-07 10:47:15 | 000,000,877 | ---- | M] () -- C:\Users\Mateusz\Desktop\BitTorrent.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-11-01 20:36:58 | 000,000,927 | ---- | C] () -- C:\Users\Mateusz\Desktop\Purchase Fences.lnk
[2013-11-01 20:28:22 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-11-01 20:08:53 | 000,005,492 | ---- | C] () -- C:\Users\Mateusz\Documents\cc_20131101_200851.reg
[2013-11-01 20:08:16 | 000,061,184 | ---- | C] () -- C:\Users\Mateusz\Documents\cc_20131101_200812.reg
[2013-11-01 20:05:45 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-11-01 17:50:38 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\UltraISO.lnk
[2013-11-01 17:37:46 | 000,000,853 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013-10-30 16:12:17 | 000,000,824 | ---- | C] () -- C:\Users\Mateusz\Desktop\Handbrake.lnk
[2013-10-30 16:09:18 | 000,000,296 | ---- | C] () -- C:\Windows\tasks\FoxTab.job
[2013-10-30 16:09:14 | 000,364,318 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\foxtab_speeddial.crx
[2013-10-28 16:19:19 | 000,250,978 | ---- | C] () -- C:\Users\Mateusz\Documents\s.xps
[2013-10-27 13:04:41 | 000,000,194 | ---- | C] () -- C:\Users\Mateusz\Desktop\Mafia II.lnk
[2013-10-25 17:32:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013-10-25 17:32:32 | 000,001,761 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013-10-23 17:24:53 | 003,426,956 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013-10-23 16:39:48 | 000,001,351 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013-10-19 17:30:02 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\Smite.lnk
[2013-10-19 17:30:02 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
[2013-10-14 18:55:42 | 000,002,913 | ---- | C] () -- C:\Users\Public\Desktop\Nero 2014.lnk
[2013-10-12 14:58:21 | 000,000,666 | ---- | C] () -- C:\Users\Mateusz\Desktop\Crysis® 2.lnk
[2013-10-12 08:53:42 | 000,000,636 | ---- | C] () -- C:\Users\Mateusz\Desktop\Mirror's Edge™.lnk
[2013-10-07 19:06:10 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2013-10-07 17:59:00 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2013-10-07 10:47:15 | 000,000,877 | ---- | C] () -- C:\Users\Mateusz\Desktop\BitTorrent.lnk
[2013-09-24 16:47:40 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013-09-21 10:36:49 | 001,636,610 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013-09-20 19:22:14 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013-09-20 19:22:11 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013-09-20 17:13:09 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013-09-20 17:11:02 | 000,000,036 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\housecall.guid.cache
[2012-03-07 00:40:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009-07-14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Extras.txt:

OTL Extras logfile created on: 2013-11-01 20:38:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Pictures
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,93 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 55,66% Memory free
7,87 Gb Paging File | 5,90 Gb Available in Paging File | 74,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,23 Gb Total Space | 368,03 Gb Free Space | 83,03% Space Free | Partition Type: NTFS
Drive D: | 488,18 Gb Total Space | 362,96 Gb Free Space | 74,35% Space Free | Partition Type: NTFS

Computer Name: MATEUSZ-KOMP | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04D027A8-C432-4C3F-AE59-EA6D7971AF22}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{119369F4-7A36-41BB-83B9-FD69BE0BE99C}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{15FE33A3-695F-43D0-8AC8-4067B42A707D}" = lport=445 | protocol=6 | dir=in | app=system |
"{19EA6C3E-9669-4F82-A8E4-46F64153C107}" = rport=445 | protocol=6 | dir=out | app=system |
"{2B514C94-44DF-4D07-B955-7B8DA396EDC9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3C3F6603-1346-4FCC-9BD5-C332A88904B1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{477DA98A-EF63-407A-A5AC-D6392FE7C72E}" = lport=138 | protocol=17 | dir=in | app=system |
"{48219CB1-FCF2-45E3-A456-F8D5638EF278}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4D9E49F2-9658-429B-BF4E-2EF4034DFF14}" = lport=10243 | protocol=6 | dir=in | app=system |
"{511E5BB4-FB6B-47BC-9461-13A06F7C341A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5192D2CB-306D-4880-A53C-A985752DF5D1}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{547D54E8-A0AF-452C-81A7-9727EC19EF80}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5DAB694A-50D0-4B07-ABB1-13BEA357F3BF}" = lport=139 | protocol=6 | dir=in | app=system |
"{637A918C-5E1A-4754-9716-FD403FF70228}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{786A3279-3A59-4CA6-8228-F32733187507}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7ABF1494-9D60-4D03-84F2-C6C026A68ADA}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7BD456CA-1666-4C24-9E7D-E093CB73B75D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{833FF112-AECD-4E07-A279-9A31F0917CEE}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{85F2C9C9-6924-474F-9D9B-35137807B4F7}" = lport=6004 | protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\outlook.exe |
"{911F7DD9-0499-4868-BFD7-346FB8E6256A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{A0EEB212-2CA3-4E9E-9AEC-6104F9F8BBB5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A3D03AA4-8CD3-4076-9F70-E058B4A4145A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A4C50ADB-1D29-4F15-9643-270C8A41E600}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A8494D03-8F07-4941-B2D3-A4A13EDF424D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A85C40C2-DDBC-4326-9CF9-00C221CEF734}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A90B4241-6C0A-4582-9FAB-7E6CB2A80E6C}" = rport=139 | protocol=6 | dir=out | app=system |
"{A9B72072-38F1-4765-8E11-1A5D2258AE9E}" = rport=138 | protocol=17 | dir=out | app=system |
"{B3D7E1B5-2010-42F1-891C-5E899199E099}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B8043983-9A0A-4A88-92FF-F96CE1F77B34}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B9CB1495-3A26-416D-B239-BA734909B084}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BB39187C-3DB9-4011-BB7A-DF171D94B46A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C1C4B6D2-2D7F-446E-B679-97122D748825}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C3E26A95-5417-47B7-B0C1-95B446E9CB1B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{CC275849-CF58-4C13-87AB-946653651F4B}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{DDA11836-0B95-40FC-AEA2-7803B0527F35}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E2616D81-64A3-4879-8F1E-532B092C05B3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EAB0B1BB-A644-4E80-A5C6-3E2A5DA3E551}" = lport=137 | protocol=17 | dir=in | app=system |
"{F61214E5-3B0C-491B-8A47-5D53E90F3AFF}" = rport=137 | protocol=17 | dir=out | app=system |
"{F650781A-5D14-4144-9BDB-CE5626FA74DA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC1D7A4A-ED31-4DC6-988A-16EBC89650FB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034BCDAB-0817-418D-9B8E-60009E803422}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office12\groove.exe |
"{0417E15B-5652-4C16-B2FE-2800C363CE8F}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{049195D0-8873-4F97-8C31-80C1DE0183B8}" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{05B1076E-2FDA-498D-ABB5-91D10B1C404E}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\batman arkham origins\singleplayer\binaries\win32\batmanorigins.exe |
"{12628218-C6C1-45DC-B783-6149EC331FDF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1369D3CD-1E30-4C4D-BCAD-1A9DBE205623}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{18EA7A08-CD70-4BE3-8953-387E309801CD}" = dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{198C0394-D5BC-4D1D-9954-2BE4CBBB5201}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1E8BBFCA-6214-464F-8F92-37826C802DB3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1EF8040D-F5BB-49AD-8356-8328E9E9B58E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22EDA100-4B21-4424-8946-62053FD26CB3}" = dir=in | app=d:\program files (x86)\cdp.pl\farming simulator 2013\farmingsimulator2013.exe |
"{22FEE02B-A1BE-42E4-A6FE-878928CF0FA0}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\onenote.exe |
"{29C07ABA-D3CB-4461-B43F-EC302837A08F}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{2AF0FD50-9FC0-4B59-AA77-A7973C904C65}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3244AC15-3043-47FF-BE9F-3DE7744BC89C}" = dir=in | app=d:\program files (x86)\itunes\itunes.exe |
"{32CC3F0E-B940-41C2-A348-8D0A25EBDEBF}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{359D7997-40C1-4BDC-9C1D-E2A1FB3F787B}" = protocol=6 | dir=in | app=c:\users\mateusz\appdata\roaming\bittorrent\bittorrent.exe |
"{381B050A-4E31-4F66-B31B-95C0438EDDAF}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3B66F90E-E165-411A-AC56-781190A47108}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4A6C9892-7EA8-4CD0-A2DF-2930A67FA58B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FAE50D4-D3BC-4227-8210-B8FCBF71FDE2}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\burnout paradise\burnoutparadise.exe |
"{507AB965-3BB1-4FD9-A341-03973D86E586}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{572252F0-3697-4D3B-8D06-828FED3A625B}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{58D027D8-7ECD-4A96-A37B-48420DB58D36}" = dir=in | app=c:\users\mateusz\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{58F263EF-77CC-40B0-88C5-EFB5B1EE4CF7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5FE6D7FB-8085-4DCA-8102-41D24C267124}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{696A1AE1-639B-4650-8D26-D25553B4200C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{791C9DE9-DA02-4415-9BF7-50F27505863E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7998AC9E-868B-4A15-899C-816D16C3A803}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{7F647FBD-2279-4CAA-899B-E63819EC118A}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{80D94B0A-619A-4832-8932-277E0B656045}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{81AE42F3-45F7-46FB-B883-1CC4505A18A6}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\batman arkham origins\online\binaries\win32\batmanoriginsonline.exe |
"{81B04E14-E325-417E-9486-5F906FFF63EA}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\batman arkham origins\singleplayer\binaries\win32\batmanorigins.exe |
"{820638BE-A5B0-447E-B818-4E8CE6613947}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{85BA7F2D-7C84-46E3-8C19-BAD3283B6799}" = protocol=17 | dir=in | app=c:\users\mateusz\appdata\roaming\bittorrent\bittorrent.exe |
"{86648216-A1DC-4CBD-9F56-2888C6F6B135}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\batman arkham origins\online\binaries\win32\batmanoriginsonline.exe |
"{87CC0B42-B142-4FAE-9743-6132CE1848D5}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\mirrors edge\binaries\mirrorsedge.exe |
"{8ADB4FFC-7BCE-4778-AED8-DBCF348B464D}" = protocol=17 | dir=in | app=c:\users\mateusz\appdata\roaming\dropbox\bin\dropbox.exe |
"{8D784F53-6F43-41C1-9935-68DD9CAE9FA3}" = protocol=6 | dir=out | app=system |
"{8D92272E-9A2E-4B4F-8504-EB4D41B6F60F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{95094DFE-3756-4A46-8DCB-990090074170}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9551A19F-4B53-445B-99DC-33B8FE58360B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{962A7599-8693-419B-A90F-40A37BD72E93}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{96479830-A9A8-40B4-8D31-391426DD688C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{969539CA-AD96-4F1E-A830-7E85B968F53D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{99B20A10-2D19-403B-A221-38DB09ADDAA5}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{9AA4C60D-DB27-4BD0-9444-F9FBEC336D38}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9B9E9E9F-2F1A-470B-AFA9-A3E097778850}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\nmdllhost.exe |
"{9F8D45C1-74FD-4EF0-9FDB-C2B40D2DBF0D}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\burnout paradise\burnoutparadise.exe |
"{A4C76B19-6716-4723-A30A-47EA479E21B1}" = dir=in | app=d:\program files (x86)\cdp.pl\farming simulator 2013\farmingsimulator2013game.exe |
"{AFF098C2-177C-491A-AE23-D6E4C7098513}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft office\office12\onenote.exe |
"{B226026A-8AE0-4794-80ED-EE42EF69248B}" = protocol=6 | dir=in | app=d:\program files (x86)\warthunder\launcher.exe |
"{B90EDEEF-5BEB-4DE4-B5A7-0956436437CA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{BD244FCF-0334-44B2-9CD1-D638451B2AED}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{BDCDD1BB-7776-4A96-B0EE-0DD05AFBA18D}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{BFCF81CC-D39E-4163-964F-AA35869FD7B0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C3BEB038-5A84-467B-8E85-D104DCCD79A2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C81D8547-8589-4142-97C7-828AC0F91C46}" = protocol=6 | dir=in | app=c:\users\mateusz\appdata\roaming\dropbox\bin\dropbox.exe |
"{CC020C21-8ACB-427C-A964-B742F0DFC579}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\mirrors edge\binaries\mirrorsedge.exe |
"{CCC75E44-F2AC-4A7D-B8FB-6BD815BFD1A5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CCDE3F7F-B1F6-4E7A-85CA-3D6337AB9379}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D38DF4C3-E436-4CC4-9321-22BF1D965F41}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3D24EE0-D7E8-460D-BEF4-D5AE56623F84}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{D8C8AD8C-6D4E-4779-86A5-51625C69D687}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\nmdllhost.exe |
"{E2D20512-7DDE-46DF-95AA-458D7560A308}" = protocol=17 | dir=in | app=d:\program files (x86)\warthunder\launcher.exe |
"{E6D36DBC-E63C-4B47-8304-A36B2A543B28}" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{E71CDFC1-EB0A-4AAE-8BCB-5AD31354C4F0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EEAD5B33-4502-4816-9070-F5538D5B1E64}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F422E922-D104-40FF-B32F-23F27B7DA1BA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4F279AA-CC82-4816-B56A-102EE88023DF}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{F6C65C76-EBEA-4C37-AA13-795DDB8BD0D8}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft office\office12\groove.exe |
"{F7C24F69-9CA0-49F6-86E2-D3A47958C68B}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"TCP Query User{58DCF8FB-857C-4A2E-AC39-DCD41491FBAD}D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe |
"TCP Query User{8C5D0503-AF95-47A5-AD26-7F44ED9CE1A5}C:\users\mateusz\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\mateusz\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{C70151C6-186B-4687-ABCE-343951ABB3B3}D:\program files (x86)\warthunder\aces.exe" = protocol=6 | dir=in | app=d:\program files (x86)\warthunder\aces.exe |
"UDP Query User{0A83954A-BDBF-4B30-90F5-D7A04DBA5BA9}C:\users\mateusz\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\mateusz\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{581EE4C2-7D91-47A1-A174-44AC8703CB84}D:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe |
"UDP Query User{8A40A26E-7122-4804-AAC0-B955B009E068}D:\program files (x86)\warthunder\aces.exe" = protocol=17 | dir=in | app=d:\program files (x86)\warthunder\aces.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{171C7193-1BB5-4619-BF23-E962598CAB13}" = Intel® Trusted Connect Service Client
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{5866DD36-8055-475B-A5C3-82C04091D14E}" = BF3 Settings Editor
"{64484376-A316-4328-84F8-DA98F4150A41}" = HP Deskjet 2050 J510 series — podstawowe oprogramowanie urządzenia
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.7
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 9.3.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 9.3.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.9
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F73A118B-8271-47E2-8790-0C636B2539C5}" = iTunes
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"WinRAR archiver" = WinRAR 5.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CF7D22B-977C-43B2-9219-E03017FBAC6D}" = Nero Recode Help (CHM)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1CDC8E7D-CDFC-4C2B-A080-23D943354625}" = Burnout™ Paradise: The Ultimate Box
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{36DA8969-4DCD-48FF-894A-6BD3936050C3}" = Nero Blu-ray Player Help (CHM)
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{40E51513-D917-4563-84F6-4EF6ADD46E2F}" = Nero Recode
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Obsługa programów Apple
"{4CA46F9F-174C-4766-9EA2-2325DF414B9E}" = Nero Express Help (CHM)
"{4DB136AF-389B-4A34-AE34-50123559D08E}" = Nero MediaHome
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{511B5F54-CB1D-4F5B-BE0E-09B1D86BE586}" = Nero Video
"{52644103-70EE-47F6-9BBB-AA4514B59615}_is1" = Farming Simulator 2013
"{5446D3AF-B060-49B6-9535-F300E1532022}" = Nero Video Help (CHM)
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{581DCE84-1948-4891-A4A7-A1222CC137C5}" = Nero RescueAgent
"{5909A89E-C97F-407C-AE2B-47BDED86BF5D}" = Prerequisite installer
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{608E1B9B-A2E8-4A1F-8BAB-874EB0DD25E3}" = Intel® Update Manager
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}" = Microsoft Games for Windows Marketplace
"{6A6D86CD-B004-46b7-8951-7BB75A776F8C}" = Intel® Small Business Advantage
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75CA8AAE-5346-4312-A9A8-5CF89955930F}" = Nero MediaHome Help (CHM)
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1" = Winki
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{9642EA87-3714-49A6-9E70-325CB18E6DE5}" = Nero 2014
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout™ Paradise: The Ultimate Box
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.0 - Polish
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B166374C-105E-445E-8E5D-A86CA5742645}" = Nero Burning Core
"{B791E0AB-87A9-41A4-8D98-D13C2E37D928}" = Nero Info
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C03E2FB3-250B-44A1-8B9E-61DFCD544133}" = Nero Disc to Device
"{CDFE8F95-F80F-4115-9C3F-0E1FD8F9F58C}" = Nero ControlCenter Help (CHM)
"{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}" = Nero Launcher
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4}" = Nero Express
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.274
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}" = Nero Burning ROM
"{F69D4104-5394-4F7C-801C-D96DC92E7F69}" = Nero RescueAgent Help (CHM)
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FA78CC15-9F90-443B-BA61-A66595F06432}" = Nero Burning ROM Help (CHM)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"bi_uninstaller" = Bundled software uninstaller
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Produkt Microsoft Office Enterprise 2007 w wersji próbnej
"ESN Sonar-0.70.4" = ESN Sonar
"foxtab" = Foxtab
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.9.9
"ividi" = Unitech LLC toolbar
"League of Legends 3.0.1" = League of Legends
"Łatka polonizacyjna GTA IV v1.0" = Łatka polonizacyjna GTA IV v1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Stardock Fences 2" = Stardock Fences 2
"Steam App 50130" = Mafia II
"UltraISO_is1" = UltraISO Premium V9.53
"WsysControl" = Wsys Control 10.2.1.2634

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"Dropbox" = Dropbox
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2013-11-01 12:46:12 | Computer Name = Mateusz-komp | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: Au_.exe, wersja: 4.48.1.347, sygnatura
czasowa: 0x4bc06cda Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7600.16385,
sygnatura czasowa: 0x4a5bdbdf Kod wyjątku: 0xc06d007e Przesunięcie błędu: 0x0000b727
Identyfikator
procesu powodującego błąd: 0xce4 Godzina uruchomienia aplikacji powodującej błąd:
0x01ced721ddf45c47 Ścieżka aplikacji powodującej błąd: C:\Users\Mateusz\AppData\Local\Temp\~nsu.tmp\Au_.exe
Ścieżka
modułu powodującego błąd: C:\Windows\syswow64\KERNELBASE.dll Identyfikator raportu:
1d46bdbd-4315-11e3-b772-d43d7e384d9b

Error - 2013-11-01 12:47:08 | Computer Name = Mateusz-komp | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: Au_.exe, wersja: 4.48.1.347, sygnatura
czasowa: 0x4bc06cda Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7600.16385,
sygnatura czasowa: 0x4a5bdbdf Kod wyjątku: 0xc06d007e Przesunięcie błędu: 0x0000b727
Identyfikator
procesu powodującego błąd: 0x1988 Godzina uruchomienia aplikacji powodującej błąd:
0x01ced721ff4682ee Ścieżka aplikacji powodującej błąd: C:\Users\Mateusz\AppData\Local\Temp\~nsu.tmp\Au_.exe
Ścieżka
modułu powodującego błąd: C:\Windows\syswow64\KERNELBASE.dll Identyfikator raportu:
3e8709d1-4315-11e3-b772-d43d7e384d9b

Error - 2013-11-01 13:01:54 | Computer Name = Mateusz-komp | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: DTLite.exe, wersja: 4.48.1.347,
sygnatura czasowa: 0x526e206a Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja:
6.1.7600.16385, sygnatura czasowa: 0x4a5bdbdf Kod wyjątku: 0xc06d007e Przesunięcie
błędu: 0x0000b727 Identyfikator procesu powodującego błąd: 0x384 Godzina uruchomienia
aplikacji powodującej błąd: 0x01ced72410a9dd12 Ścieżka aplikacji powodującej błąd:
D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe Ścieżka modułu powodującego
błąd: C:\Windows\syswow64\KERNELBASE.dll Identyfikator raportu: 4ebed65b-4317-11e3-b772-d43d7e384d9b

Error - 2013-11-01 13:42:31 | Computer Name = Mateusz-komp | Source = MsiInstaller | ID = 1013
Description =

Error - 2013-11-01 14:54:56 | Computer Name = Mateusz-komp | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: install.exe_Razor 1911 Steam Installer,
wersja: 0.9.0.0, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: simpack.dll,
wersja: 0.0.0.0, sygnatura czasowa: 0x4ba67b90 Kod wyjątku: 0xc0000417 Przesunięcie
błędu: 0x000044e7 Identyfikator procesu powodującego błąd: 0x5bc Godzina uruchomienia
aplikacji powodującej błąd: 0x01ced73365682aec Ścieżka aplikacji powodującej błąd:
F:\install.exe Ścieżka modułu powodującego błąd: F:\simpack.dll Identyfikator raportu:
18d1a7ca-4327-11e3-b772-d43d7e384d9b

Error - 2013-11-01 15:08:25 | Computer Name = Mateusz-komp | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: DTLite.exe, wersja: 4.48.1.347,
sygnatura czasowa: 0x526e206a Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja:
6.1.7600.16385, sygnatura czasowa: 0x4a5bdbdf Kod wyjątku: 0xc06d007e Przesunięcie
błędu: 0x0000b727 Identyfikator procesu powodującego błąd: 0x107c Godzina uruchomienia
aplikacji powodującej błąd: 0x01ced735bd175b1e Ścieżka aplikacji powodującej błąd:
D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe Ścieżka modułu powodującego
błąd: C:\Windows\syswow64\KERNELBASE.dll Identyfikator raportu: fb8040d0-4328-11e3-b772-d43d7e384d9b

Error - 2013-11-01 15:12:24 | Computer Name = Mateusz-komp | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: DTLite.exe, wersja: 4.48.1.347,
sygnatura czasowa: 0x526e206a Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja:
6.1.7600.16385, sygnatura czasowa: 0x4a5bdbdf Kod wyjątku: 0xc06d007e Przesunięcie
błędu: 0x0000b727 Identyfikator procesu powodującego błąd: 0xe10 Godzina uruchomienia
aplikacji powodującej błąd: 0x01ced7364b1ac620 Ścieżka aplikacji powodującej błąd:
D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe Ścieżka modułu powodującego
błąd: C:\Windows\syswow64\KERNELBASE.dll Identyfikator raportu: 89cb66f8-4329-11e3-b772-d43d7e384d9b

Error - 2013-11-01 15:36:51 | Computer Name = Mateusz-komp | Source = NvStreamSvc | ID = 131073
Description =

Error - 2013-11-01 15:36:51 | Computer Name = Mateusz-komp | Source = NvStreamSvc | ID = 131073
Description =

Error - 2013-11-01 15:36:58 | Computer Name = Mateusz-komp | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: DTLite.exe, wersja: 4.48.1.347,
sygnatura czasowa: 0x526e206a Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja:
6.1.7600.16385, sygnatura czasowa: 0x4a5bdbdf Kod wyjątku: 0xc06d007e Przesunięcie
błędu: 0x0000b727 Identyfikator procesu powodującego błąd: 0xc04 Godzina uruchomienia
aplikacji powodującej błąd: 0x01ced739b24dfbdd Ścieżka aplikacji powodującej błąd:
D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe Ścieżka modułu powodującego
błąd: C:\Windows\syswow64\KERNELBASE.dll Identyfikator raportu: f831ddcc-432c-11e3-94b6-d43d7e384d9b

[ System Events ]
Error - 2013-10-31 08:52:01 | Computer Name = Mateusz-komp | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.

Error - 2013-10-31 08:55:25 | Computer Name = Mateusz-komp | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą Steam Client Service.

Error - 2013-10-31 08:55:25 | Computer Name = Mateusz-komp | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Steam Client Service z powodu następującego
błędu: %%1053

Error - 2013-10-31 11:42:22 | Computer Name = Mateusz-komp | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.

Error - 2013-10-31 15:37:37 | Computer Name = Mateusz-komp | Source = bowser | ID = 8003
Description =

Error - 2013-11-01 03:24:37 | Computer Name = Mateusz-komp | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.

Error - 2013-11-01 04:35:37 | Computer Name = Mateusz-komp | Source = bowser | ID = 8003
Description =

Error - 2013-11-01 11:18:58 | Computer Name = Mateusz-komp | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.

Error - 2013-11-01 12:42:03 | Computer Name = Mateusz-komp | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.

Error - 2013-11-01 15:36:27 | Computer Name = Mateusz-komp | Source = Service Control Manager | ID = 7022
Description = Usługa Wsys Service zawiesiła się podczas uruchamiania.

< End of report >

MBAM Logs:

Malwarebytes Anti-Malware (Okres testowy) 1.75.0.1300
www.malwarebytes.org

Wersja bazy: v2013.11.01.05

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Mateusz :: MATEUSZ-KOMP [administrator]

Ochrona: Włączona

2013-11-01 20:29:30
MBAM-log-2013-11-01 (20-33-30).txt

Typ skanowania: Szybkie skanowanie
Zaznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUM
Odznaczone opcje skanowania: P2P
Przeskanowano obiektów: 223399
Upłynęło: 2 minut(y), 52 sekund(y)

Wykrytych procesów w pamięci: 1
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Wsys.A) -> 1864 -> Nie wykonano akcji.

Wykrytych modułów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych kluczy rejestru: 15
HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc (PUP.Optional.Wsys.A) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl (PUP.Optional.Wsys.A) -> Nie wykonano akcji.
HKCR\CLSID\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} (Adware.Montiera) -> Nie wykonano akcji.
HKCR\ividi.ividiHlpr.1 (Adware.Montiera) -> Nie wykonano akcji.
HKCR\ividi.ividiHlpr (Adware.Montiera) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} (Adware.Montiera) -> Nie wykonano akcji.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} (Adware.Montiera) -> Nie wykonano akcji.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B8B2E80-1444-451D-AC8E-EB9A847F3887} (Adware.Montiera) -> Nie wykonano akcji.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044} (PUP.Optional.MiniBar.A) -> Nie wykonano akcji.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044} (PUP.Optional.MiniBar.A) -> Nie wykonano akcji.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5} (PUP.Optional.MiniBar.A) -> Nie wykonano akcji.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Nie wykonano akcji.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Nie wykonano akcji.
HKLM\SOFTWARE\qvo6Software (PUP.Optional.qvo6.A) -> Nie wykonano akcji.
HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo (PUP.Optional.Elex.A) -> Nie wykonano akcji.

Wykrytych wartości rejestru: 2
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0J1L2U1C1H1Q0R2X1L1R1P0B1P -> Nie wykonano akcji.
HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc|ImagePath (PUP.Optional.Esafe.A) -> Data: C:\ProgramData\eSafe\eGdpSvc.exe -> Nie wykonano akcji.

Wykryte wpisy rejestru systemowego: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Złe: (http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S543690036900&ts=1379851067) Dobre: (http://www.google.com) -> Nie wykonano akcji.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Złe: (http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S543690036900&ts=1379851067) Dobre: (http://www.google.com) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Złe: (http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S543690036900&ts=1379851067) Dobre: (http://www.google.com) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Złe: (http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD10EZEX-00KUWA0_WD-WCC1S543690036900&ts=1379851067) Dobre: (http://www.google.com) -> Nie wykonano akcji.

wykrytych folderów: 0
(Nie znaleziono zagrożeń)

Wykrytych plików: 15
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Wsys.A) -> Nie wykonano akcji.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll (Adware.Montiera) -> Nie wykonano akcji.
C:\Users\Mateusz\AppData\Local\Temp\bitool.dll (PUP.Optional.Somoto) -> Nie wykonano akcji.
C:\Users\Mateusz\AppData\Local\Temp\DTLite4481-0347.exe (PUP.Optional.OpenCandy) -> Nie wykonano akcji.
C:\Users\Mateusz\AppData\Local\Temp\nswA20C.tmp (PUP.Optional.Somoto.A) -> Nie wykonano akcji.
C:\Users\Mateusz\AppData\Local\Temp\nsz147F.tmp (PUP.Optional.Somoto.A) -> Nie wykonano akcji.
C:\Users\Mateusz\AppData\Local\Temp\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> Nie wykonano akcji.
C:\Users\Mateusz\AppData\Local\Temp\is1890775716\250677_Setup.EXE (PUP.Optional.OpenCandy) -> Nie wykonano akcji.
C:\Users\Mateusz\Downloads\Adobe-Reader(12627).exe (PUP.Optional.InstallCore.A) -> Nie wykonano akcji.
C:\Users\Mateusz\Downloads\DAEMON-Tools-Lite(12708).exe (PUP.Optional.InstallCore.A) -> Nie wykonano akcji.
C:\Users\Mateusz\Downloads\DTLite4454-0315.exe (PUP.Optional.OpenCandy) -> Nie wykonano akcji.
C:\Users\Mateusz\Downloads\DTLite4481-0347(dobreprogramy.pl).exe (PUP.Optional.OpenCandy) -> Nie wykonano akcji.
C:\Users\Mateusz\Downloads\HandBrake(15722).exe (PUP.Optional.InstallCore.A) -> Nie wykonano akcji.
C:\Users\Mateusz\Downloads\SoftonicDownloader_dla_handbrake.exe (PUP.Optional.Softonic.A) -> Nie wykonano akcji.
C:\Users\Mateusz\Pictures\Malwarebytes-AntiMalware(13117) (1).exe (PUP.Optional.InstallCore.A) -> Nie wykonano akcji.

(zakończone)

AdwCleaner(R0):

# AdwCleaner v3.010 - Log utworzony 01/11/2013 o 20:48:12

# Aktualizacja 20/10/2013 przez Xplode

# System operacyjny : Windows 7 Home Premium (64 bits)

# Uzytkownik : Mateusz - MATEUSZ-KOMP

# Sciezka : C:\Users\Mateusz\Pictures\AdwCleaner.exe

# Opcja : Szukaj

***** [ Uslugi ] *****

Usluga Znaleziono : WsysSvc

***** [ Pliki / Foldery ] *****

Folder Znaleziono C:\ProgramData\eSafe

Folder Znaleziono C:\Users\Mateusz\AppData\Local\DProtect

Folder Znaleziono C:\Users\Mateusz\AppData\LocalLow\Minibar

***** [ Skróty ] *****

***** [ Rejestr ] *****

Klucz Znaleziono : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Klucz Znaleziono : HKCU\Software\AppDataLow\Software\smartbar

Klucz Znaleziono : HKCU\Software\BI

Klucz Znaleziono : HKCU\Software\Conduit

Klucz Znaleziono : HKCU\Software\InstallCore

Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}

Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}

Klucz Znaleziono : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}

Klucz Znaleziono : HKCU\Software\Softonic

Klucz Znaleziono : [x64] HKCU\Software\BI

Klucz Znaleziono : [x64] HKCU\Software\Conduit

Klucz Znaleziono : [x64] HKCU\Software\InstallCore

Klucz Znaleziono : [x64] HKCU\Software\Softonic

Klucz Znaleziono : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Klucz Znaleziono : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Klucz Znaleziono : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Klucz Znaleziono : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Klucz Znaleziono : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Klucz Znaleziono : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Klucz Znaleziono : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Klucz Znaleziono : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Klucz Znaleziono : HKLM\SOFTWARE\Classes\escort.escortIEPane

Klucz Znaleziono : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Klucz Znaleziono : HKLM\SOFTWARE\Classes\I

Klucz Znaleziono : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Klucz Znaleziono : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Klucz Znaleziono : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Klucz Znaleziono : HKLM\Software\eSafeSecControl

Klucz Znaleziono : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

Klucz Znaleziono : HKLM\Software\InstallCore

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_handbrake_RASAPI32

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_handbrake_RASMANCS

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller

Klucz Znaleziono : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl

Klucz Znaleziono : HKLM\Software\qvo6Software

Klucz Znaleziono : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc

Klucz Znaleziono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

***** [ Przegladarki internetowe ] *****

-\\ Internet Explorer v8.0.7600.16385

-\\ Google Chrome v30.0.1599.101

[ Plik : C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5732 octets] - [01/11/2013 20:48:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5792 octets] ##########

AdwCleaner(S0):

Klucz Usunieto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc

Klucz Usunieto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_handbrake_RASAPI32

Klucz Usunieto : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_handbrake_RASMANCS

Klucz Usunieto : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Klucz Usunieto : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Klucz Usunieto : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Klucz Usunieto : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Klucz Usunieto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}

Klucz Usunieto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}

Klucz Usunieto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}

Klucz Usunieto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Klucz Usunieto : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Dane Przywrócono : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command

Klucz Usunieto : HKCU\Software\BI

Klucz Usunieto : HKCU\Software\Conduit

Klucz Usunieto : HKCU\Software\InstallCore

Klucz Usunieto : HKCU\Software\Softonic

Klucz Usunieto : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Klucz Usunieto : HKCU\Software\AppDataLow\Software\smartbar

Klucz Usunieto : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Klucz Usunieto : HKLM\Software\eSafeSecControl

Klucz Usunieto : HKLM\Software\InstallCore

Klucz Usunieto : HKLM\Software\qvo6Software

Klucz Usunieto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller

Klucz Usunieto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl

***** [ Przegladarki internetowe ] *****

-\\ Internet Explorer v8.0.7600.16385

Ustawienie Przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

Ustawienie Przywrócono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

Ustawienie Przywrócono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

-\\ Google Chrome v30.0.1599.101

[ Plik : C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5900 octets] - [01/11/2013 20:48:12]

AdwCleaner[s0].txt - [4406 octets] - [01/11/2013 20:50:23]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4466 octets] ##########

Screen:

http://www.elektroda.pl/rtvforum/files-rtvforum/elektroda_fd48b98.jpg?sid=f0df6cca19ad6f393186c6508f1eecea

Fix00ser · 16 Listopada 2013

Usuwanie SPTD

http://traxter-online.net/wylaczanie-i-usuwanie-sterownika-sptd-napedow-wirtualnych/

http://www.fixitpc.pl/forum-6/announcement-2-wa%C5%BCne-oprogramowanie-emuluj%C4%85ce-nap%C4%99dy/

Lennard · 22 Listopada 2013

http://removal-guides.com/malware/dosearches-com-hijacker/

Zaloguj się

"Deamon Tools przestał działać" lub "Program "X" przestał działać"

Recommended Posts

larw4 0

Link to post

Share on other sites

Fix00ser 477

Link to post

Share on other sites

Lennard 1

Link to post

Share on other sites

Dołącz do dyskusji

Ostatnio przeglądający 0 użytkowników