Sprawdzenie systemu po dezynfekcji

[Pablo922]

Witam, załapałem w nocy kupę malware'u.Dzięki szybkiej i sprawnej interwencji udało mi się niby wszystko usunąć, jednak mimo wszystko dla 100% pewności prosiłbym o sprawdzenie czy jeszcze nie pozostały jakieś resztki.

Kod: Zaznacz cały

OTL logfile created on: 08 04 15 17:46:23 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Piotr\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd MM yy
 
7,98 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 74,09% Memory free
11,98 Gb Paging File | 9,11 Gb Available in Paging File | 76,03% Paging File free
Paging file location(s): c:\pagefile.sys 4096 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 80,00 Gb Total Space | 6,30 Gb Free Space | 7,88% Space Free | Partition Type: NTFS
Drive D: | 70,00 Gb Total Space | 8,03 Gb Free Space | 11,47% Space Free | Partition Type: NTFS
Drive F: | 490,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: PC | User Name: Piotr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2015 04 08 17:45:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Piotr\Downloads\OTL 3.2.69.0 [1].exe
PRC - [2015 04 06 14:31:21 | 000,376,944 | ---- | M] (Mozilla Corporation) -- D:\ff\firefox.exe
PRC - [2015 04 06 14:31:21 | 000,267,888 | ---- | M] (Mozilla Corporation) -- D:\ff\plugin-container.exe
PRC - [2015 04 05 12:54:25 | 001,893,040 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
PRC - [2015 02 04 19:18:54 | 000,655,984 | ---- | M] (Filefacts.net) -- C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe
PRC - [2014 08 30 17:48:46 | 000,234,520 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
PRC - [2014 08 30 17:47:54 | 000,193,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
PRC - [2014 06 12 18:23:08 | 000,359,128 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2014 06 12 18:22:40 | 000,437,976 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2014 06 12 17:44:08 | 014,407,384 | ---- | M] () -- D:\vmware\vmware-hostd.exe
PRC - [2014 06 12 17:22:10 | 000,086,744 | ---- | M] (VMware, Inc.) -- D:\vmware\vmware-authd.exe
PRC - [2014 04 14 22:50:14 | 003,873,784 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2014 02 04 18:32:24 | 007,805,936 | ---- | M] (Acronis) -- D:\ATU Premium\TrueImageHome\TrueImageMonitor.exe
PRC - [2014 02 04 16:56:28 | 007,142,320 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2013 10 10 12:41:26 | 001,102,192 | ---- | M] (Acronis International GmbH) -- C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
PRC - [2010 03 10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009 12 23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2015 04 05 12:54:25 | 016,858,288 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
MOD - [2015 01 22 02:43:20 | 000,587,048 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
MOD - [2015 01 22 02:43:20 | 000,459,048 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
MOD - [2015 01 22 02:43:20 | 000,332,584 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
MOD - [2014 02 04 18:25:56 | 000,028,992 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
MOD - [2014 02 04 18:25:52 | 000,036,672 | ---- | M] () -- D:\ATU Premium\TrueImageHome\qt_icontray_ex.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2014 11 21 04:12:40 | 000,244,736 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2014 11 20 22:23:06 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2013 11 27 17:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2013 11 27 11:17:40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2013 11 23 06:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2013 11 08 05:41:17 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2013 10 22 03:53:47 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2013 10 19 07:37:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2013 10 04 10:10:59 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2013 09 21 07:38:15 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2013 09 21 07:34:45 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2013 08 31 12:00:10 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2013 08 23 01:14:35 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2013 08 23 01:14:34 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:[b]64bit:[/b] - [2013 08 22 14:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:[b]64bit:[/b] - [2013 08 22 14:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2013 08 22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2013 08 22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2013 08 22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2013 08 22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2013 08 22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2013 08 22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2013 08 22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2013 08 22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2013 08 22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2013 08 22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2013 08 22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2013 08 22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2013 08 22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2013 08 22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2013 08 22 12:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2013 08 22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2013 08 22 11:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2013 08 22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2013 08 22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2013 08 22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2013 08 22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013 08 22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2013 08 22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2013 08 22 11:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2013 08 22 11:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2013 08 22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2013 08 22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2010 12 13 15:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV - [2015 04 06 14:31:21 | 000,148,080 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015 04 05 12:54:25 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015 03 17 06:14:08 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015 01 02 19:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014 12 16 02:25:35 | 001,900,400 | ---- | M] (Electronic Arts) [Disabled | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2014 12 03 08:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014 11 24 13:48:34 | 002,604,856 | ---- | M] (AVG Technologies) [Auto | Running] -- D:\TuneUp Utilities 2015\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2014 08 30 17:48:46 | 000,234,520 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe -- (AVP15.0.1)
SRV - [2014 06 12 18:23:08 | 000,359,128 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2014 06 12 18:22:40 | 000,437,976 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2014 06 12 17:44:08 | 014,407,384 | ---- | M] () [Auto | Running] -- D:\vmware\vmware-hostd.exe -- (VMwareHostd)
SRV - [2014 06 12 17:22:10 | 000,086,744 | ---- | M] (VMware, Inc.) [Auto | Running] -- D:\vmware\vmware-authd.exe -- (VMAuthdService)
SRV - [2014 04 14 22:50:14 | 003,873,784 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2014 02 27 18:40:46 | 000,906,432 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2014 02 04 16:56:28 | 007,142,320 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2013 08 31 11:25:30 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013 08 22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013 08 22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013 08 22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013 07 18 11:52:00 | 001,142,584 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012 01 05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2010 03 10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010 02 19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009 12 23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\Grafika\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.2.0)
DRV:[b]64bit:[/b] - [2015 04 08 01:27:37 | 000,309,248 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\dtscsidrv.sys -- (dtscsidrv)
DRV:[b]64bit:[/b] - [2015 03 17 15:14:33 | 000,800,440 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2015 03 17 06:15:40 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2015 03 17 06:15:24 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2015 03 03 18:20:09 | 000,293,888 | ---- | M] (Alcohol Soft Development Team) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\axscsidrv.sys -- (axscsidrv)
DRV:[b]64bit:[/b] - [2015 03 03 18:02:53 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2015 01 22 02:43:20 | 000,150,536 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
DRV:[b]64bit:[/b] - [2015 01 22 02:43:20 | 000,077,512 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwtp.sys -- (Klwtp)
DRV:[b]64bit:[/b] - [2015 01 22 02:43:20 | 000,068,616 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwfp.sys -- (klwfp)
DRV:[b]64bit:[/b] - [2014 11 21 04:40:00 | 018,959,360 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2014 11 21 04:08:54 | 000,589,312 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2014 08 12 18:32:58 | 000,247,480 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klhk.sys -- (klhk)
DRV:[b]64bit:[/b] - [2014 07 25 12:19:42 | 000,049,776 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv.sys -- (ManyCam)
DRV:[b]64bit:[/b] - [2014 07 09 16:23:54 | 000,179,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:[b]64bit:[/b] - [2014 07 02 16:10:42 | 000,046,144 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\kldisk.sys -- (kldisk)
DRV:[b]64bit:[/b] - [2014 06 21 19:02:02 | 000,223,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2014 06 12 18:23:04 | 000,064,728 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:[b]64bit:[/b] - [2014 06 12 18:22:50 | 000,031,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:[b]64bit:[/b] - [2014 06 12 18:22:02 | 000,046,160 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:[b]64bit:[/b] - [2014 06 12 18:22:02 | 000,020,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:[b]64bit:[/b] - [2014 06 12 18:21:58 | 000,033,496 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:[b]64bit:[/b] - [2014 05 26 06:46:07 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:[b]64bit:[/b] - [2014 05 16 14:03:30 | 000,141,600 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2014 04 23 08:59:07 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2014 04 14 22:50:15 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:[b]64bit:[/b] - [2014 04 14 22:50:14 | 001,464,096 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:[b]64bit:[/b] - [2014 04 14 22:50:13 | 000,198,432 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:[b]64bit:[/b] - [2014 04 14 22:50:12 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib.sys -- (tib)
DRV:[b]64bit:[/b] - [2014 04 14 22:50:12 | 000,269,600 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:[b]64bit:[/b] - [2014 04 14 22:50:10 | 000,116,000 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:[b]64bit:[/b] - [2014 03 31 11:47:10 | 000,468,576 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:[b]64bit:[/b] - [2014 03 28 17:51:02 | 000,028,768 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:[b]64bit:[/b] - [2014 02 27 18:40:32 | 000,054,464 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:[b]64bit:[/b] - [2014 02 27 18:40:28 | 000,051,904 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:[b]64bit:[/b] - [2014 02 25 13:09:02 | 000,030,304 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2014 02 11 17:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\AMD\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV:[b]64bit:[/b] - [2013 12 06 15:37:50 | 000,035,232 | ---- | M] (Visicom Media Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:[b]64bit:[/b] - [2013 11 11 04:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2013 11 09 13:55:11 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2013 11 01 13:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2013 10 31 02:58:59 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2013 10 26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2013 10 13 04:48:34 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2013 10 08 18:21:10 | 000,073,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:[b]64bit:[/b] - [2013 10 08 18:21:06 | 000,085,584 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:[b]64bit:[/b] - [2013 10 05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2013 09 21 14:10:51 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2013 09 17 11:18:30 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2013 09 14 16:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2013 08 23 01:14:37 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:[b]64bit:[/b] - [2013 08 23 01:14:35 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2013 08 23 01:14:26 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:[b]64bit:[/b] - [2013 08 23 01:14:26 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:[b]64bit:[/b] - [2013 08 23 01:14:26 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:[b]64bit:[/b] - [2013 08 23 01:14:26 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2013 08 23 01:14:25 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:[b]64bit:[/b] - [2013 08 22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2013 08 22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2013 08 22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013 08 22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2013 08 22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2013 08 22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2013 08 22 14:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2013 08 22 14:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2013 08 22 14:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2013 08 22 14:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2013 08 22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2013 08 22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2013 08 22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2013 08 22 14:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2013 08 22 14:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2013 08 22 14:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2013 08 22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2013 08 22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2013 08 22 13:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2013 08 22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2013 08 22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2013 08 22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2013 08 22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2013 08 22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013 08 22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2013 08 22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2013 08 22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2013 08 22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013 08 22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2013 08 22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2013 08 22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2013 08 22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013 08 22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013 08 22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2013 08 22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2013 08 22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2013 08 22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2013 08 22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2013 08 22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2013 08 22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013 08 13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2013 08 10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:[b]64bit:[/b] - [2013 08 08 17:11:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2013 07 30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2013 07 25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2013 06 28 11:45:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:[b]64bit:[/b] - [2013 06 18 16:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:[b]64bit:[/b] - [2013 05 13 16:36:06 | 000,050,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2013 04 23 16:30:52 | 000,093,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis)
DRV:[b]64bit:[/b] - [2013 04 18 16:14:12 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:[b]64bit:[/b] - [2013 04 18 16:12:26 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetadb.sys -- (andnetadb)
DRV:[b]64bit:[/b] - [2013 04 12 15:34:48 | 000,015,456 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
DRV:[b]64bit:[/b] - [2013 01 14 21:10:52 | 000,238,288 | ---- | M] (Kaspersky Lab UK Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cm_km_w.sys -- (cm_km_w)
DRV:[b]64bit:[/b] - [2012 09 23 01:17:24 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:[b]64bit:[/b] - [2012 07 27 18:38:24 | 000,029,616 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\klelam.sys -- (klelam)
DRV:[b]64bit:[/b] - [2010 12 13 15:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:[b]64bit:[/b] - [2007 02 06 11:49:32 | 000,022,528 | ---- | M] (         ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gt680x.sys -- (GT680x)
DRV - [2014 11 24 13:31:18 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- D:\TuneUp Utilities 2015\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2014 09 10 18:15:14 | 000,014,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\atBIOS\AtiTool\atillk64.sys -- (atillk64)
DRV - [2014 07 29 12:21:56 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
IE - HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl-PL
IE - HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 31 86 B0 A1 E9 58 D0 01  [binary data]
IE - HKU\S-1-5-21-3725892325-662792573-1056446912-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3725892325-662792573-1056446912-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3725892325-662792573-1056446912-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.5.2: D:\JAVA\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.5.2: D:\JAVA\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: D:\JRE 8 X32\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: D:\JRE 8 X32\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015 03 17 14:57:35 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015 03 17 14:57:36 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015 03 17 14:57:40 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015 03 17 14:57:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015 03 17 14:57:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015 03 17 14:57:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: D:\ff\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: D:\ff\plugins
 
[2014 03 03 16:38:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Piotr\AppData\Roaming\mozilla\Extensions
[2014 03 04 21:48:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Piotr\AppData\Roaming\mozilla\Firefox\Profiles\kj6azg38.default\extensions
[2015 04 08 03:14:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Piotr\AppData\Roaming\mozilla\Firefox\Profiles\xldjxqlv.default\extensions
[2014 04 07 15:18:24 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Piotr\AppData\Roaming\mozilla\Firefox\Profiles\xldjxqlv.default\extensions\en-US@dictionaries.addons.mozilla.org
[2014 03 05 23:10:00 | 000,000,000 | ---D | M] (BPH Sign Plugin) -- C:\Users\Piotr\AppData\Roaming\mozilla\Firefox\Profiles\xldjxqlv.default\extensions\SignPlugin@bph.pl
[2014 03 04 21:48:39 | 002,297,084 | ---- | M] () (No name found) -- C:\Users\Piotr\AppData\Roaming\mozilla\firefox\profiles\kj6azg38.default\extensions\firebug@software.joehewitt.com.xpi
[2014 05 28 17:42:10 | 000,133,000 | ---- | M] () (No name found) -- C:\Users\Piotr\AppData\Roaming\mozilla\firefox\profiles\xldjxqlv.default\extensions\adblockpopups@jessehakanen.net.xpi
[2015 04 01 16:55:15 | 000,970,672 | ---- | M] () (No name found) -- C:\Users\Piotr\AppData\Roaming\mozilla\firefox\profiles\xldjxqlv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjjeipcdnnjhgodgjpfkffcejoljijf\0.7.9_0\
CHR - Extension: No name found = C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
 
O1 HOSTS File: ([2014 09 30 14:19:17 | 000,000,929 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activation.acronis.com
O1 - Hosts: 127.0.0.1 65.52.240.48
O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com
O2:[b]64bit:[/b] - BHO: (Content Blocker Plugin) - {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\JAVA\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Virtual Keyboard Plugin) - {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\JAVA\bin\jp2ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Safe Money Plugin) - {E3D96E85-529D-4269-AC6A-97CF9E2221E3} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\JRE 8 X32\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Virtual Keyboard Plugin) - {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\JRE 8 X32\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {E3D96E85-529D-4269-AC6A-97CF9E2221E3} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O4:[b]64bit:[/b] - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:[b]64bit:[/b] - HKLM..\Run: [BCSSync] D:\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis International GmbH)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SFAUpdater] C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe (Filefacts.net)
O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files (x86)\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\ATU Premium\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-21-3725892325-662792573-1056446912-1001..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-3725892325-662792573-1056446912-1001..\Run: [ChomikBox] D:\Chomikbox\chomikbox.exe ( )
O4 - HKU\S-1-5-21-3725892325-662792573-1056446912-1001..\Run: [GG] C:\Users\Piotr\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-3725892325-662792573-1056446912-1001..\Run: [uTorrent] C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2014 09 09 22:08:58 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Klawiatura wirtualna - {09A10376-994C-4BBF-9121-F50CF7BA237E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Klawiatura wirtualna - {09A10376-994C-4BBF-9121-F50CF7BA237E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF0318C7-2B54-483D-AB4F-A5FAB9E644FB}: DhcpNameServer = 192.168.1.1
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:[b]64bit:[/b] - HKLM IFEO\AcroRd32.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27:[b]64bit:[/b] - HKLM IFEO\extendscript toolkit.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27:[b]64bit:[/b] - HKLM IFEO\lifecam.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27:[b]64bit:[/b] - HKLM IFEO\origin.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27:[b]64bit:[/b] - HKLM IFEO\originer.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27:[b]64bit:[/b] - HKLM IFEO\originuninstall.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27:[b]64bit:[/b] - HKLM IFEO\switchboard.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27 - HKLM IFEO\extendscript toolkit.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27 - HKLM IFEO\lifecam.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27 - HKLM IFEO\origin.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27 - HKLM IFEO\originer.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27 - HKLM IFEO\originuninstall.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O27 - HKLM IFEO\switchboard.exe: Debugger - D:\TuneUp Utilities 2015\TUAutoReactivator64.exe (AVG Technologies)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2015 01 21 11:55:46 | 000,294,356 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O32 - AutoRun File - [2000 11 22 15:44:22 | 000,356,352 | R--- | M] (Innerloop Studios AS) - F:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2000 11 07 08:37:50 | 000,000,062 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{74d0370b-c949-11e3-827d-50e5495e6237}\Shell - "" = AutoRun
O33 - MountPoints2\{74d0370b-c949-11e3-827d-50e5495e6237}\Shell\AutoRun\command - "" = "I:\setup.exe"
O33 - MountPoints2\{7e375676-caca-11e3-827f-50e5495e6237}\Shell - "" = AutoRun
O33 - MountPoints2\{7e375676-caca-11e3-827f-50e5495e6237}\Shell\AutoRun\command - "" = "K:\LGAutoRun.exe"
O33 - MountPoints2\{fa88858d-82b9-11e3-824b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fa88858d-82b9-11e3-824b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2000 11 22 15:44:22 | 000,356,352 | R--- | M] (Innerloop Studios AS)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2015 04 08 17:45:22 | 000,000,000 | ---D | C] -- C:\Users\Piotr\AppData\Local\StormFall
[2015 04 08 17:45:05 | 000,713,112 | ---- | C] (Program                                                     ) -- C:\Users\Piotr\Desktop\OTL 3.2.69.0.exe
[2015 04 08 14:37:09 | 000,880,208 | ---- | C] (Google Inc.) -- C:\Users\Piotr\Desktop\ChromeSetup.exe
[2015 04 08 13:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Train Simulator 2015
[2015 04 08 01:27:37 | 000,309,248 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtscsidrv.sys
[2015 04 08 00:21:46 | 000,000,000 | ---D | C] -- C:\Users\Piotr\AppData\Roaming\Steam
[2015 04 08 00:15:05 | 000,028,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aspnet_counters.dll
[2015 04 08 00:15:00 | 000,029,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll
[2015 04 08 00:08:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2015 04 08 00:07:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2015 04 07 23:08:55 | 000,000,000 | ---D | C] -- C:\Users\Piotr\AppData\Roaming\LogMate
[2015 04 07 22:20:42 | 000,000,000 | ---D | C] -- C:\Users\Piotr\AppData\Local\SKIDROW
[2015 04 05 23:59:50 | 000,000,000 | ---D | C] -- C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software
[2015 04 04 23:06:35 | 000,000,000 | ---D | C] -- C:\Users\Piotr\AppData\Roaming\SpinTires
[2015 04 04 23:06:30 | 000,000,000 | ---D | C] -- C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
[2015 04 04 23:06:30 | 000,000,000 | ---D | C] -- C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
[2015 04 02 22:33:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015 04 02 22:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015 04 02 13:17:27 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015 04 02 13:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015 04 02 13:17:14 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015 04 02 13:17:14 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015 04 02 13:17:14 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015 04 02 13:17:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015 04 02 13:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015 04 02 13:14:50 | 021,540,440 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Piotr\Desktop\mbam-setup-2.1.4.1018.exe
[2015 03 31 20:09:30 | 000,000,000 | ---D | C] -- C:\Users\Piotr\Tracing
[2015 03 26 23:33:46 | 000,000,000 | ---D | C] -- C:\Users\Piotr\Desktop\minidump
[2015 03 25 16:25:15 | 000,000,000 | ---D | C] -- C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2015 03 25 16:24:19 | 000,000,000 | ---D | C] -- C:\Users\Piotr\Desktop\@bios
[2015 03 25 16:24:09 | 010,569,452 | ---- | C] (Igor Pavlov) -- C:\Users\Piotr\Desktop\vga_utility@bios.exe
[2015 03 24 18:55:26 | 000,000,000 | ---D | C] -- C:\Users\Piotr\AppData\Local\PDFCreator
[2015 03 24 18:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2015 03 24 18:54:48 | 000,115,592 | ---- | C] (pdfforge GmbH) -- C:\Windows\SysNative\pdfcmon.dll
[2015 03 24 17:00:13 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015 03 20 00:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2015 03 19 12:45:46 | 000,000,000 | ---D | C] -- C:\Users\Piotr\Desktop\zasilacz
[2015 03 18 00:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Editor
[2015 03 18 00:54:50 | 036,276,224 | ---- | C] (Blue Labs, LLC                                              ) -- C:\Users\Piotr\Desktop\freeeditor_setup.exe
[2015 03 17 14:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
[2015 03 17 14:57:55 | 000,110,176 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\klfphc.dll
[2015 03 17 14:57:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2015 03 17 14:57:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2015 03 17 14:57:21 | 000,247,480 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klhk.sys
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2015 04 08 17:45:06 | 000,713,112 | ---- | M] (Program                                                     ) -- C:\Users\Piotr\Desktop\OTL 3.2.69.0.exe
[2015 04 08 17:33:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015 04 08 17:09:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015 04 08 14:37:31 | 000,002,281 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015 04 08 14:37:10 | 000,880,208 | ---- | M] (Google Inc.) -- C:\Users\Piotr\Desktop\ChromeSetup.exe
[2015 04 08 14:34:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015 04 08 14:33:18 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015 04 08 14:32:03 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015 04 08 14:32:00 | 2561,228,799 | -HS- | M] () -- C:\hiberfil.sys
[2015 04 08 14:23:26 | 018,106,829 | ---- | M] () -- C:\Users\Piotr\Desktop\codex-train.simulator.2015.upd.49.4a.7z
[2015 04 08 13:38:34 | 002,217,984 | ---- | M] () -- C:\Users\Piotr\Desktop\adwcleaner_4.201_www.INSTALKI.pl.exe
[2015 04 08 13:14:49 | 000,000,627 | ---- | M] () -- C:\Users\Piotr\Desktop\Train Simulator 2015.lnk
[2015 04 08 03:05:41 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015 04 08 02:00:17 | 000,000,581 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015 04 08 01:27:37 | 000,309,248 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtscsidrv.sys
[2015 04 08 01:05:36 | 001,833,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015 04 08 01:05:36 | 000,808,602 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2015 04 08 01:05:36 | 000,724,962 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015 04 08 01:05:36 | 000,164,482 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2015 04 08 01:05:36 | 000,136,604 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015 04 06 19:02:40 | 000,000,600 | ---- | M] () -- C:\Users\Piotr\AppData\Local\PUTTY.RND
[2015 04 05 14:04:07 | 000,000,132 | ---- | M] () -- C:\Users\Piotr\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2015 04 05 13:57:33 | 000,014,830 | ---- | M] () -- C:\Users\Piotr\Desktop\cenzura.jpg
[2015 04 02 13:17:16 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015 04 02 13:15:40 | 021,540,440 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Piotr\Desktop\mbam-setup-2.1.4.1018.exe
[2015 04 02 11:41:49 | 002,208,768 | ---- | M] () -- C:\Users\Piotr\Desktop\adwcleaner_4.200_www.INSTALKI.pl.exe
[2015 03 29 20:08:02 | 003,203,574 | ---- | M] () -- C:\Users\Piotr\Desktop\SWScan00037.bmp
[2015 03 28 18:57:26 | 001,419,321 | ---- | M] () -- C:\Users\Piotr\Desktop\Tagan.jpg
[2015 03 28 18:54:18 | 001,228,789 | ---- | M] () -- C:\Users\Piotr\Desktop\Tagan1.jpg
[2015 03 26 20:23:50 | 000,300,383 | ---- | M] () -- C:\Users\Piotr\Desktop\memtest.jpg
[2015 03 25 21:58:32 | 000,030,208 | ---- | M] () -- C:\Users\Piotr\Desktop\Odwołanie.dot
[2015 03 25 16:24:09 | 010,569,452 | ---- | M] (Igor Pavlov) -- C:\Users\Piotr\Desktop\vga_utility@bios.exe
[2015 03 25 16:10:44 | 000,262,144 | ---- | M] () -- C:\Users\Piotr\Desktop\032515-19702-01.dmp
[2015 03 24 18:58:18 | 000,020,688 | ---- | M] () -- C:\Users\Piotr\Desktop\podanie.pdf
[2015 03 24 18:54:58 | 000,115,592 | ---- | M] (pdfforge GmbH) -- C:\Windows\SysNative\pdfcmon.dll
[2015 03 24 18:54:50 | 000,000,572 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2015 03 24 16:55:49 | 002,168,320 | ---- | M] () -- C:\Users\Piotr\Desktop\AdwCleaner_www.INSTALKI.pl.exe
[2015 03 24 11:19:04 | 000,262,144 | ---- | M] () -- C:\Users\Piotr\Desktop\032415-17004-01.dmp
[2015 03 20 02:17:12 | 000,003,176 | ---- | M] () -- C:\Windows\SysNative\persistent_q.db-wal
[2015 03 20 02:17:03 | 000,032,768 | ---- | M] () -- C:\Windows\SysNative\persistent_q.db-shm
[2015 03 20 02:17:02 | 000,001,024 | ---- | M] () -- C:\Windows\SysNative\persistent_q.db
[2015 03 20 00:47:08 | 000,079,249 | ---- | M] () -- C:\Users\Piotr\Desktop\SMART.png
[2015 03 20 00:43:28 | 000,000,689 | ---- | M] () -- C:\Users\Piotr\Desktop\CrystalDiskInfo.lnk
[2015 03 19 12:04:46 | 000,689,970 | ---- | M] () -- C:\Users\Piotr\Desktop\Datasheet.hk_13n50c_89659.pdf
[2015 03 18 00:57:08 | 000,000,577 | ---- | M] () -- C:\Users\Public\Desktop\Free Editor.lnk
[2015 03 18 00:54:58 | 036,276,224 | ---- | M] (Blue Labs, LLC                                              ) -- C:\Users\Piotr\Desktop\freeeditor_setup.exe
[2015 03 17 15:14:33 | 000,800,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2015 03 17 06:15:40 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015 03 17 06:15:28 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015 03 17 06:15:24 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2015 04 08 14:23:21 | 018,106,829 | ---- | C] () -- C:\Users\Piotr\Desktop\codex-train.simulator.2015.upd.49.4a.7z
[2015 04 08 13:38:33 | 002,217,984 | ---- | C] () -- C:\Users\Piotr\Desktop\adwcleaner_4.201_www.INSTALKI.pl.exe
[2015 04 08 13:14:49 | 000,000,627 | ---- | C] () -- C:\Users\Piotr\Desktop\Train Simulator 2015.lnk
[2015 04 05 13:32:29 | 000,014,830 | ---- | C] () -- C:\Users\Piotr\Desktop\cenzura.jpg
[2015 04 05 12:54:26 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015 04 02 22:28:27 | 000,002,281 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015 04 02 22:28:11 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015 04 02 22:28:11 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015 04 02 13:17:16 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015 04 02 11:41:48 | 002,208,768 | ---- | C] () -- C:\Users\Piotr\Desktop\adwcleaner_4.200_www.INSTALKI.pl.exe
[2015 03 29 20:07:51 | 003,203,574 | ---- | C] () -- C:\Users\Piotr\Desktop\SWScan00037.bmp
[2015 03 28 18:56:20 | 001,228,789 | ---- | C] () -- C:\Users\Piotr\Desktop\Tagan1.jpg
[2015 03 28 18:56:19 | 001,419,321 | ---- | C] () -- C:\Users\Piotr\Desktop\Tagan.jpg
[2015 03 26 23:31:46 | 000,262,144 | ---- | C] () -- C:\Users\Piotr\Desktop\032515-19702-01.dmp
[2015 03 26 23:31:46 | 000,262,144 | ---- | C] () -- C:\Users\Piotr\Desktop\032415-17004-01.dmp
[2015 03 26 20:23:49 | 000,300,383 | ---- | C] () -- C:\Users\Piotr\Desktop\memtest.jpg
[2015 03 25 21:58:31 | 000,030,208 | ---- | C] () -- C:\Users\Piotr\Desktop\Odwołanie.dot
[2015 03 24 18:56:46 | 000,020,688 | ---- | C] () -- C:\Users\Piotr\Desktop\podanie.pdf
[2015 03 24 18:54:50 | 000,000,572 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2015 03 24 16:55:48 | 002,168,320 | ---- | C] () -- C:\Users\Piotr\Desktop\AdwCleaner_www.INSTALKI.pl.exe
[2015 03 20 02:17:03 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\persistent_q.db-shm
[2015 03 20 02:17:03 | 000,003,176 | ---- | C] () -- C:\Windows\SysNative\persistent_q.db-wal
[2015 03 20 02:17:02 | 000,001,024 | ---- | C] () -- C:\Windows\SysNative\persistent_q.db
[2015 03 20 00:47:08 | 000,079,249 | ---- | C] () -- C:\Users\Piotr\Desktop\SMART.png
[2015 03 20 00:43:28 | 000,000,689 | ---- | C] () -- C:\Users\Piotr\Desktop\CrystalDiskInfo.lnk
[2015 03 19 12:04:44 | 000,689,970 | ---- | C] () -- C:\Users\Piotr\Desktop\Datasheet.hk_13n50c_89659.pdf
[2015 03 18 00:57:08 | 000,000,577 | ---- | C] () -- C:\Users\Public\Desktop\Free Editor.lnk
[2015 03 17 20:23:44 | 000,709,333 | ---- | C] () -- C:\Users\Piotr\Desktop\zasilacza_sch_ok.sch
[2015 01 10 13:23:11 | 000,000,600 | ---- | C] () -- C:\Users\Piotr\AppData\Local\PUTTY.RND
[2014 11 21 04:25:30 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\amdhdl32.dll
[2014 11 20 22:35:00 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014 08 31 09:23:59 | 000,000,075 | ---- | C] () -- C:\Users\Piotr\.atl.properties
[2014 07 28 23:23:01 | 000,000,132 | ---- | C] () -- C:\Users\Piotr\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP
[2014 07 18 10:52:21 | 001,850,162 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014 07 17 22:02:06 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
[2014 06 26 11:00:05 | 000,218,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2014 06 10 22:38:50 | 000,000,218 | ---- | C] () -- C:\Users\Piotr\.recently-used.xbel
[2014 05 26 06:42:24 | 000,000,008 | RHS- | C] () -- C:\Users\Piotr\ntuser.pol
[2014 04 27 17:01:15 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2014 04 27 17:01:15 | 000,002,411 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2014 04 21 13:16:01 | 000,000,132 | ---- | C] () -- C:\Users\Piotr\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
[2014 03 20 12:56:28 | 000,005,120 | ---- | C] () -- C:\Users\Piotr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014 03 16 11:47:33 | 000,000,347 | ---- | C] () -- C:\Windows\wininit.ini
[2014 03 13 12:12:44 | 000,007,636 | ---- | C] () -- C:\Users\Piotr\AppData\Local\Resmon.ResmonCfg
[2014 02 01 11:07:33 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2014 01 29 15:52:44 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014 01 21 19:31:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013 12 06 23:38:38 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013 12 06 23:38:38 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013 12 06 22:39:24 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013 12 06 22:39:24 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013 08 22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013 08 22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013 08 22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013 08 22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013 08 22 05:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013 08 22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013 08 22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2014 05 07 23:59:29 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013 11 23 13:49:06 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013 11 23 10:19:35 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013 08 22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013 08 22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013 08 22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2014 03 22 22:21:52 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\.minecraft
[2014 08 27 22:08:54 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\.purple
[2014 08 31 09:33:46 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\.technic
[2014 06 08 15:04:13 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\.wtw
[2014 02 08 18:07:00 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\AC3Filter
[2014 03 02 00:36:41 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Acronis
[2014 12 22 01:36:13 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\AMD
[2015 02 18 01:56:05 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Artisteer
[2015 03 03 00:07:47 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Audacity
[2015 02 01 05:42:10 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\AutoUpdate
[2014 09 07 00:02:04 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Avant Downloader
[2015 01 21 00:52:37 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\AVG
[2014 05 16 13:23:51 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\CadSoft
[2014 04 18 18:06:37 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Canneverbe Limited
[2014 04 21 15:25:26 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014 06 24 23:36:20 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\DAEMON Tools Lite
[2014 04 05 13:09:53 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\ECDFAB72-E3F0-4613-AAFF-AD530E7C4D11
[2014 06 08 14:07:48 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Gadu-Gadu 10
[2015 04 04 13:14:14 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\GG
[2014 10 03 13:26:20 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\HD Tune Pro
[2014 05 20 12:10:28 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Hotspot Shield
[2015 03 16 22:52:19 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Kamerzysta
[2014 11 29 19:21:26 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\library_dir
[2015 04 07 23:08:58 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\LogMate
[2014 03 30 15:12:04 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\ManyCam
[2015 03 16 22:52:19 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\MPC-HC
[2014 06 08 20:11:14 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\OpenFM
[2014 01 22 05:53:01 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Opera Software
[2014 12 16 02:29:09 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Origin
[2014 05 25 18:50:07 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Patcher
[2014 04 29 22:44:37 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Podatnik.info
[2014 06 08 14:03:21 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Qrix
[2015 04 05 00:23:21 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\SpinTires
[2014 04 21 17:31:33 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015 04 08 00:21:46 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Steam
[2014 03 20 12:55:16 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\TechSmith
[2014 07 06 18:10:45 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\TrueCrypt
[2014 01 21 20:48:41 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\TuneUp Software
[2014 08 28 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Ulead Systems
[2015 04 08 14:34:57 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\uTorrent
[2014 06 01 19:24:56 | 000,000,000 | ---D | M] -- C:\Users\Piotr\AppData\Roaming\Wargaming.net
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2014 06 11 18:51:19 | 005,259,264 | ---- | M] ()(C:\Windows\SysWow64\????????????????????????????????) -- C:\Windows\SysWow64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤
[2014 05 12 14:44:23 | 005,259,264 | ---- | C] ()(C:\Windows\SysWow64\????????????????????????????????) -- C:\Windows\SysWow64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 220 bytes -> C:\Users\Piotr\SkyDrive:ms-properties

< End of report >


Kod: Zaznacz cały

OTL Extras logfile created on: 08 04 15 17:46:23 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Piotr\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd MM yy
 
7,98 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 74,09% Memory free
11,98 Gb Paging File | 9,11 Gb Available in Paging File | 76,03% Paging File free
Paging file location(s): c:\pagefile.sys 4096 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 80,00 Gb Total Space | 6,30 Gb Free Space | 7,88% Space Free | Partition Type: NTFS
Drive D: | 70,00 Gb Total Space | 8,03 Gb Free Space | 11,47% Space Free | Partition Type: NTFS
Drive F: | 490,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: PC | User Name: Piotr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\ff\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [Bridge] -- D:\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [ChomikBox.Upload] -- "D:\Chomikbox\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [Bridge] -- D:\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [ChomikBox.Upload] -- "D:\Chomikbox\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AB51D1F-7EEB-4F4A-B7B7-1069DC635424}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0B9748BE-8329-4906-B3E3-A41F5E25E248}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1CA674CA-52F1-40EC-AC4E-5195E3D5337A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1E6037FD-9B01-4F60-A6E5-35D0DFA1D4C0}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{291C5D19-3EDA-4E69-9D46-6472BD663935}" = lport=445 | protocol=6 | dir=in | app=system |
"{3460D860-89E9-4DF4-BF02-D5F1037E5CA3}" = lport=139 | protocol=6 | dir=in | app=system |
"{37FEAB44-B34C-4C3E-8DE3-4241CBB8BD5A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5718FBF9-79AA-49EB-9B3D-7890828E1737}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5AAC567C-7A56-4B99-BF87-2D1F55E69145}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{61206D1A-87FC-4767-8C87-354FBB9275F3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{92141A0A-9315-49F8-BD5A-C02377BCC0CE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{922A65DB-D366-4BE2-A4BB-A712953F07B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AAFE12FC-840D-4597-9B42-BE2B2CBB6012}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BC9EB814-90E2-4454-B139-D0D5D8003704}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C640D4CA-ED89-4B0C-B1A3-0CD550BEC1C8}" = rport=138 | protocol=17 | dir=out | app=system |
"{C9934C04-F242-4D7D-B1F0-98227A3EBFA3}" = rport=137 | protocol=17 | dir=out | app=system |
"{D0AD3C2C-2A0F-4F10-B108-AE1A539EF8F9}" = rport=445 | protocol=6 | dir=out | app=system |
"{D67CE874-277B-4C45-8F56-903B58C46A8A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{D9E9981E-0D5E-48C2-B859-E375BB2425EE}" = rport=139 | protocol=6 | dir=out | app=system |
"{EB5B2B0B-A2E4-4D92-B7DA-5F52B7B81F07}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EC4548A0-741D-4722-A69F-23C18E6757CF}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{F0B999F7-9FAE-41D6-A4B2-94ADFCA115A8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F699769F-5850-4DDA-A18A-48F08D3765DC}" = lport=138 | protocol=17 | dir=in | app=system |
"{FE698A1E-0D64-42FD-AE77-7B9088274AD9}" = lport=137 | protocol=17 | dir=in | app=system |
"{FFA8D619-B887-428A-A089-DFF01FD31281}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0031AB40-AE21-4DB6-A72E-40162E868F33}" = protocol=6 | dir=in | app=d:\xampp\apache\bin\httpd.exe |
"{016B0CE3-C61D-4E36-AD8E-1002264CB8EB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{01C2D956-2954-4649-B101-F0996B6C95BE}" = protocol=17 | dir=in | app=d:\games\need for speed rivals\nfs14_x86.exe |
"{01CC1525-92C1-4F7E-9238-7D3497ADE98A}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{0243B8DB-76B4-4736-9069-87C5D69E48E6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{0BE9C4C6-6A40-4BF0-8D72-2239BC448F2A}" = protocol=17 | dir=in | app=c:\users\piotr\appdata\roaming\utorrent\utorrent.exe |
"{0E9104C9-D10E-4C66-B063-A79E97E0C152}" = protocol=17 | dir=in | app=h:\download\kmspico portable\autopico.exe |
"{0F3EA289-3D5F-49CA-8945-4B692965F78D}" = protocol=17 | dir=in | app=d:\java\bin\java.exe |
"{0FE110BA-91BA-4AB2-BF21-5277C678F612}" = dir=out | name=@{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{15A23F32-4EF8-4F8F-9EA8-A84AE4D79383}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{1AB6885C-D01C-409C-9F8A-0D84D7126E73}" = dir=in | app=d:\vmware\vmware-hostd.exe |
"{1B22E7F7-036C-47E7-8036-B889DC7B88C4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1CEBB0DE-D7B3-4D78-8022-7874FD0F3CF7}" = protocol=6 | dir=in | app=d:\xampp\mysql\bin\mysqld.exe |
"{207DCB4F-A7DE-44B9-A3C1-27BE9974FA9E}" = protocol=6 | dir=in | app=c:\users\piotr\appdata\roaming\utorrent\utorrent.exe |
"{239ED35A-46A5-463B-B452-E8E60DCD1171}" = protocol=17 | dir=in | app=d:\java\bin\javaw.exe |
"{26008CA6-C7E6-4C1A-961D-301E66CF830F}" = dir=in | app=d:\vmware\vmware-authd.exe |
"{2BB80EE3-779D-40F9-8CAB-F4CF0166A276}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\acronis\syncagent\syncagentsrv.exe |
"{2F6AF81E-E27F-4529-8E94-7025C0FE1414}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{2FB91619-3780-40E7-A855-C6923C671DDF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{39243B19-8A4D-4B6B-B4C0-213FA3390A56}" = protocol=17 | dir=in | app=d:\ff\firefox.exe |
"{3F6469A8-460F-445C-9923-2B6F933CD8C8}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{418AA1D1-31E2-4FD3-81D1-EC1960A0744A}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{41AC3376-6C8C-4C31-A36F-D485F7EF1B4E}" = dir=out | name=@{microsoft.zunevideo_2.6.434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{43234778-4153-4EA9-AD74-BFA24F5D2198}" = protocol=6 | dir=in | app=d:\java\bin\javaw.exe |
"{486B76A1-D690-461C-BBBB-D34720957467}" = dir=out | name=@{microsoft.bingfinance_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{48C12B1B-8E81-4AAD-A66B-EBB9D1330559}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{492CE177-C338-42FB-BB9D-1E59C8F373ED}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{4A3A7D16-7986-4FF3-8AC5-90128038FEC4}" = dir=out | name=@{microsoft.zunevideo_2.2.886.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{4A748A71-9F04-4DF3-992A-72F532ABDEDD}" = protocol=6 | dir=in | app=h:\download\kmspico portable\autopico.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{56B2615F-60E7-430A-85ED-7DEF1E156B2A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5ACBF621-CD38-472E-B015-9A0E9E8B1085}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{5C077456-D406-4026-96A5-C3AEA2FA18C2}" = dir=out | name=@{microsoft.bingtravel_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{5F0F17CD-243B-43C6-A4EC-61EAF0561243}" = dir=out | name=windows_ie_ac_001 |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{601D41C6-FDFE-493E-BB0D-E14C024F66DF}" = protocol=17 | dir=in | app=c:\users\piotr\appdata\roaming\utorrent\utorrent.exe |
"{622B66F3-0F57-4AAA-86EA-EA39DC432795}" = dir=out | name=windows_ie_ac_001 |
"{64B2783E-15F3-4936-B16F-8896F60AFF5E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{65EAF102-52F3-4148-A254-F7333D2764A8}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6A60A44C-6F30-46F2-BD93-1B3888790CD8}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{6C09AFC1-EF71-47AE-BB2F-53C01487D369}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{756C3F4B-9696-4666-9B70-51B861D7520B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{77B0D722-5122-4918-B42A-80912FD14646}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7B34A7BA-2BE3-4E15-B987-DEE049D1194A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{7C494A77-51A9-40F9-9EC2-4C672EEF059B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D1B421B-2240-4B0F-990B-53D0AE16D5AF}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{802E8939-D16B-4C8F-8597-B1517D778516}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{81256728-AB1B-4D3A-8754-EBCF79BBE777}" = dir=out | name=skype |
"{82EC3CC2-4C60-4B8D-9AD3-493F494C6FFE}" = protocol=6 | dir=in | app=d:\games\need for speed rivals\nfs14.exe |
"{83A1BB72-0936-411B-9A3E-4816D1C5DB09}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{86946EC6-3D33-4C69-9725-42D6219AB279}" = dir=in | app=d:\vmware\vmware-hostd.exe |
"{8E1EB91D-A500-4682-99EF-D418E6AA9D90}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\acronis\syncagent\syncagentsrv.exe |
"{94AB4825-B451-4D66-95FC-2119481737E8}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{986BDBF7-F973-4FEF-BE5A-6A91C8F7AD71}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9ADA8627-8639-4B09-9FAF-DAD2AE5CA078}" = protocol=17 | dir=in | app=d:\games\need for speed rivals\nfs14.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A0244C84-27BD-452D-8951-43E8076EFF48}" = protocol=6 | dir=in | app=d:\ff\firefox.exe |
"{A5308DB4-6535-4720-89A8-AEDBF81DCFD7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A7F7B703-3737-4A3D-B156-DD9C79452162}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AF3D0795-8807-440C-B1DD-75BBD6D153E2}" = dir=in | app=d:\vmware\vmware-authd.exe |
"{B13C9826-D222-4788-ABAE-02ABBBBA70A3}" = dir=out | name=@{microsoft.bingfinance_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{B1FE3946-B609-441F-B283-DF40D5BE6B5F}" = protocol=6 | dir=in | app=c:\users\piotr\appdata\roaming\utorrent\utorrent.exe |
"{B3F09638-0950-4223-B06B-669272DAAA52}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{B9B59400-AC6B-49BC-BBAC-B5569FF1362D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{BBD31A33-FD33-419E-A345-35A2458565E7}" = protocol=17 | dir=in | app=d:\xampp\mysql\bin\mysqld.exe |
"{BD8D30D7-1D8D-4A24-9F5F-B170CECE06E1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C45A363F-6E45-4666-BDE3-99CB5DF52CE6}" = protocol=6 | dir=in | app=d:\java\bin\java.exe |
"{C50575D0-93CE-4D12-9963-9A9973B389B5}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C77EECB8-ECAB-4797-903D-882EB24298B1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{C8827297-8AFA-4E89-9094-4BF7EC1F0CD7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C89281EB-F989-4E8A-89BC-FCF99765419D}" = dir=in | name=skype |
"{C9E672B9-1B9C-4E28-85DB-A76F9DD070D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CA755804-3011-4BDE-9ACA-651C1F745A7E}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{CDD570D7-87C6-4F97-B552-70BC8D8B37DF}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D0A2FCE8-7036-49E2-8D29-F77D60C4C774}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D81A8009-BEE1-4DB3-80DB-ED86E76C1E0C}" = protocol=6 | dir=in | app=d:\watch_dogs\bin\watch_dogs.exe |
"{D989FA6D-475F-480E-B417-55AB85AEEA9D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DCDB292B-CB1F-4157-A924-1243C53AEFA7}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{DF186835-F7AB-4C03-A0F8-8071917ED427}" = dir=out | name=@{microsoft.bingsports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{E27FE49C-8EC2-46E1-8F25-C3E43F6EFEC3}" = protocol=17 | dir=in | app=d:\xampp\apache\bin\httpd.exe |
"{E2D4C7DE-2B8A-46F6-9459-F9C3859CB69C}" = protocol=17 | dir=in | app=d:\watch_dogs\bin\watch_dogs.exe |
"{E7CD8027-37BC-4DA5-9A5B-5C72BCE78EC9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{EAD0FAAF-BEE6-4F98-BEA8-C1D9B51608AA}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{EBA7B78D-4AA8-4637-B1E9-A7B4AE6F47D7}" = dir=out | name=skype |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EDF1F9E9-D6BC-49EE-A9D1-F3DF31655A35}" = dir=out | name=@{microsoft.bingweather_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{EF807E2C-7D98-4D74-9187-D3279D4A6F68}" = dir=in | name=skype |
"{F0D098EE-61CB-4DB9-9506-13B6AD462EB1}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F455C847-B154-45C6-9DFD-4DDA10BD301C}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F65FED21-B547-4BF5-A1AE-625816B6DD61}" = dir=out | name=@{microsoft.zunemusic_2.2.886.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8C302F4-2E6A-463D-9D8B-F6CC8D1182A7}" = protocol=6 | dir=in | app=d:\games\need for speed rivals\nfs14_x86.exe |
"TCP Query User{5539DA23-B7E9-4EE7-AF8E-38400A9DA7AE}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{558D65CF-BDDF-4AD5-91C1-CE7B0270D3B6}D:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=d:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{69C94B57-3052-423A-B0A0-2CA5420EF733}D:\java\bin\javaw.exe" = protocol=6 | dir=in | app=d:\java\bin\javaw.exe |
"TCP Query User{8E37C677-8389-48C2-9CB7-6AF61B17E8FC}C:\users\piotr\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\piotr\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{DAC28522-45EA-4C71-8FB3-784D4EE6816B}D:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=d:\xampp\apache\bin\httpd.exe |
"TCP Query User{E6A66B0D-64B0-4460-A62F-E7D8BFA287C2}D:\java\bin\java.exe" = protocol=6 | dir=in | app=d:\java\bin\java.exe |
"UDP Query User{0B2FF07A-76A2-4F28-8C09-79A9B0BAEED4}D:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=d:\xampp\apache\bin\httpd.exe |
"UDP Query User{366F65AE-402B-4BAF-9D79-56C72642CD9E}C:\users\piotr\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\piotr\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{66CF2D28-1F46-4C17-8D05-7C48F737A47A}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{6F1F09DB-CD02-4EBF-8428-129B589B9D75}D:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=d:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{B4C397C1-AD04-43A8-A3A0-15CD7C5F6D61}D:\java\bin\javaw.exe" = protocol=17 | dir=in | app=d:\java\bin\javaw.exe |
"UDP Query User{BF88F265-4822-4FC3-8D65-487C8C88097D}D:\java\bin\java.exe" = protocol=17 | dir=in | app=d:\java\bin\java.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{1BF14E04-85DE-480C-9A04-EB36744C66B4}_is1" = Free Editor
"{1D1CB210-D05E-5BF4-F998-2B1903EE4323}" = AMD Accelerated Video Transcoding
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86418005FF}" = Java 8 Update 5 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}" = Corel Graphics - Windows Shell Extension 64 Bit
"{5AF3560C-09BA-426F-BFA0-FEF0A94A9D8B}" = Microsoft Corporation
"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C0ECE123-831D-B68D-7ACE-213E3EC49818}" = ccc-utility64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F2A7CE36-57BF-5C86-952D-90DBF3746D82}" = AMD Catalyst Install Manager
"{F6BC646E-10B5-701A-4646-B3C605F52013}" = AMD Fuel
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.26
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"TAP-Windows" = TAP-Windows 9.9.2
"WinRAR archiver" = WinRAR 5.01 (64-bitowy)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{089F13E8-FE1E-9E10-8394-59EB3144C5EA}" = Catalyst Control Center Graphics Previews Common
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{14C8CE46-C68C-461B-BCA9-E276A85851C6}" = TuneUp Utilities 2014 (en-US)
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16D24066-E53C-9C3E-21BB-8E16BF0BF1B2}" = CCC Help Dutch
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D FurMark 1.15.0.0
"{24784631-F22D-9570-2C7D-C893CFA0815E}" = CCC Help Swedish
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.2
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2af972c7-13b0-4978-92a8-fee26a4fb4e9}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{2B656071-B4F5-5EED-1CEA-8357D5D89756}" = CCC Help Thai
"{2BC1C344-3547-FF44-6332-AA22E2D4458F}" = Catalyst Control Center InstallProxy
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{316F6900-121C-EAE3-06B5-6D033DAD6B46}" = CCC Help Hungarian
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3D312F2B-705E-4367-0E43-637742582226}" = CCC Help Chinese Traditional
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40AF58D5-D86D-8D3C-5D39-882C8ABB6249}" = CCC Help Japanese
"{47B9191A-C6F9-463F-7651-8C915A56CCA7}" = CCC Help Norwegian
"{491B10A8-E797-6E1A-E8F0-CC5ED4A697BF}" = CCC Help Czech
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F34C608-AC66-DBD9-02B3-07F2A3714AB0}" = CCC Help Danish
"{523885CC-D186-A675-CE46-C02D13CD285A}" = CCC Help German
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5993537E-0B1C-2656-DE59-3B52AACCA4C8}" = CCC Help French
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6B38A7DF-F641-45D5-BBCA-3E676ABCF5C8}" = Acronis True Image 2014
"{6B38A7DF-F641-45D5-BBCA-3E676ABCF5C8}Visible" = Acronis True Image 2014
"{6BC24106-5BED-9E52-E484-1CD9CB444DD0}" = CCC Help English
"{6C36881B-0E51-4231-9D02-BF2149664D34}" = Google Drive
"{72144B9D-58C4-4C09-A5CF-C6A914B912E8}" = Camtasia Studio 8
"{7410FDD9-8CFF-04DB-E8DC-66BA97935C0C}" = CCC Help Polish
"{78BE8723-7889-33EB-46C5-E068E4A9A754}" = CCC Help Russian
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{808518BB-4A22-55EA-BB13-F7DC537A97FE}" = AMD Catalyst Control Center
"{8544FE4A-075B-49BD-9BC2-DC3D58552767}" = AVG PC TuneUp 2015 (pl-PL)
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}" = Kaspersky Internet Security
"{91D5083E-3041-429A-B379-002F08EE42DE}" = System Requirements Lab Detection
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{938C2383-A692-4D2C-AE45-024F91EF7B1D}" = CorelDRAW Graphics Suite X5 - PL
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DC1BBD7-B625-7B3F-DC5B-519A17E5A509}" = CCC Help Greek
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A1CF7B76-682D-4547-AA96-11B659A2CEAC}" = Microsoft Corporation
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A996C182-3724-4DF1-A4BC-66154FE57DFE}" = AVG PC TuneUp 2015
"{AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}" = GIGABYTE VGA @BIOS
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Polish
"{AC76BA86-7AD7-2530-0000-A00000000004}" = Extended Asian Language font pack for Adobe Reader XI
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BE862892-0337-B30D-A2A3-9296BA9E2B4D}" = Catalyst Control Center Localization All
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Zwierzaki
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{C7B52FAF-58D8-438C-B810-F78C3C927504}" = ChomikBox
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D0E4CC40-2731-4737-F184-E422D113EE1D}" = CCC Help Italian
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E0A32336-AA27-4053-99B2-C3380B7B95AC}" = Need for Speed™ Rivals
"{E1E6EEEA-F7CF-1AD4-F404-7EFA1E5E8365}" = CCC Help Portuguese
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E70BF0B0-1AD5-E7B7-6448-B66F20E76701}" = CCC Help Korean
"{EBE23E56-BA76-02E9-1C6A-8D9043C7E887}" = CCC Help Finnish
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{EE6909C4-C751-7C0D-B295-90CD93E68817}" = CCC Help Turkish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F3CB7B-2F62-F6EF-07EA-81143A463B31}" = CCC Help Chinese Standard
"{F825EA58-D723-06A1-4F5F-620934DA66AB}" = CCC Help Spanish
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"AIDA64 Extreme_is1" = AIDA64 Extreme v5.00
"ALLPlayer_is1" = ALLPlayer V5.X
"AQQ" = AQQ
"Audacity_is1" = Audacity 2.0.6
"AVG PC TuneUp" = AVG PC TuneUp 2015
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.3.0
"EAGLE 6.5.0" = EAGLE 6.5.0
"EAGLE 7.1.0" = EAGLE 7.1.0
"FeedDemon_is1" = FeedDemon
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}" = Kaspersky Internet Security
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.7.0 (Standard)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.1.4.1018
"ManyCam" = ManyCam 4.0.109
"Mozilla Firefox 37.0.1 (x86 en-US)" = Mozilla Firefox 37.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Odkurzacz 13.5_is1" = Odkurzacz
"Origin" = Origin
"Remove Logo Now!_is1" = Remove Logo Now! 1.5
"SeeWeblists" = Zzoomit
"Spintires v1.0 (2014)1.0" = Spintires v1.0 (2014)
"The Sims 4_is1" = The Sims 4
"Train Simulator 2015_is1" = Train Simulator 2015
"TrueCrypt" = TrueCrypt
"Uplay" = Uplay
"Uplay Install 274" = WATCH_DOGS
"V0FUQ0hfRE9HUw==_is1" = WATCH_DOGS Update v1.03.483
"VGhlU2ltczQ=_is1" = The Sims 4 Update v1.3.32.1010
"VMware_Workstation" = VMware Workstation
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"xampp" = XAMPP
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
"OpenFM" = OpenFM
"Opera 28.0.1750.51" = Opera Stable 28.0.1750.51
"uTorrent" = µTorrent
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 08 04 15 09:29:09 | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
 Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll".  Nie można odnaleźć
 zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error - 08 04 15 09:29:09 | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
 Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll".  Nie można odnaleźć
 zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error - 08 04 15 09:32:46 | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
 Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll".  Nie można odnaleźć
 zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error - 08 04 15 09:32:46 | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
 Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll".  Nie można odnaleźć
 zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error - 08 04 15 09:32:46 | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
 Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll".  Nie można odnaleźć
 zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error - 08 04 15 09:32:46 | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
 Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll".  Nie można odnaleźć
 zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error - 08 04 15 11:07:27 | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
 Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll".  Nie można odnaleźć
 zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error - 08 04 15 11:07:27 | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
 Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll".  Nie można odnaleźć
 zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error - 08 04 15 11:07:27 | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
 Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll".  Nie można odnaleźć
 zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error - 08 04 15 11:07:27 | Computer Name = PC | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Common
 Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll".  Nie można odnaleźć
 zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj
 narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
[ System Events ]
Error - 08 04 15 07:59:04 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi AODDriver4.2.0 z powodu następującego błędu:
   %%3
 
Error - 08 04 15 08:32:04 | Computer Name = PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 14:30:56 na ?2015-?04-?08 było
nieoczekiwane.
 
Error - 08 04 15 08:32:19 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi AODDriver4.2.0 z powodu następującego błędu:
   %%3
 
Error - 08 04 15 08:33:46 | Computer Name = PC | Source = DCOM | ID = 10016
Description =
 
Error - 08 04 15 08:33:47 | Computer Name = PC | Source = DCOM | ID = 10016
Description =
 
Error - 08 04 15 08:33:47 | Computer Name = PC | Source = DCOM | ID = 10016
Description =
 
Error - 08 04 15 08:33:47 | Computer Name = PC | Source = DCOM | ID = 10016
Description =
 
Error - 08 04 15 08:33:47 | Computer Name = PC | Source = DCOM | ID = 10016
Description =
 
Error - 08 04 15 08:33:47 | Computer Name = PC | Source = DCOM | ID = 10016
Description =
 
Error - 08 04 15 09:32:24 | Computer Name = PC | Source = volsnap | ID = 393230
Description = Kopie w tle woluminu C: zostały przerwane z powodu usterki We/Wy w
 woluminie C:.
 
 
< End of report >


Log z dezynfekcji MBAM:

Kod: Zaznacz cały

Malwarebytes Anti-Malware
www.malwarebytes.org

Data skanu: 08 04 15
Czas skanu: 01:56:21
Raport: kkk.txt
Administrator: Tak

Wersja: 2.01.4.1018
Baza danych malware: v2015.04.07.07
Baza danych rootkitów: v2015.03.31.01
Licencja: Darmowy
Ochrona przeciw malware: Wyłączony
Ochrona przeciw szkodliwymi stronami: Wyłączony
Samoobrona: Wyłączony

System operacyjny: Windows 8.1
Procesor: x64
System plików: NTFS
Użytkownik: Piotr

Typ skanu: Niestandardowe skanowanie
Wynik: Zakończono
obiekty zeskanowane: 510540
Minęło: 1 h, 2 min, 16 s

Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Włączony
Rootkity: Wyłączony
Heurystyka: Włączony
PUP: Włączony
PUM: Włączony

Procesy: 3
Trojan.Downloader, C:\Users\Piotr\AppData\Local\Temp\nso8C4D.tmp, 2888, , [962d99d099f1340257b86ebfa85b55ab]
PUP.Optional.Bundle, C:\Users\Piotr\AppData\Local\Temp\nso8C4E.tmp, 3048, , [933000690d7d6acc3de113d91fe6e31d]
PUP.Optional.Protect, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 6100, , [5f646207701a54e2b0e09855877ebf41]

Moduły: 0
(Nie wykryto zagrożeń)

Klucze rejestru: 12
PUP.Optional.Protect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, , [5f646207701a54e2b0e09855877ebf41],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\29777, , [6c575019a7e30e2894b715e9e71cd42c],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [a32027426723f442b9ec508f7a8908f8],
PUP.Optional.SavePass.A, HKLM\SOFTWARE\WOW6432NODE\SavePass 1.1, , [ecd7e1884149092d6bd18c5416edd62a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\29777, , [685b3b2e7d0db97dc18a946a62a16997],
PUP.Optional.VoPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, , [ebd8b8b1addd092d763cb599d72e1ee2],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [8c375217078338fe2b757b582bd8f907],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [9b28f9705d2d3afcfd10a0945baa6f91],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\29777, , [0cb7d2973753fb3b92ce22b8cc37926e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\OB, , [a122a7c2dbaf023480149135758e19e7],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\istartsurf uninstall, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.SavePass.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SavePass 1.1, , [a51e5e0b3c4e8bab474de4b913f06d93],

Wartości rejestru: 5
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}, , [fcc73a2fcdbd6dc970b0a5a9f41101ff]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}, , [11b2e1887c0ed1653be576d847be6898]
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE|UninstallString, "C:\Users\Piotr\AppData\Roaming\VOPackage\Uninstall.exe", , [fcc732374941cc6a24dd35b024df619f]
PUP.Optional.SearchEngine.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|searchengine@gmail.com, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\searchengine@gmail.com, , [c9faec7dabdf2115861a50fbfd0848b8]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}, , [0bb8e0893654ee48d649aba362a38080]

Dane rejestru: 16
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352, Dobry: (Chrome.exe), Zły: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352),,[d6ed71f83654e94d8703a848bb4a916f]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352, Dobry: (iexplore.exe), Zły: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352),,[dbe843269dede74f0a7e826efe078e72]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}, Dobry: (www.google.com), Zły: (http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}),,[289bbbae7d0dbd792cdcb639798c5aa6]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352, Dobry: (www.google.com), Zły: (http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352),,[398a4a1ff89290a60404bc3311f455ab]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352, Dobry: (www.google.com), Zły: (http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352),,[4e7587e2e3a79b9b080049a6fe07a45c]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}, Dobry: (www.google.com), Zły: (http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}),,[fdc6214894f6e65052b648a750b5eb15]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobry: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Zły: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[9a292b3ed4b6b97dad5038c23bcaea16]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352, Dobry: (Chrome.exe), Zły: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352),,[3c873d2c5733f244e2a8648c19ec3cc4]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352, Dobry: (iexplore.exe), Zły: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352),,[c7fca8c15f2b4de97e0a1fd135d0fc04]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}, Dobry: (www.google.com), Zły: (http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}),,[ab18d1987812df5714f40be4976e6997]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352, Dobry: (www.google.com), Zły: (http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352),,[cbf8333682082412b25624cbdc2902fe]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352, Dobry: (www.google.com), Zły: (http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352),,[6360e4857f0bcf67a365925d21e48d73]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}, Dobry: (www.google.com), Zły: (http://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}),,[08bb046590fa59dd6a9e945b12f3f50b]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobry: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Zły: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[7d46a0c9d2b89b9bac51cd2d44c125db]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352, Dobry: (www.google.com), Zły: (http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352),,[a41f09605a30f2440cfabe31bb4ab54b]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-3725892325-662792573-1056446912-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352, Dobry: (www.google.com), Zły: (http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352),,[ead910597713d660b056c62984813ac6]

Foldery: 32
PUP.Optional.MultiPlug.A, C:\Users\Piotr\AppData\Roaming\35453035-1428450302-4535-3632-3337FFFFFFFF, , [05bed990d5b560d6d320a0178a79a060],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\defaults, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\defaults\preferences, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\userCode, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\locale, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\locale\en-US, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [f8cbfd6c0c7e53e36ae98414ee15a957],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [f8cbfd6c0c7e53e36ae98414ee15a957],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\code, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1, , [a51e5e0b3c4e8bab474de4b913f06d93],
PUP.Optional.VOPackage.A, C:\Users\Piotr\AppData\Roaming\VOPackage, , [62619dcc31596fc7e1e9e8c672918080],
PUP.Optional.VOPackage.A, C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage, , [e3e070f90d7d7abcf7d4387606fd3fc1],
PUP.Optional.SearchEngine.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\searchengine@gmail.com, , [804364052466a88e3ee5f4bf21e2ef11],
PUP.Optional.SearchEngine.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\searchengine@gmail.com\chrome, , [804364052466a88e3ee5f4bf21e2ef11],
PUP.Optional.SearchEngine.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\searchengine@gmail.com\chrome\content, , [804364052466a88e3ee5f4bf21e2ef11],
PUP.Optional.SearchEngine.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\searchengine@gmail.com\chrome\skin, , [804364052466a88e3ee5f4bf21e2ef11],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\skin, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\tools, , [ae15aebbc8c256e027b46acbd4326a96],

Pliki: 196
Trojan.Downloader, C:\Users\Piotr\AppData\Local\Temp\nso8C4D.tmp, , [962d99d099f1340257b86ebfa85b55ab],
PUP.Optional.Bundle, C:\Users\Piotr\AppData\Local\Temp\nso8C4E.tmp, , [933000690d7d6acc3de113d91fe6e31d],
PUP.Optional.Protect, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [5f646207701a54e2b0e09855877ebf41],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\b23dd27a-a451-4a76-818e-d9fbfeb8a3bd-4.exe, , [31925514800a6ec89ea31a021fe3a25e],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\b23dd27a-a451-4a76-818e-d9fbfeb8a3bd-5.exe, , [388b78f15e2c2f07281913098a789f61],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\utils.exe, , [576c26432f5b320491b0d14bb74bbf41],
PUP.Optional.Bundle, C:\Users\Piotr\AppData\Local\Microsoft\Windows\INetCache\IE\0B47XS4A\count_vc[1].htm, , [6162adbca5e5db5bc35bc428e4212ad6],
PUP.Optional.CrossRider, C:\Users\Piotr\AppData\Local\Microsoft\Windows\INetCache\IE\0B47XS4A\setup[1].exe, , [7c4786e322682214f94627bc81800df3],
Trojan.Downloader, C:\Users\Piotr\AppData\Local\Microsoft\Windows\INetCache\IE\K4785KPC\count_vn[1].htm, , [a81be1885c2ecd69c54a1b12c142d32d],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Local\Microsoft\Windows\INetCache\IE\VNDTVQ43\obw_istartsurf[1].exe, , [c9faff6a2b5fee48cd32ba7a31d51de3],
PUP.Optional.OutBrowse, C:\Users\Piotr\AppData\Local\Temp\Vlc media player.exe, , [11b21356e3a77cbaa67df04f867c9d63],
PUP.Optional.Protect, C:\Users\Piotr\AppData\Local\Temp\xtmp2843921\tmp\wpm_v20.0.0.1953_0302.exe, , [16ad7aef8bfff541622e40ad1aeb6d93],
PUP.Optional.MultiPlug.A, C:\Users\Piotr\AppData\Roaming\35453035-1428450302-4535-3632-3337FFFFFFFF\vnsw903C.tmp, , [05bed990d5b560d6d320a0178a79a060],
PUP.Optional.MultiPlug.A, C:\Users\Piotr\AppData\Roaming\35453035-1428450302-4535-3632-3337FFFFFFFF\Uninstall.exe, , [05bed990d5b560d6d320a0178a79a060],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\crossrider_statusbar.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\button1.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\button2.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\button3.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\button4.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\button5.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\icon128.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\icon16.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\icon24.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\icon48.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\panelarrow-up.png, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\popup.html, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\skin.css, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\skin\update.css, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome.manifest, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\install.rdf, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\0f52693cdd21792c52e9894a94bcea04.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\380eaa212ff82d5b0fed05f9f7247962.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\72c6ff87533eff24c4ab33999943456d.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\931462ab473ada5199dbd924377fb32b.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\background.html, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\browser.xul, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\d5f4aa0985f8b0bcd5e11d6cf3af3f33.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\dialog.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\ebe8963358fef9be7633c70312d51436.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\ffCoreFilesIndex.txt, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\options.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\options.xul, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\search_dialog.xul, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\4add75084af2fa4230e20347e45f2012.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\0ce81fa7b0458d5e6fc40408cf13717f.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\16787b564cb043b1b06d708108c18cda.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\23b13b85d56354fd137c899e61d42c49.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\245944bf4841e9e449a5de2fe9e286d9.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\2c12e7298a473b319ba7d4dce25c47a5.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\2f0d6cc2725b3e4f06f6af5461dea73b.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\43bed2daafce7251adf2244ccfaf8580.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\43c9ad9d2dc7a4b8bd3ac8ca7a98d45c.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\531d124f6075eb5e571b2275ba2e456f.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\a0090e75fe4606232ab075bf98963e3b.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\a591a9d0258efc6e6b7d0b7fb2a27de4.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\b341e11ab308bf58a6a80bfd526b83e0.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\b3afc3e3527eed95cd1ca0593a064bbb.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\d19031af0c3dcc61ea2cba38160e5098.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\api\f7b7d86643c17dd3de96260dd805a2b5.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\0151a72480177bcd14c4b0bc40e3b96f.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\175003bec40164a681dbef4f3a962890.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\187fc57543c81ff78859229a12715dff.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\3f6fd2cffb52d82f41951ea9fe8b0031.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\421778cc97ab19a857b40a635f3806ea.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\4c72c0a878f8572b63fb4422ac24aa76.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\5363a4cdaf830b5cbcedc15f6f6fc5f3.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\57a719817beca65040af6e0c0da45a91.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\58a75f3fdac6c7cdfc329f93055d20d5.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\6fa6475c364490c7a61b63286a7a7be6.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\7f188f16546fd2fb2d661e21e1028342.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\9ace629fe80c2b3433a6d590407501df.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\a75ee7c5f1a81f42166ed8d537121ff7.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\b46d36b88680188633f623bad434ec2e.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\b659b9f07282d2301563ee82a1464bf9.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\c27272ee5ea30b31f0e3bc5ad5361d02.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\e45d7c05ba8dd045f5a5cf3a7451046f.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\eccd9003c808626be898e779ae2f7ea2.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\f271955f6f3e426816b2a87ee90ccd5b.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\fa0b30a47abb1b36e568354850cf52e1.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\chrome\content\core\installer.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\defaults\preferences\prefs.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\manifest.xml, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins.json, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\102.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\13.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\14.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\16.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\17.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\180.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\192.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\195.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\200.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\220.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\223.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\242.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\246.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\253.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\281.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\288.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\334.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\339.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\345.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\354.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\375.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\376.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\379.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\391.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\4.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\47.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\64.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\7.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\78.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\9.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\plugins\91.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\userCode\background.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\extensionData\userCode\extension.js, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.CrossRider.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com\locale\en-US\translations.dtd, , [9b285613f5954cea4aaaa710857e21df],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\searchplugins\istartsurf.xml, , [d2f181e86a2083b314a8726e19ea1de3],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b23dd27a-a451-4a76-818e-d9fbfeb8a3bd-5, , [e6dd72f781097eb8d7ad43a2bd4614ec],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b23dd27a-a451-4a76-818e-d9fbfeb8a3bd-5_user, , [b211036622687fb7bdc7c61f17ec01ff],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b23dd27a-a451-4a76-818e-d9fbfeb8a3bd-5.job, , [358e41282367c96d7d67142bfb0a7b85],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b23dd27a-a451-4a76-818e-d9fbfeb8a3bd-5_user.job, , [e6dd93d6b4d6d3638a5a4bf4c83d0bf5],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\543.json, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\MessageBox.xml, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\uninstallDlg2.xml, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\UninstallManager.exe, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\bg.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\bg1.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\bk_shadow.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\button.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\button1.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\checkbox.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\checkbox_select.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\checked.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\close.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\loading_bg.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\loading_light.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\min.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\scrollbar.bmp, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\Thumbs.db, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\unchecked.png, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\code\code1.jpg, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\code\code2.jpg, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\code\code3.jpg, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\code\code4.jpg, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\code\code5.jpg, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\code\code6.jpg, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\istartsurf\images\code\Thumbs.db, , [d9ea5712b7d378be4fafa7f5c3404cb4],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\b23dd27a-a451-4a76-818e-d9fbfeb8a3bd.xpi, , [a51e5e0b3c4e8bab474de4b913f06d93],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\Uninstall.exe, , [a51e5e0b3c4e8bab474de4b913f06d93],
PUP.Optional.VOPackage.A, C:\Users\Piotr\AppData\Roaming\VOPackage\Uninstall.exe, , [62619dcc31596fc7e1e9e8c672918080],
PUP.Optional.VOPackage.A, C:\Users\Piotr\AppData\Roaming\VOPackage\VOPackage.exe, , [62619dcc31596fc7e1e9e8c672918080],
PUP.Optional.VOPackage.A, C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk, , [e3e070f90d7d7abcf7d4387606fd3fc1],
PUP.Optional.SearchEngine.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\searchengine@gmail.com\chrome.manifest, , [804364052466a88e3ee5f4bf21e2ef11],
PUP.Optional.SearchEngine.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\searchengine@gmail.com\install.rdf, , [804364052466a88e3ee5f4bf21e2ef11],
PUP.Optional.SearchEngine.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\searchengine@gmail.com\chrome\content\toolbar.js, , [804364052466a88e3ee5f4bf21e2ef11],
PUP.Optional.SearchEngine.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\searchengine@gmail.com\chrome\content\toolbar.xul, , [804364052466a88e3ee5f4bf21e2ef11],
PUP.Optional.SearchEngine.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\searchengine@gmail.com\chrome\skin\icon.png, , [804364052466a88e3ee5f4bf21e2ef11],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Dobry: (), Zły: (   "homepage": "http://www.istartsurf.com/?type=hp&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352",), ,[368d7bee49418aaca9e3e058679f8878]
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome.manifest, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\install.rdf, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\content.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\html5slider.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\jquery-1.8.3.min.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\li.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\main.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\main.xul, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\options.html, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\options.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\tools.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\tr.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\content\zoom.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\skin\button.png, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\skin\icon32x32-disabled.png, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\skin\icon32x32.png, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\skin\options.css, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\skin\options_bg.png, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\skin\otaznik.png, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\chrome\skin\slider.png, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\addon_d.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\addon_info.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\file_cacher.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\guid.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\observer.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\pref_man.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\pu_upd.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\timer.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\time_passed.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\xcipher.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\tools\days_passed.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\tools\ff_info.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\tools\firstrun.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.ZoomIt.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\extensions\{09b2dafd-4960-037f-4ec2-e4529ce68da4}\modules\tools\os.js, , [ae15aebbc8c256e027b46acbd4326a96],
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\prefs.js, Dobry: (), Zły: (user_pref("browser.search.defaultenginename", "istartsurf");), ,[467d92d7028860d61b0690a6d92d847c]
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\prefs.js, Dobry: (), Zły: (user_pref("browser.search.selectedEngine", "istartsurf");), ,[33901e4bc1c9ec4aab77c1753cca7e82]
PUP.Optional.IStartSurf.A, C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\search.json, Dobry: (), Zły: (istartsurf), ,[09ba363394f6cf6713eca095ac5ae21e]

Sektory fizyczne: 0
(Nie wykryto zagrożeń)


(end)

[djarta]

Wklej mi jeszcze logi z FRST: bezpieczenstwo/korzystanie-z-frst-t28530.html

[Pablo922]

Kod: Zaznacz cały

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Piotr (administrator) on PC on 09-04-2015 19:07:21
Running from C:\Users\Piotr\Desktop
Loaded Profiles: Piotr (Available profiles: Piotr)
Platform: Windows 8.1 Pro (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(AVG Technologies) D:\TuneUp Utilities 2015\TuneUpUtilitiesService64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) D:\vmware\vmware-authd.exe
(AVG Technologies) D:\TuneUp Utilities 2015\TuneUpUtilitiesApp64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
() D:\vmware\vmware-hostd.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) D:\ATU Premium\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Filefacts.net) C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(TrueCrypt Foundation) D:\TrueCrypt\TrueCrypt.exe
(Mozilla Corporation) D:\ff\firefox.exe
(Mozilla Corporation) D:\ff\plugin-container.exe
(Mozilla Corporation) D:\ff\plugin-container.exe
(Mozilla Corporation) D:\ff\plugin-container.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(GG Network S.A.) C:\Users\Piotr\AppData\Local\GG\Application\gghub.exe
(GG Network S.A.) C:\Users\Piotr\AppData\Local\GG\Application\ggapp.exe
(GG Network S.A.) C:\Users\Piotr\AppData\Local\GG\Application\ggdrive\ggdrive.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe
(Opera Software) D:\Opera\28.0.1750.51\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => D:\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => D:\ATU Premium\TrueImageHome\TrueImageMonitor.exe [7805936 2014-02-04] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283248 2015-02-04] (Filefacts.net)
HKLM-x32\...\Run: [SFAUpdater] => C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [655984 2015-02-04] (Filefacts.net)
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\Run: [GG] => C:\Users\Piotr\AppData\Local\GG\Application\gghub.exe [4078144 2015-04-09] (GG Network S.A.)
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\Run: [ChomikBox] => D:\Chomikbox\ChomikBox.exe [6033408 2014-03-11] ( )
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\Run: [uTorrent] => C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\MountPoints2: {74d0370b-c949-11e3-827d-50e5495e6237} - "I:\setup.exe"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\MountPoints2: {7e375676-caca-11e3-827f-50e5495e6237} - "K:\LGAutoRun.exe"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\MountPoints2: {fa88858d-82b9-11e3-824b-806e6f6e6963} - "F:\autorun.exe"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [209408 2013-08-22] (Microsoft Corporation)
IFEO\AcroRd32.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\extendscript toolkit.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\lifecam.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\origin.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\originer.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\originuninstall.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\switchboard.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => D:\ATU Premium\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => D:\ATU Premium\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => D:\ATU Premium\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3725892325-662792573-1056446912-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\JAVA\bin\ssv.dll [2014-06-10] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\JAVA\bin\jp2ssv.dll [2014-06-10] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\JRE 8 X32\bin\ssv.dll [2014-12-22] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\JRE 8 X32\bin\jp2ssv.dll [2014-12-22] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default
FF SearchEngineOrder.1: v9
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-05] ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> D:\JAVA\bin\dtplugin\npDeployJava1.dll [2014-06-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> D:\JAVA\bin\plugin2\npjp2.dll [2014-06-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-05] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> D:\JRE 8 X32\bin\dtplugin\npDeployJava1.dll [2014-12-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> D:\JRE 8 X32\bin\plugin2\npjp2.dll [2014-12-22] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> D:\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\searchplugins\elektrodapl.xml [2015-04-02]
FF Extension: United States English Spellchecker - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-04-07]
FF Extension: BPH Sign Plugin - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\Extensions\SignPlugin@bph.pl [2014-03-05]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-03-05]
FF Extension: Adblock Plus - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-17]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-17]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-17]
StartMenuInternet: FIREFOX.EXE - D:\ff\firefox.exe

Chrome:
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-12]
CHR Extension: (Google Drive) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-12]
CHR Extension: (YouTube) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-12]
CHR Extension: (Google Search) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-12]
CHR Extension: (Shortcut Manager) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjjeipcdnnjhgodgjpfkffcejoljijf [2015-04-04]
CHR Extension: (Google Wallet) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-12]
CHR Extension: (Gmail) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-12]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Piotr\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-09-01]
StartMenuInternet: (HKU\S-1-5-21-3725892325-662792573-1056446912-1001) OperaStable - "D:\Opera\Launcher.exe"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-16] (Electronic Arts)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; D:\TuneUp Utilities 2015\TuneUpUtilitiesService64.exe [2604856 2014-11-24] (AVG Technologies)
R2 VMAuthdService; D:\vmware\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.)
R2 VMwareHostd; D:\vmware\vmware-hostd.exe [14407384 2014-06-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2015-03-03] (Alcohol Soft Development Team)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2015-04-08] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-23] (Disc Soft Ltd)
S3 GT680x; C:\Windows\System32\Drivers\gt680x.sys [22528 2007-02-06] (         )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-01-22] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-01-22] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-01-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49776 2014-07-25] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-03-03] (Duplex Secure Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-04-14] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-04-14] (Acronis International GmbH)
R3 TuneUpUtilitiesDrv; D:\TuneUp Utilities 2015\TuneUpUtilitiesDriver64.sys [14112 2014-11-24] (TuneUp Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\Grafika\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 19:07 - 2015-04-09 19:07 - 00024844 _____ () C:\Users\Piotr\Desktop\FRST.txt
2015-04-09 19:02 - 2015-04-09 19:07 - 00000000 ____D () C:\FRST
2015-04-09 19:01 - 2015-04-09 19:01 - 02095616 _____ (Farbar) C:\Users\Piotr\Desktop\FRST64.exe
2015-04-09 11:22 - 2015-04-09 12:42 - 740208640 _____ () C:\Users\Piotr\Desktop\50 Twarzy Greya NAPISY PL.avi
2015-04-08 20:57 - 2015-04-08 20:57 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software
2015-04-08 17:55 - 2015-04-08 17:55 - 00092202 _____ () C:\Users\Piotr\Downloads\Extras.Txt
2015-04-08 17:53 - 2015-04-08 17:53 - 00165578 _____ () C:\Users\Piotr\Downloads\OTL.Txt
2015-04-08 17:45 - 2015-04-08 17:45 - 00713112 _____ (Program ) C:\Users\Piotr\Desktop\OTL 3.2.69.0.exe
2015-04-08 17:45 - 2015-04-08 17:45 - 00602112 _____ (OldTimer Tools) C:\Users\Piotr\Downloads\OTL 3.2.69.0 [1].exe
2015-04-08 17:45 - 2015-04-08 17:45 - 00000000 ____D () C:\Users\Piotr\AppData\Local\StormFall
2015-04-08 14:37 - 2015-04-08 14:37 - 00880208 _____ (Google Inc.) C:\Users\Piotr\Desktop\ChromeSetup.exe
2015-04-08 14:23 - 2015-04-08 14:23 - 18106829 _____ () C:\Users\Piotr\Desktop\codex-train.simulator.2015.upd.49.4a.7z
2015-04-08 13:38 - 2015-04-08 13:38 - 02217984 _____ () C:\Users\Piotr\Desktop\adwcleaner_4.201_www.INSTALKI.pl.exe
2015-04-08 13:14 - 2015-04-08 13:14 - 00000627 _____ () C:\Users\Piotr\Desktop\Train Simulator 2015.lnk
2015-04-08 13:14 - 2015-04-08 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Train Simulator 2015
2015-04-08 02:59 - 2015-04-08 02:59 - 00056267 _____ () C:\Users\Piotr\Desktop\kkk.txt
2015-04-08 01:27 - 2015-04-08 01:27 - 00309248 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsidrv.sys
2015-04-08 00:58 - 2015-04-08 13:58 - 00109020 _____ () C:\Windows\PFRO.log
2015-04-08 00:21 - 2015-04-08 00:21 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Steam
2015-04-08 00:15 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-04-08 00:15 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-07 23:08 - 2015-04-07 23:08 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\LogMate
2015-04-07 22:20 - 2015-04-07 22:20 - 00000000 ____D () C:\Users\Piotr\AppData\Local\SKIDROW
2015-04-05 12:54 - 2015-04-09 14:09 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-05 12:54 - 2015-04-05 12:54 - 00003818 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-04 23:06 - 2015-04-05 00:23 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\SpinTires
2015-04-04 23:06 - 2015-04-04 23:06 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2015-04-02 22:28 - 2015-04-09 18:33 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-02 22:28 - 2015-04-08 14:37 - 00002281 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-02 22:28 - 2015-04-08 14:33 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-02 22:28 - 2015-04-02 22:28 - 00004024 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-02 22:28 - 2015-04-02 22:28 - 00003788 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-02 22:28 - 2015-04-02 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-02 13:17 - 2015-04-08 03:05 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-02 13:17 - 2015-04-02 13:17 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-02 13:17 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-02 13:17 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-02 13:17 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-02 13:14 - 2015-04-02 13:15 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Piotr\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-02 11:41 - 2015-04-02 11:41 - 02208768 _____ () C:\Users\Piotr\Desktop\adwcleaner_4.200_www.INSTALKI.pl.exe
2015-03-31 20:09 - 2015-03-31 20:09 - 00000000 ____D () C:\Users\Piotr\Tracing
2015-03-31 20:09 - 2015-03-31 20:09 - 00000000 ____D () C:\Users\Piotr\Tracing
2015-03-29 20:07 - 2015-03-29 20:08 - 03203574 _____ () C:\Users\Piotr\Desktop\SWScan00037.bmp
2015-03-26 23:33 - 2015-03-26 23:33 - 00000000 ____D () C:\Users\Piotr\Desktop\minidump
2015-03-26 23:31 - 2015-03-25 16:10 - 00262144 _____ () C:\Users\Piotr\Desktop\032515-19702-01.dmp
2015-03-26 23:31 - 2015-03-24 11:19 - 00262144 _____ () C:\Users\Piotr\Desktop\032415-17004-01.dmp
2015-03-25 21:58 - 2015-03-25 21:58 - 00030208 _____ () C:\Users\Piotr\Desktop\Odwołanie.dot
2015-03-25 16:25 - 2015-03-25 16:25 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2015-03-25 16:24 - 2015-03-25 16:24 - 10569452 _____ (Igor Pavlov) C:\Users\Piotr\Desktop\vga_utility@bios.exe
2015-03-25 16:24 - 2015-03-25 16:24 - 00000000 ____D () C:\Users\Piotr\Desktop\@bios
2015-03-24 18:55 - 2015-03-24 18:55 - 00000000 ____D () C:\Users\Piotr\AppData\Local\PDFCreator
2015-03-24 18:54 - 2015-04-03 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-03-24 18:54 - 2015-03-24 18:54 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-03-24 18:54 - 2015-03-24 18:54 - 00000572 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2015-03-24 17:00 - 2015-04-08 13:57 - 00000000 ____D () C:\AdwCleaner
2015-03-24 16:55 - 2015-03-24 16:55 - 02168320 _____ () C:\Users\Piotr\Desktop\AdwCleaner_www.INSTALKI.pl.exe
2015-03-20 02:17 - 2015-03-20 02:17 - 00032768 _____ () C:\Windows\system32\persistent_q.db-shm
2015-03-20 02:17 - 2015-03-20 02:17 - 00003176 _____ () C:\Windows\system32\persistent_q.db-wal
2015-03-20 02:17 - 2015-03-20 02:17 - 00001024 _____ () C:\Windows\system32\persistent_q.db
2015-03-20 00:43 - 2015-03-20 00:43 - 00000689 _____ () C:\Users\Piotr\Desktop\CrystalDiskInfo.lnk
2015-03-20 00:43 - 2015-03-20 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-03-19 12:45 - 2015-03-19 13:28 - 00000000 ____D () C:\Users\Piotr\Desktop\zasilacz
2015-03-18 00:57 - 2015-03-18 00:57 - 00000577 _____ () C:\Users\Public\Desktop\Free Editor.lnk
2015-03-18 00:57 - 2015-03-18 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Editor
2015-03-18 00:54 - 2015-03-18 00:54 - 36276224 _____ (Blue Labs, LLC ) C:\Users\Piotr\Desktop\freeeditor_setup.exe
2015-03-17 20:23 - 2014-09-29 16:55 - 00709333 _____ () C:\Users\Piotr\Desktop\zasilacza_sch_ok.sch
2015-03-17 14:58 - 2015-03-17 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-03-17 14:57 - 2015-04-08 20:31 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-17 14:57 - 2015-04-08 20:31 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-17 14:57 - 2015-03-17 14:57 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-17 14:57 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-03-17 14:57 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 19:03 - 2014-11-02 17:01 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Skype
2015-04-09 19:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-09 13:32 - 2014-01-21 19:52 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\GG
2015-04-09 13:32 - 2014-01-21 19:52 - 00000000 ____D () C:\Users\Piotr\AppData\Local\GG
2015-04-09 11:21 - 2014-04-24 20:06 - 01750887 _____ () C:\Windows\WindowsUpdate.log
2015-04-09 01:48 - 2014-01-21 18:47 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3725892325-662792573-1056446912-1001
2015-04-08 15:02 - 2014-03-20 19:00 - 00000000 ____D () C:\Users\Piotr\AppData\Local\CrashDumps
2015-04-08 14:34 - 2014-02-09 14:11 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\uTorrent
2015-04-08 14:33 - 2014-01-21 18:42 - 00000000 __RDO () C:\Users\Piotr\SkyDrive
2015-04-08 14:33 - 2014-01-21 18:42 - 00000000 __RDO () C:\Users\Piotr\SkyDrive
2015-04-08 14:32 - 2014-07-18 10:51 - 00000000 ____D () C:\ProgramData\VMware
2015-04-08 14:32 - 2014-07-18 10:51 - 00000000 ____D () C:\ProgramData\VMware
2015-04-08 14:32 - 2014-01-21 18:40 - 00000000 ____D () C:\Users\Piotr
2015-04-08 14:32 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-08 14:04 - 2014-06-03 10:02 - 00003974 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389280093
2015-04-08 03:03 - 2014-03-03 16:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-08 03:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Branding
2015-04-08 03:02 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-04-08 02:00 - 2015-03-06 00:59 - 00000581 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-08 02:00 - 2014-03-03 16:38 - 00000581 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-08 02:00 - 2014-01-21 18:41 - 00001462 _____ () C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-08 01:58 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-04-08 01:09 - 2014-04-03 13:05 - 00000000 ____D () C:\Users\Piotr\AppData\Local\ChomikBox
2015-04-08 01:05 - 2014-04-03 13:05 - 00000000 ____D () C:\Users\Piotr\.gstreamer-0.10
2015-04-08 01:05 - 2014-04-03 13:05 - 00000000 ____D () C:\Users\Piotr\.gstreamer-0.10
2015-04-08 01:05 - 2014-01-21 18:43 - 01833256 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-08 01:05 - 2013-08-23 01:12 - 00808602 _____ () C:\Windows\system32\perfh015.dat
2015-04-08 01:05 - 2013-08-23 01:12 - 00164482 _____ () C:\Windows\system32\perfc015.dat
2015-04-08 00:16 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-08 00:11 - 2014-01-21 19:26 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 00:11 - 2014-01-21 19:26 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-06 19:02 - 2015-01-10 13:23 - 00000600 _____ () C:\Users\Piotr\AppData\Local\PUTTY.RND
2015-04-06 11:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-05 16:12 - 2014-03-18 17:14 - 00000000 ____D () C:\Users\Piotr\AppData\Local\ManyCam
2015-04-05 14:04 - 2014-04-21 13:16 - 00000132 _____ () C:\Users\Piotr\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
2015-04-05 12:54 - 2014-01-27 21:02 - 00000000 ____D () C:\Users\Piotr\AppData\Local\Adobe
2015-04-02 22:57 - 2014-07-18 10:55 - 00000000 ____D () C:\Users\Piotr\AppData\Local\VMware
2015-04-02 22:57 - 2014-04-03 13:22 - 00000000 ____D () C:\Users\Piotr\AppData\Local\Microsoft Help
2015-04-02 22:33 - 2014-03-22 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-04-02 22:28 - 2014-03-22 22:46 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-30 23:49 - 2014-11-02 17:01 - 00000000 ____D () C:\ProgramData\Skype
2015-03-30 23:49 - 2014-11-02 17:01 - 00000000 ____D () C:\ProgramData\Skype
2015-03-30 23:48 - 2014-11-02 17:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-29 20:09 - 2014-07-18 10:55 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\VMware
2015-03-29 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-03-29 10:18 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-25 16:25 - 2014-07-29 12:21 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2015-03-21 15:59 - 2015-01-10 20:25 - 00000000 ____D () C:\Users\Piotr\Desktop\Watch.Dogs-RELOADED
2015-03-18 00:57 - 2014-06-26 11:00 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-03-17 15:14 - 2015-01-22 02:43 - 00800440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-03-17 14:57 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-16 22:52 - 2015-02-01 05:42 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Kamerzysta
2015-03-16 22:52 - 2014-10-10 14:54 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\MPC-HC
2015-03-16 22:52 - 2014-04-23 11:05 - 00000000 ____D () C:\Program Files (x86)\Origin

==================== Files in the root of some directories =======

2014-07-28 23:23 - 2014-07-28 23:23 - 0000132 _____ () C:\Users\Piotr\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP
2014-04-21 13:16 - 2015-04-05 14:04 - 0000132 _____ () C:\Users\Piotr\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
2014-03-20 12:56 - 2014-09-30 15:04 - 0005120 _____ () C:\Users\Piotr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-10 13:23 - 2015-04-06 19:02 - 0000600 _____ () C:\Users\Piotr\AppData\Local\PUTTY.RND
2014-03-13 12:12 - 2014-03-13 12:12 - 0007636 _____ () C:\Users\Piotr\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Piotr\AppData\Local\Temp\ggdrive-menu.exe
C:\Users\Piotr\AppData\Local\Temp\ggdrive-overlay.exe
C:\Users\Piotr\AppData\Local\Temp\installstats.exe
C:\Users\Piotr\AppData\Local\Temp\Quarantine.exe
C:\Users\Piotr\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-08 15:14

==================== End Of Log ============================

Kod: Zaznacz cały

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Piotr at 2015-04-09 19:07:53
Running from C:\Users\Piotr\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
µTorrent (HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
Acronis True Image 2014 (HKLM-x32\...\{6B38A7DF-F641-45D5-BBCA-3E676ABCF5C8}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version:  - ALLPlayer Group, Ltd.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AQQ (HKLM-x32\...\AQQ) (Version: 2.6.0.50 - Creative Team S.A.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies)
AVG PC TuneUp 2015 (pl-PL) (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
Camtasia Studio 8 (HKLM-x32\...\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}) (Version: 8.0.0.878 - TechSmith Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl)
Common (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Contents (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
Corel VideoStudio Pro X4 (HKLM-x32\...\_{AA902C31-B49D-4608-BCCF-2519EB77722D}) (Version: 14.0.0.342 - Corel Corporation)
CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PL (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
DeviceIO (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
EAGLE 6.5.0 (HKLM-x32\...\EAGLE 6.5.0) (Version: 6.5.0 - CadSoft Computer GmbH)
EAGLE 7.1.0 (HKLM-x32\...\EAGLE 7.1.0) (Version: 7.1.0 - CadSoft Computer GmbH)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.5.0.0 - NewsGator Technologies, Inc.)
Free Editor (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66B4}_is1) (Version: 1.0 - Blue Labs, LLC)
Geeks3D FurMark 1.15.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.25.000 - Runtime Software)
GG (HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\GG) (Version: 12 - GG Network S.A.)
GIGABYTE VGA @BIOS (HKLM-x32\...\{AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}) (Version: 6.50 - GIGABYTE)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
ICA (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
K-Lite Codec Pack 8.7.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
Malwarebytes Anti-Malware wersja 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
ManyCam 4.0.109 (HKLM-x32\...\ManyCam) (Version: 4.0.109 - Visicom Media Inc.)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.3.0.0 - Electronic Arts)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Odkurzacz (HKLM-x32\...\Odkurzacz 13.5_is1) (Version: 13.5.0.1911 - FranmoSoftware - Maciej Opaliński)
OpenFM (HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\OpenFM) (Version: 2 - GG Network S.A.)
Opera Stable 28.0.1750.51 (HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\Opera 28.0.1750.51) (Version: 28.0.1750.51 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.0 - pdfforge)
PureHD (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Remove Logo Now! 1.5 (HKLM-x32\...\Remove Logo Now!_is1) (Version: 1.5 - SoftOrbits)
Setup (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Share (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Share64 (Version: 14.0.0.342 - Corel Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
Spintires v1.0 (2014) (HKLM-x32\...\Spintires v1.0 (2014)1.0) (Version: 1.0 - Friends in War)
System Requirements Lab Detection (HKLM-x32\...\{91D5083E-3041-429A-B379-002F08EE42DE}) (Version: 2.2.4.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: 1.3.32.1010 - )
The Sims 4 Update v1.3.32.1010 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 3 Zwierzaki (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Train Simulator 2015 (HKLM-x32\...\Train Simulator 2015_is1) (Version:  - )
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.145 - TuneUp Software) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VIO (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.3 - VMware, Inc)
VMware Workstation (Version: 10.0.3 - VMware, Inc.) Hidden
VSClassic (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
VSPro (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WATCH_DOGS Update v1.03.483 (HKLM-x32\...\V0FUQ0hfRE9HUw==_is1) (Version: 1 - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Zzoomit (HKLM-x32\...\SeeWeblists) (Version:  - SeeWeblists)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3725892325-662792573-1056446912-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Piotr\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2014-09-30 14:19 - 00000929 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {205BD49A-085B-4928-AC45-829AE3A48CB0} - System32\Tasks\Opera scheduled Autoupdate 1389280093 => D:\Opera\launcher.exe [2015-04-07] (Opera Software)
Task: {501FB3FF-ED10-4689-9D29-E16AC81F8651} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-22] (Google Inc.)
Task: {75F9A99C-8A9A-49DE-AC1E-8B6D339EDFBE} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => D:\TuneUp Utilities 2015\OneClick.exe [2014-11-24] (AVG Technologies)
Task: {8F649575-4024-4844-936F-0EE6A3192EE9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-05] (Adobe Systems Incorporated)
Task: {A2F5CB9F-9DDD-4381-8498-8F43ECF98050} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {BB6E44EE-0D6F-458D-9928-BEB78734C36F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-22] (Google Inc.)
Task: {D008B0EB-3C30-4352-A668-B70A931054E9} - System32\Tasks\AutoPico Daily Restart => H:\download\KMSpico
Task: {D0F98C25-640D-44EA-BCDD-3C1D44118411} - System32\Tasks\{0E36D42D-C289-4472-B1BB-A9B4000071B0} => pcalua.exe -a "D:\ATU Premium\TrueImageHome\Uninstall.exe" -c {6B38A7DF-F641-45D5-BBCA-3E676ABCF5C8}
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-20 22:23 - 2014-11-20 22:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-11-24 13:48 - 2014-11-24 13:48 - 00713528 _____ () D:\TuneUp Utilities 2015\avgrepliba.dll
2013-10-01 10:26 - 2013-10-01 10:26 - 02810968 _____ () D:\ATU Premium\TrueImageHome\tishell64.dll
2014-11-24 13:49 - 2014-11-24 13:49 - 00856888 _____ () D:\TuneUp Utilities 2015\tulnga.dll
2014-06-12 17:44 - 2014-06-12 17:44 - 14407384 _____ () D:\vmware\vmware-hostd.exe
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () D:\vmware\libxml2.dll
2014-02-04 18:25 - 2014-02-04 18:25 - 00036672 _____ () D:\ATU Premium\TrueImageHome\qt_icontray_ex.dll
2014-02-04 18:25 - 2014-02-04 18:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-02-04 18:28 - 2014-02-04 18:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-04-08 14:04 - 2015-04-08 14:04 - 00157304 _____ () D:\Opera\28.0.1750.51\message_center_win8.dll
2015-04-08 14:04 - 2015-04-08 14:04 - 01488504 _____ () D:\Opera\28.0.1750.51\libglesv2.dll
2015-04-08 14:04 - 2015-04-08 14:04 - 00079992 _____ () D:\Opera\28.0.1750.51\libegl.dll
2015-04-08 14:04 - 2015-04-08 14:04 - 09625720 _____ () D:\Opera\28.0.1750.51\pdf.dll
2015-01-22 02:43 - 2015-01-22 02:43 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2015-01-22 02:43 - 2015-01-22 02:43 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2015-01-22 02:43 - 2015-01-22 02:43 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2015-04-02 17:40 - 2015-03-04 23:03 - 03715648 _____ () C:\Users\Piotr\AppData\Local\GG\Application\xulrunner\mozjs.dll
2015-04-02 17:40 - 2015-03-04 23:03 - 00122432 _____ () C:\Users\Piotr\AppData\Local\GG\Application\ggdrive\ZLIB1.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () D:\ATU Premium\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Piotr\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Piotr\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3725892325-662792573-1056446912-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Piotr\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: SwitchBoard => 3
HKLM\...\StartupApproved\StartupFolder: => "CodecPackTrayMenu.lnk"
HKLM\...\StartupApproved\StartupFolder: => "CodecPackUpdateChecker.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Watch.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "LifeCam"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "GG AutoUpdate (GGMod+)"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Ulead Photo Express Calendar Checker"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Onet.pl AutoUpdate"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\StartupFolder: => "Tutorial_SW.lnk"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "GG"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "ALLUpdate"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "ChomikBox"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "AlcoholAutomount"

==================== Accounts: =============================

Administrator (S-1-5-21-3725892325-662792573-1056446912-500 - Administrator - Enabled)
Gość (S-1-5-21-3725892325-662792573-1056446912-501 - Limited - Enabled)
Piotr (S-1-5-21-3725892325-662792573-1056446912-1001 - Administrator - Enabled) => C:\Users\Piotr

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/09/2015 11:27:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.

System Error:
Odmowa dostępu.
.

Error: (04/09/2015 11:27:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury ConvertStringSidToSid(S-1-5-21-3725892325-662792573-1056446912-500.bak).  hr = 0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa.
.


Operacja:
   Zdarzenie OnIdentify
   Zbieranie danych modułu zapisującego

Kontekst:
   Kontekst wykonywania: Shadow Copy Optimization Writer
   Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nazwa modułu zapisującego: Shadow Copy Optimization Writer
   Identyfikator wystąpienia modułu zapisującego: {c604a0b1-0e1f-4576-9972-fc68b764e094}

Error: (04/08/2015 05:07:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (04/08/2015 05:07:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (04/08/2015 05:07:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (04/08/2015 05:07:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (04/08/2015 03:32:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (04/08/2015 03:32:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (04/08/2015 03:32:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error: (04/08/2015 03:32:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Nie można odnaleźć zestawu zależnego Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.


System errors:
=============
Error: (04/09/2015 06:42:55 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Kopie w tle woluminu C: zostały przerwane z powodu usterki We/Wy w woluminie C:.

Error: (04/09/2015 10:32:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi afcdpsrv.

Error: (04/08/2015 03:32:24 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Kopie w tle woluminu C: zostały przerwane z powodu usterki We/Wy w woluminie C:.

Error: (04/08/2015 02:33:47 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: właściwe dla aplikacjiLokalnyUruchom{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCPiotrS-1-5-21-3725892325-662792573-1056446912-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (04/08/2015 02:33:47 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: właściwe dla aplikacjiLokalnyUruchom{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCPiotrS-1-5-21-3725892325-662792573-1056446912-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (04/08/2015 02:33:47 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: właściwe dla aplikacjiLokalnyUruchom{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCPiotrS-1-5-21-3725892325-662792573-1056446912-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (04/08/2015 02:33:47 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: właściwe dla aplikacjiLokalnyUruchom{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCPiotrS-1-5-21-3725892325-662792573-1056446912-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (04/08/2015 02:33:47 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: właściwe dla aplikacjiLokalnyUruchom{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCPiotrS-1-5-21-3725892325-662792573-1056446912-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (04/08/2015 02:33:46 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: właściwe dla aplikacjiLokalnyUruchom{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PCPiotrS-1-5-21-3725892325-662792573-1056446912-1001LocalHost (użycie LRPC)NiedostępnyNiedostępny

Error: (04/08/2015 02:32:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi AODDriver4.2.0 z powodu następującego błędu:
%%3


Microsoft Office Sessions:
=========================
Error: (04/09/2015 11:27:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.

System Error:
Odmowa dostępu.

Error: (04/09/2015 11:27:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-3725892325-662792573-1056446912-500.bak)0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa.


Operacja:
   Zdarzenie OnIdentify
   Zbieranie danych modułu zapisującego

Kontekst:
   Kontekst wykonywania: Shadow Copy Optimization Writer
   Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nazwa modułu zapisującego: Shadow Copy Optimization Writer
   Identyfikator wystąpienia modułu zapisującego: {c604a0b1-0e1f-4576-9972-fc68b764e094}

Error: (04/08/2015 05:07:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll

Error: (04/08/2015 05:07:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll

Error: (04/08/2015 05:07:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll

Error: (04/08/2015 05:07:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll

Error: (04/08/2015 03:32:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll

Error: (04/08/2015 03:32:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll

Error: (04/08/2015 03:32:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll

Error: (04/08/2015 03:32:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll


CodeIntegrity Errors:
===================================
  Date: 2015-01-11 11:55:48.226
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\PeerGuardian2\pgfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 42%
Total physical RAM: 8173.22 MB
Available physical RAM: 4666.7 MB
Total Pagefile: 12269.22 MB
Available Pagefile: 7797.93 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:80 GB) (Free:5.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:70 GB) (Free:8.03 GB) NTFS
Drive f: (0012301635) (CDROM) (Total:0.48 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: A74478CD)
Partition 1: (Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=70 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 000A8F04)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Kod: Zaznacz cały

Users shortcut scan result (x64) Version: 11-03-2015
Ran by Piotr at 2015-04-09 19:08:18
Running from C:\Users\Piotr\Desktop
Boot Mode: Normal
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\GetDataBack for NTFS.lnk -> D:\Runtime Software\GetDataBack for NTFS\gdbnt.exe (Runtime Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk -> D:\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk -> D:\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk -> D:\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk -> D:\Adobe\Adobe Photoshop CS5\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> D:\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk -> D:\TuneUp Utilities 2015\Integrator.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk -> C:\Windows\BrowserChoice\html\default.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> D:\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> D:\ff\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Uninstall XAMPP.lnk -> D:\xampp\uninstall.exe (Bitnami)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP Control Panel.lnk -> D:\xampp\xampp-control.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP htdocs folder.lnk -> D:\xampp\htdocs ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> D:\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> D:\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> D:\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> D:\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Windows Media Encoder.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmenc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Encoding Script.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\WMEncUtil.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media File Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmeditor.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Profile Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\WMProEdt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Stream Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmstreamedt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Train Simulator 2015\Train Simulator 2015.lnk -> D:\Train Simulator 2015\RailWorks.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Train Simulator 2015\Uninstall.lnk -> D:\Train Simulator 2015\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4\The Sims 4.lnk -> D:\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4\Uninstall The Sims 4.lnk -> D:\The Sims 4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 8.lnk -> C:\Windows\Installer\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Studio 8.lnk -> C:\Windows\Installer\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\AutorunsDisabled\Watch.lnk -> D:\BearPaw 2400CU Plus\Driver\WATCH.exe (Common Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor\Smart File Advisor Updater.lnk -> C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe (Filefacts.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor\Startup Application Checker.lnk -> C:\Program Files (x86)\Smart File Advisor\StartupChecker.exe (Filefacts.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype dla Pulpitu.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software\GetDataBack for NTFS.lnk -> D:\Runtime Software\GetDataBack for NTFS\gdbnt.exe (Runtime Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\O programie QuickTime.lnk -> C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk -> C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\PictureViewer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Darowizna na PDFCreator.lnk -> D:\PDFCreator\Darowizna na PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator Pomoc.lnk -> D:\PDFCreator\PDFCreator_english.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator.lnk -> D:\PDFCreator\PDFCreator.exe (pdfforge)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Strona WWW programu PDFCreator.lnk -> D:\PDFCreator\PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Error Reporter.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Usuń Origin.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Electronic Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz\Odkurzacz.lnk -> D:\Odkurzacz\odkurzacz.exe (FranmoSoftware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz\Usuń Odkurzacz.lnk -> D:\Odkurzacz\unins001.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Centrum Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Certyfikat cyfrowy dla projektów VBA.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Preferencje językowe pakietu Microsoft Office 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam\Microsoft LifeCam Help.lnk -> C:\Program Files (x86)\Microsoft LifeCam\MSWebCam.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam\Microsoft LifeCam.lnk -> C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\ManyCam.lnk -> C:\Program Files (x86)\ManyCam\ManyCam.exe (Visicom Media Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\Uninstall ManyCam.lnk -> C:\Program Files (x86)\ManyCam\uninstall.exe (Visicom Media Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\User Guide.lnk -> C:\Program Files (x86)\ManyCam\help\UserGuide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Deinstalacja programu Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool\LGMobile Support Tool.lnk -> C:\ProgramData\LGMOBILEAX\LGMLauncher.exe (LG Electronics)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool\Uninstall.lnk -> C:\ProgramData\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe (LG Electronics)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (Kaspersky Lab ZAO)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Odwiedź Kaspersky Lab w internecie.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kl.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Pomoc dla Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\Doc\pl-PL\kis\context.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Umowa licencyjna.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\Doc\pl\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext (x64).lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> D:\JRE 8 X32\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune Manual.lnk -> D:\HD Tune\hdtune.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune on the Web.lnk -> D:\HD Tune\HDTune.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune.lnk -> D:\HD Tune\HDTune.exe (EFD Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\Uninstall HD Tune.lnk -> D:\HD Tune\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE\@BIOS.lnk -> C:\Program Files (x86)\GIGABYTE\@BIOS\BIOS_Run.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\FurMark.lnk -> C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.15\FurMark.exe (Geeks3D (www.geeks3d.com))
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\Uninstall  FurMark.lnk -> C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.15\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Editor\Free Editor.lnk -> D:\Free Editor\FreeEditor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Editor\Uninstall Free Editor.lnk -> D:\Free Editor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme\AIDA64 Extreme Documentation.lnk -> D:\AIDA64 Extreme\aida64.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme\AIDA64 Extreme.lnk -> D:\AIDA64 Extreme\aida64.exe (FinalWire Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme\Strona WWW programu AIDA64 Extreme.lnk -> D:\AIDA64 Extreme\aida64.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FeedDemon\FeedDemon.lnk -> D:\FeedDemon\FeedDemon.exe (NewsGator Technologies, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0\EAGLE 7.1.0.lnk -> D:\EAGLE-7.1.0\bin\eagle.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0\Manual.lnk -> D:\EAGLE-7.1.0\doc\manual_en.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0\Tutorial.lnk -> D:\EAGLE-7.1.0\doc\tutorial_en.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0\EAGLE 6.5.0.lnk -> D:\EAGLE-6.5.0\bin\eagle.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0\Manual.lnk -> D:\EAGLE-6.5.0\doc\manual_en.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0\Tutorial.lnk -> D:\EAGLE-6.5.0\doc\tutorial_en.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo.lnk -> D:\CrystalDiskInfo\DiskInfo.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> D:\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> D:\HWMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\CorelDRAW X5.lnk -> C:\Windows\Installer\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}\NewShortcut1.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Duplexing Wizard.lnk -> C:\Windows\Installer\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}\NewShortcut4.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Video Tutorials.lnk -> C:\Windows\Installer\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}\NewShortcut6_CB374E334DC6464A9290A10D941E6568.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\Corel PHOTO-PAINT X5 Object Model Diagram PDF .lnk -> D:\Corel\CorelDRAW Graphics Suite X5\Data\Corel PHOTO-PAINT Object Model Diagram.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\CorelDRAW X5 Object Model Diagram PDF.lnk -> D:\Corel\CorelDRAW Graphics Suite X5\Data\CorelDRAW Object Model Diagram.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\Macro Programming Guide PDF.lnk -> D:\Corel\CorelDRAW Graphics Suite X5\Data\Macro Programming Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X4\Corel VideoStudio Pro X4.lnk -> D:\Corel VideoStudio Pro X4\vstudio.exe (Corel TW Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl\ChomikBox.lnk -> D:\Chomikbox\ChomikBox.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\ALLPlayer Skin Creator.lnk -> D:\ALLPlayer\ALLSkinCreator.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\ALLPlayer.lnk -> D:\ALLPlayer\ALLPlayer.exe (ALLPlayer Group Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\Strona WWW programu ALLPlayer V5.X.lnk -> D:\ALLPlayer\allplayerEng.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\A.C.I.D. Wizard.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\ACID.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol Command Launcher.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxCmd.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Data-Type Analyzer.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxDTA.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Uninstall Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\uninst.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Acronis True Image 2014.lnk -> D:\ATU Premium\TrueImageHome\TrueImageLauncher.exe (Acronis)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Acronis WinPE ISO Builder.lnk -> D:\ATU Premium\TrueImageHome\winpe_iso.exe (Acronis)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Acronis System Report.lnk -> D:\ATU Premium\TrueImageHome\SystemReport.exe (Acronis)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E00483BE-694A-4C74-85B1-8E2ADC5C5368}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E00483BE-694A-4C74-85B1-8E2ADC5C5368}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E00483BE-694A-4C74-85B1-8E2ADC5C5368}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E00483BE-694A-4C74-85B1-8E2ADC5C5368}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{CB9CCAD9-4412-42F8-B9F3-A0BB460CCE67}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{CB9CCAD9-4412-42F8-B9F3-A0BB460CCE67}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{CB9CCAD9-4412-42F8-B9F3-A0BB460CCE67}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{CB9CCAD9-4412-42F8-B9F3-A0BB460CCE67}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BF6395CB-A08B-4444-8BCD-E029770FC577}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BF6395CB-A08B-4444-8BCD-E029770FC577}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BF6395CB-A08B-4444-8BCD-E029770FC577}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BF6395CB-A08B-4444-8BCD-E029770FC577}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B16AE5F7-4B1A-4C2D-89E6-FB5B88A50E96}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B16AE5F7-4B1A-4C2D-89E6-FB5B88A50E96}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B16AE5F7-4B1A-4C2D-89E6-FB5B88A50E96}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B16AE5F7-4B1A-4C2D-89E6-FB5B88A50E96}\PlayTasks\0\The Sims™ 3 Skok w Przyszłość.lnk -> D:\The Sims 3 Skok w Przyszłość\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A5DE3E8B-0E7A-4B2D-A1D5-E8C689CBDF5C}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A5DE3E8B-0E7A-4B2D-A1D5-E8C689CBDF5C}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A5DE3E8B-0E7A-4B2D-A1D5-E8C689CBDF5C}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A5DE3E8B-0E7A-4B2D-A1D5-E8C689CBDF5C}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9C2EF3E0-EF72-48C8-9426-53481FA66AAF}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zwierzaki\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9C2EF3E0-EF72-48C8-9426-53481FA66AAF}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zwierzaki\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9C2EF3E0-EF72-48C8-9426-53481FA66AAF}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zwierzaki\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9C2EF3E0-EF72-48C8-9426-53481FA66AAF}\PlayTasks\0\The Sims™ 3 Zwierzaki.lnk -> D:\The Sims 3 Zwierzaki\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{98BF316F-C6F8-4E6D-BA69-81EC7CE35B8B}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{98BF316F-C6F8-4E6D-BA69-81EC7CE35B8B}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{98BF316F-C6F8-4E6D-BA69-81EC7CE35B8B}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{98BF316F-C6F8-4E6D-BA69-81EC7CE35B8B}\PlayTasks\0\The Sims™ 3 Skok w Przyszłość.lnk -> D:\The Sims 3 Skok w Przyszłość\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{96D5E9AE-892A-4EB0-8255-9BBD8982958B}\PlayTasks\3\Centrum Pomocy.lnk -> D:\Electronic Arts\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{96D5E9AE-892A-4EB0-8255-9BBD8982958B}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\Electronic Arts\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{96D5E9AE-892A-4EB0-8255-9BBD8982958B}\PlayTasks\1\Przeczytaj.lnk -> D:\Electronic Arts\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{96D5E9AE-892A-4EB0-8255-9BBD8982958B}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\Electronic Arts\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{85C1E673-8C86-4E7D-BCEF-5B37280403EE}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{85C1E673-8C86-4E7D-BCEF-5B37280403EE}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{85C1E673-8C86-4E7D-BCEF-5B37280403EE}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{85C1E673-8C86-4E7D-BCEF-5B37280403EE}\PlayTasks\0\The Sims™ 3 Skok w Przyszłość.lnk -> D:\The Sims 3 Skok w Przyszłość\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{3AE6DB73-A5B7-4917-93AF-D15C82800FCD}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{3AE6DB73-A5B7-4917-93AF-D15C82800FCD}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{3AE6DB73-A5B7-4917-93AF-D15C82800FCD}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{3AE6DB73-A5B7-4917-93AF-D15C82800FCD}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{30FE861D-F865-4BA5-AA3E-2CAA86125A1D}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{30FE861D-F865-4BA5-AA3E-2CAA86125A1D}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{30FE861D-F865-4BA5-AA3E-2CAA86125A1D}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{30FE861D-F865-4BA5-AA3E-2CAA86125A1D}\PlayTasks\0\The Sims™ 3 Skok w Przyszłość.lnk -> D:\The Sims 3 Skok w Przyszłość\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{1AAB9027-D6A0-4A76-8586-5E52B9409616}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{1AAB9027-D6A0-4A76-8586-5E52B9409616}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{1AAB9027-D6A0-4A76-8586-5E52B9409616}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{1AAB9027-D6A0-4A76-8586-5E52B9409616}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk -> D:\vmware\vmware.exe (VMware, Inc.)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\Links\Desktop.lnk -> C:\Users\Piotr\Desktop ()
Shortcut: C:\Users\Piotr\Links\Downloads.lnk -> E:\Pobrane (No File)
Shortcut: C:\Users\Piotr\Links\Dysk Google.lnk -> C:\Users\Piotr\Dysk Google ()
Shortcut: C:\Users\Piotr\Links\GG dysk.lnk -> C:\Users\Piotr\GG dysk ()
Shortcut: C:\Users\Piotr\Favorites\GG dysk.lnk -> C:\Users\Piotr\GG dysk ()
Shortcut: C:\Users\Piotr\Desktop\CDBurnerXP.lnk -> D:\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\Piotr\Desktop\CrystalDiskInfo.lnk -> D:\CrystalDiskInfo\DiskInfo.exe (Crystal Dew World)
Shortcut: C:\Users\Piotr\Desktop\FurMark.lnk -> C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.15\FurMark.exe (Geeks3D (www.geeks3d.com))
Shortcut: C:\Users\Piotr\Desktop\Omsi — skrót.lnk -> D:\OMSI2\Omsi.exe (MR-Software)
Shortcut: C:\Users\Piotr\Desktop\Train Simulator 2015.lnk -> D:\Train Simulator 2015\RailWorks.exe ()
Shortcut: C:\Users\Piotr\Desktop\Watch_Dogs.exe — skrót.lnk -> D:\WATCH_DOGS\bin\Watch_Dogs.exe (Ubisoft Entertainment)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Word\Justyna%20Kijak%20(1)304351552153047359\Justyna%20Kijak%20(1).doc.lnk -> E:\Pobrane\Justyna Kijak (1).doc (No File)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\AQQ.lnk -> D:\AQQ\AQQ.exe (AQQ Sp. z o.o.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Piotr\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Piotr\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> D:\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> D:\WinRAR\Rar.txt ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> D:\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> D:\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\Tutorial_SW.lnk -> D:\BearPaw 2400CU Plus\Driver\sw_tuto.exe ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs\More Portable Programs.lnk -> C:\2-click run\More Portable Programs.url (No File)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software\Opera.lnk -> D:\Opera\28.0.1750.51\opera.exe (Opera Software)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPortal\AQQ\Deinstalacja.lnk -> D:\AQQ\uninstall.exe ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPortal\AQQ\Uruchom AQQ.lnk -> D:\AQQ\AQQ.exe (AQQ Sp. z o.o.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIGABYTE\GIGABYTE VGA @BIOS\GIGABYTE VGA @BIOS.lnk -> C:\Users\Piotr\AppData\Roaming\Microsoft\Installer\{AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}\_BIOS.exe_AA12545D5EB84078AFD98E8DC0AE3A76.exe (Macrovision Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\Binutils Manual.lnk -> D:\GCC\manual\binutils\binutils.html ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\cpp Manual.lnk -> D:\GCC\manual\cpp\cpp.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\Gcc Manual.lnk -> D:\GCC\manual\gcc\gcc.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\gdb Manual.lnk -> D:\GCC\manual\gdb\gdb.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\gFortran Manual.lnk -> D:\GCC\manual\gfortran\gfortran.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\gprof Manual.lnk -> D:\GCC\manual\gprof\gprof.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\Make Manual.lnk -> D:\GCC\manual\make\make.html ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\openmp.lnk -> D:\GCC\manual\openmp\libgomp.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\quad precision math library.lnk -> D:\GCC\manual\quadmath\libquadmath.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BearPaw 2400CU Plus\Direct Scan.lnk -> D:\BearPaw 2400CU Plus\Driver\WATCH.exe (Common Group)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run\Spintires v1.0 (2014)\Spintires.lnk -> D:\Spintires v1.0 (2014)\SpinTires.exe (Oovee Ltd.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\SendTo\Dysk lokalny (E).lnk -> E:\ (No File)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ALLPlayer.lnk -> D:\ALLPlayer\ALLPlayer.exe (ALLPlayer Group Ltd.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk -> D:\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ChomikBox.lnk -> D:\Chomikbox\ChomikBox.exe ( )
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDFCreator.lnk -> D:\PDFCreator\PDFCreator.exe (pdfforge)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uruchom AQQ.lnk -> D:\AQQ\AQQ.exe (AQQ Sp. z o.o.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acronis True Image 2014.lnk -> D:\ATU Premium\TrueImageHome\TrueImageLauncher.exe (Acronis)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AVG PC TuneUp 2015.lnk -> D:\TuneUp Utilities 2015\Integrator.exe (AVG Technologies)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Corel VideoStudio Pro X4.lnk -> D:\Corel VideoStudio Pro X4\vstudio.exe (Corel TW Corp.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\DAEMON Tools Lite.lnk -> D:\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FeedDemon.lnk -> D:\FeedDemon\FeedDemon.exe (NewsGator Technologies, Inc.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GG (2).lnk -> C:\Users\Piotr\AppData\Local\GG\Application\ggapp.exe (GG Network S.A.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GG.lnk -> C:\Users\Piotr\AppData\Local\GG\Application\ggapp.exe (GG Network S.A.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> D:\ff\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera (2).lnk -> D:\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> D:\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TrueCrypt.lnk -> D:\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
Shortcut: C:\Users\Piotr\AppData\Local\OpenFM\Application\openfm.lnk -> C:\Users\Piotr\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\GG\Application\gg.lnk -> C:\Users\Piotr\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Public\Desktop\Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe (Alcohol Soft Development Team)
Shortcut: C:\Users\Public\Desktop\CorelDRAW X5.lnk -> C:\Windows\Installer\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}\NewShortcut1.exe (Acresso Software Inc.)
Shortcut: C:\Users\Public\Desktop\CPUID HWMonitor.lnk -> D:\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\Free Editor.lnk -> D:\Free Editor\FreeEditor.exe ()
Shortcut: C:\Users\Public\Desktop\GetDataBack for NTFS.lnk -> D:\Runtime Software\GetDataBack for NTFS\gdbnt.exe (Runtime Software)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> D:\ff\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\PDFCreator.lnk -> D:\PDFCreator\PDFCreator.exe (pdfforge)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\The Sims 4.lnk -> D:\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
Shortcut: C:\Users\Public\Desktop\Video Tutorials.lnk -> C:\Windows\Installer\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}\NewShortcut6_CB374E334DC6464A9290A10D941E6568.exe (Acresso Software Inc.)
Shortcut: C:\Users\Public\Desktop\VMware Workstation.lnk -> D:\vmware\vmware.exe (VMware, Inc.)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VUGames\SWAT 4\Odinstaluj SWAT 4.lnk -> C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe (InstallShield Software Corporation) -> /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}  uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Odinstaluj QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {8DC42D05-680B-41B0-8878-6C14D24602DB} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\Reset settings.lnk -> C:\Program Files (x86)\ManyCam\ManyCam.exe (Visicom Media Inc.) -> --remove-settings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Odinstaluj Kaspersky Internet Security.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{8ED07EBD-22AD-415A-B71E-C1AD86862C2E} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter64.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavaudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavsplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavvideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madVR.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Filters\madVR\madHcCtrl.exe (madshi.net) -> editLocalSettingsDontWait
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () -> /resetsettings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> D:\JRE 8 X32\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> D:\JRE 8 X32\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0\Readme.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> "D:\EAGLE-7.1.0\doc\README_en.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0\Update Documentation.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> "D:\EAGLE-7.1.0\doc\UPDATE_en.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0\Readme.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> "D:\EAGLE-6.5.0\doc\README_en.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0\Update Documentation.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> "D:\EAGLE-6.5.0\doc\UPDATE_en.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\CorelDRAW Graphics Suite X5 Guidebook (PDF).lnk -> D:\Corel\CorelDRAW Graphics Suite X5\Setup\DocLauncher.exe (Corel Corporation) -> Help\GB.pdf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl\Odinstaluj ChomikBox.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {C7B52FAF-58D8-438C-B810-F78C3C927504}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Pomoc.lnk -> C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Check for updates.lnk -> D:\ATU Premium\TrueImageHome\TrueImageLauncher.exe (Acronis) -> /check_updates
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Clone Disk.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /clone_disk
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Convert Acronis backup.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /convert_tib_to_vhd
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Convert Windows backup.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /convert_vhd_to_tib
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\DriveCleanser.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /drive_cleanser
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\File Shredder.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /file_shredder
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Mount Image.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /mount_image
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\System Clean-up.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /system_cleanup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Try&Decide.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /tnd_tool
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Piotr\Desktop\hibernuj.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> -h
ShortcutWithArgument: C:\Users\Piotr\Desktop\Reset.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /r /t 1
ShortcutWithArgument: C:\Users\Piotr\Desktop\Wyłącz.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /s /t 1
ShortcutWithArgument: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIGABYTE\GIGABYTE VGA @BIOS\Uninstall GIGABYTE VGA @BIOS.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}
ShortcutWithArgument: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\SendTo\AQQ.lnk -> D:\AQQ\AQQ.exe (AQQ Sp. z o.o.) -> AQQ_SHELL_EXTENSION
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Bitnami for XAMPP.url -> https://bitnami.com/stack/xampp?utm_source=bitnami&utm_medium=installer&utm_campaign=XAMPP%2BInstaller
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\FurMark online scores and ranking.url -> hxxp://ozone3d.net/redirect.php?id=217
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\Geeks3D.com.url -> hxxp://www.geeks3d.com/category/geeks3d/furmark-geeks3d/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\Homepage.url -> hxxp://www.ozone3d.net/benchmarks/fur/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\Scores comparative tables.url -> hxxp://ozone3d.net/redirect.php?id=222
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\SLI and CrossFire support.url -> hxxp://ozone3d.net/redirect.php?id=211
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Acronis website.url -> hxxp://www.acronis.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\User's guide.url -> hxxp://download.acronis.com/pdf/ATIH2014_userguide_en-US.pdf
InternetURL: C:\Users\Piotr\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Piotr\Favorites\Odloty.pl sex anonse kobiet, ogłoszenia i anonse towarzyskie, sex oferty.url -> hxxp://www.odloty.pl/pl/ogloszenia-towarzyskie/katowice/centrum/ewcia19-final-w-cenie/89460.html
InternetURL: C:\Users\Piotr\Favorites\Pincoyashow 's Cam, Zdjęcia, Video i Live Chat Webcam na Cam4.url -> hxxp://www.cam4.pl/pincoyashow
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Pulpit Sc14\Załaczniki koniec mies\Kontakt z Serwisem.url -> 0
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Pulpit Sc14\Kontakty\Kontakt z Serwisem.url -> 0
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Pulpit Sc14\Justyna\KZZ\Kontakt z Serwisem.url -> 0
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Pulpit Sc14\Justyna\Inwentaryzacja 2011\Kontakt z Serwisem.url -> 0
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Nowy folder\Centralna Baza Druków Pocztowych (2).url -> https://10.1.1.11/cbdruk/
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Nowy folder\Centralna Baza Druków Pocztowych.url -> https://10.1.1.11/cbdruk/
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Nowy folder\EKN\Justyna\Centralna Baza Druków Pocztowych.url -> https://10.1.1.11/cbdruk/
InternetURL: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPortal\AQQ\AQQ Strona domowa.url -> hxxp://aqq.eu

==================== End of log =============================


Jeżeli chodzi o tą partycję na drugim dysku i partycję 3. na pierwszym, one na bank są czyste, bo wcześniej jeszcze przed infekcją były ukryte, bo są zaszyfrowane, tak więc ten cały syf nie miał do nich dojścia.

[djarta]

1. Otwórz notatnik i wklej:

CloseProcesses:
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\Grafika\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
StartMenuInternet: FIREFOX.EXE - D:\ff\firefox.exe
FF SearchEngineOrder.1: v9
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283248 2015-02-04] (Filefacts.net)
HKLM-x32\...\Run: [SFAUpdater] => C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [655984 2015-02-04] (Filefacts.net)
C:\Program Files (x86)\Smart File Advisor
Emptytemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix.

2. Użyj >Dostępne tylko dla zarejestrowanych użytkowników
najpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.
Pokaż raport z niego C:\AdwCleaner\AdwCleaner[S].txt

3. Uruchom Dostępne tylko dla zarejestrowanych użytkowników. Wciśnij dowolny klawisz i czekaj, aż skończy się operacja. (UWAGA: podczas pobierania, programy mogą wskazywać, że to jest zagrożenie, proszę to zignorować). Pokaż raport.

4. Wykonaj i wklej nowe logi z FRST. Nie zapomnij zahaczykować Addiotion.txt.

[Pablo922]

Kod: Zaznacz cały

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Piotr at 2015-04-09 19:59:29 Run:1
Running from C:\Users\Piotr\Desktop
Loaded Profiles: Piotr (Available profiles: Piotr)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\Grafika\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
StartMenuInternet: FIREFOX.EXE - D:\ff\firefox.exe
FF SearchEngineOrder.1: v9
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283248 2015-02-04] (Filefacts.net)
HKLM-x32\...\Run: [SFAUpdater] => C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [655984 2015-02-04] (Filefacts.net)
C:\Program Files (x86)\Smart File Advisor
Emptytemp:
*****************

Processes closed successfully.
AODDriver4.2.0 => Service deleted successfully.
klkbdflt2 => Error deleting Service
VBoxNetFlt => Service deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\\Default => Value was restored successfully.
Firefox SearchEngineOrder.1 deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Smart File Advisor => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SFAUpdater => value deleted successfully.
C:\Program Files (x86)\Smart File Advisor => Moved successfully.
EmptyTemp: => Removed 770 MB temporary data.


The system needed a reboot.

==== End of Fixlog 19:59:41 ====

Kod: Zaznacz cały

# AdwCleaner v4.201 - Logfile created 09/04/2015 at 20:06:50
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Piotr - PC
# Running from : C:\Users\Piotr\Desktop\adwcleaner_4.201.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Piotr\AppData\Local\StormFall

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Mozilla Firefox v37.0.1 (x86 en-US)


-\\ Google Chrome v41.0.2272.118

[C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1428450361&from=obw&uid=SAMSUNGXHD322GJ_S2BJJX0C200352&q={searchTerms}
[C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] :

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [2189 bytes] - [02/04/2015 11:42:02]
AdwCleaner[R1].txt - [1918 bytes] - [08/04/2015 13:38:55]
AdwCleaner[R2].txt - [16353 bytes] - [09/04/2015 20:04:37]
AdwCleaner[S0].txt - [2256 bytes] - [02/04/2015 13:06:23]
AdwCleaner[S1].txt - [1976 bytes] - [08/04/2015 13:57:43]
AdwCleaner[S2].txt - [1358 bytes] - [09/04/2015 20:06:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1417  bytes] ##########


Kod: Zaznacz cały

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.3 (04.07.2015:1)
OS: Windows 8.1 Pro x64
Ran by Piotr on 09 04 15 at 20:11:47,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\chomikbox



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09 04 15 at 20:16:00,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Kod: Zaznacz cały

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Piotr (administrator) on PC on 09-04-2015 20:17:22
Running from C:\Users\Piotr\Desktop
Loaded Profiles: Piotr (Available profiles: Piotr)
Platform: Windows 8.1 Pro (X64) OS Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(AVG Technologies) D:\TuneUp Utilities 2015\TuneUpUtilitiesService64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVG Technologies) D:\TuneUp Utilities 2015\TuneUpUtilitiesApp64.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(VMware, Inc.) D:\vmware\vmware-authd.exe
() D:\vmware\vmware-hostd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) D:\ff\firefox.exe
(Mozilla Corporation) D:\ff\plugin-container.exe
(Mozilla Corporation) D:\ff\plugin-container.exe
(Mozilla Corporation) D:\ff\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => D:\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => D:\ATU Premium\TrueImageHome\TrueImageMonitor.exe [7805936 2014-02-04] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\Run: [GG] => C:\Users\Piotr\AppData\Local\GG\Application\gghub.exe [4078144 2015-04-09] (GG Network S.A.)
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\Run: [uTorrent] => C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\MountPoints2: {74d0370b-c949-11e3-827d-50e5495e6237} - "I:\setup.exe"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\MountPoints2: {7e375676-caca-11e3-827f-50e5495e6237} - "K:\LGAutoRun.exe"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\MountPoints2: {fa88858d-82b9-11e3-824b-806e6f6e6963} - "F:\autorun.exe"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [209408 2013-08-22] (Microsoft Corporation)
IFEO\AcroRd32.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\extendscript toolkit.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\lifecam.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\origin.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\originer.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\originuninstall.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
IFEO\switchboard.exe: [Debugger] "D:\TuneUp Utilities 2015\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => D:\ATU Premium\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => D:\ATU Premium\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => D:\ATU Premium\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll (GG Network S.A.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\JAVA\bin\ssv.dll [2014-06-10] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\JAVA\bin\jp2ssv.dll [2014-06-10] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\JRE 8 X32\bin\ssv.dll [2014-12-22] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\JRE 8 X32\bin\jp2ssv.dll [2014-12-22] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2015-01-22] (Kaspersky Lab ZAO)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default
FF SearchEngineOrder.1: v9
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-05] ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> D:\JAVA\bin\dtplugin\npDeployJava1.dll [2014-06-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> D:\JAVA\bin\plugin2\npjp2.dll [2014-06-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-05] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> D:\JRE 8 X32\bin\dtplugin\npDeployJava1.dll [2014-12-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> D:\JRE 8 X32\bin\plugin2\npjp2.dll [2014-12-22] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-17] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> D:\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\searchplugins\elektrodapl.xml [2015-04-02]
FF Extension: United States English Spellchecker - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\Extensions\en-US@dictionaries.addons.mozilla.org [2014-04-07]
FF Extension: BPH Sign Plugin - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\Extensions\SignPlugin@bph.pl [2014-03-05]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-03-05]
FF Extension: Adblock Plus - C:\Users\Piotr\AppData\Roaming\Mozilla\Firefox\Profiles\xldjxqlv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-17]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-17]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-17]

Chrome:
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-12]
CHR Extension: (Google Drive) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-12]
CHR Extension: (YouTube) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-12]
CHR Extension: (Google Search) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-12]
CHR Extension: (Shortcut Manager) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjjeipcdnnjhgodgjpfkffcejoljijf [2015-04-04]
CHR Extension: (Google Wallet) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-12]
CHR Extension: (Gmail) - C:\Users\Piotr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-12]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Piotr\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-09-01]
StartMenuInternet: (HKU\S-1-5-21-3725892325-662792573-1056446912-1001) OperaStable - "D:\Opera\Launcher.exe"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-16] (Electronic Arts)
S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; D:\TuneUp Utilities 2015\TuneUpUtilitiesService64.exe [2604856 2014-11-24] (AVG Technologies)
R2 VMAuthdService; D:\vmware\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.)
R2 VMwareHostd; D:\vmware\vmware-hostd.exe [14407384 2014-06-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2015-03-03] (Alcohol Soft Development Team)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2015-04-08] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-23] (Disc Soft Ltd)
S3 GT680x; C:\Windows\System32\Drivers\gt680x.sys [22528 2007-02-06] (         )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-01-22] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [800440 2015-03-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-01-22] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-01-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49776 2014-07-25] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-03-03] (Duplex Secure Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-04-14] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-04-14] (Acronis International GmbH)
R3 TuneUpUtilitiesDrv; D:\TuneUp Utilities 2015\TuneUpUtilitiesDriver64.sys [14112 2014-11-24] (TuneUp Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 20:16 - 2015-04-09 20:16 - 00001081 _____ () C:\Users\Piotr\Desktop\JRT.txt
2015-04-09 20:11 - 2015-04-09 20:11 - 02686959 _____ (Thisisu) C:\Users\Piotr\Desktop\JRT.exe
2015-04-09 20:11 - 2015-04-09 20:11 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PC-Windows-8.1-Pro-(64-bit).dat
2015-04-09 20:11 - 2015-04-09 20:11 - 00000000 ____D () C:\RegBackup
2015-04-09 20:04 - 2015-04-09 20:04 - 02217984 _____ () C:\Users\Piotr\Desktop\adwcleaner_4.201.exe
2015-04-09 19:08 - 2015-04-09 19:08 - 00071953 _____ () C:\Users\Piotr\Desktop\Shortcut.txt
2015-04-09 19:07 - 2015-04-09 20:17 - 00022346 _____ () C:\Users\Piotr\Desktop\FRST.txt
2015-04-09 19:07 - 2015-04-09 19:08 - 00034565 _____ () C:\Users\Piotr\Desktop\Addition.txt
2015-04-09 19:02 - 2015-04-09 20:17 - 00000000 ____D () C:\FRST
2015-04-09 19:01 - 2015-04-09 19:01 - 02095616 _____ (Farbar) C:\Users\Piotr\Desktop\FRST64.exe
2015-04-09 11:22 - 2015-04-09 12:42 - 740208640 _____ () C:\Users\Piotr\Desktop\50 Twarzy Greya NAPISY PL.avi
2015-04-08 20:57 - 2015-04-08 20:57 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software
2015-04-08 17:55 - 2015-04-08 17:55 - 00092202 _____ () C:\Users\Piotr\Downloads\Extras.Txt
2015-04-08 17:53 - 2015-04-08 17:53 - 00165578 _____ () C:\Users\Piotr\Downloads\OTL.Txt
2015-04-08 17:45 - 2015-04-08 17:45 - 00713112 _____ (Program ) C:\Users\Piotr\Desktop\OTL 3.2.69.0.exe
2015-04-08 17:45 - 2015-04-08 17:45 - 00602112 _____ (OldTimer Tools) C:\Users\Piotr\Downloads\OTL 3.2.69.0 [1].exe
2015-04-08 14:37 - 2015-04-08 14:37 - 00880208 _____ (Google Inc.) C:\Users\Piotr\Desktop\ChromeSetup.exe
2015-04-08 14:23 - 2015-04-08 14:23 - 18106829 _____ () C:\Users\Piotr\Desktop\codex-train.simulator.2015.upd.49.4a.7z
2015-04-08 13:38 - 2015-04-08 13:38 - 02217984 _____ () C:\Users\Piotr\Desktop\adwcleaner_4.201_www.INSTALKI.pl.exe
2015-04-08 13:14 - 2015-04-08 13:14 - 00000627 _____ () C:\Users\Piotr\Desktop\Train Simulator 2015.lnk
2015-04-08 13:14 - 2015-04-08 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Train Simulator 2015
2015-04-08 02:59 - 2015-04-08 02:59 - 00056267 _____ () C:\Users\Piotr\Desktop\kkk.txt
2015-04-08 01:27 - 2015-04-08 01:27 - 00309248 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsidrv.sys
2015-04-08 00:58 - 2015-04-09 20:00 - 00111042 _____ () C:\Windows\PFRO.log
2015-04-08 00:21 - 2015-04-08 00:21 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Steam
2015-04-08 00:15 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-04-08 00:15 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-07 23:08 - 2015-04-07 23:08 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\LogMate
2015-04-07 22:20 - 2015-04-07 22:20 - 00000000 ____D () C:\Users\Piotr\AppData\Local\SKIDROW
2015-04-05 12:54 - 2015-04-09 20:09 - 00000930 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-05 12:54 - 2015-04-05 12:54 - 00003818 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-04 23:06 - 2015-04-05 00:23 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\SpinTires
2015-04-04 23:06 - 2015-04-04 23:06 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2015-04-02 22:28 - 2015-04-09 20:08 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-02 22:28 - 2015-04-09 19:33 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-02 22:28 - 2015-04-08 14:37 - 00002281 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-02 22:28 - 2015-04-02 22:28 - 00004024 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-02 22:28 - 2015-04-02 22:28 - 00003788 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-02 22:28 - 2015-04-02 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-02 13:17 - 2015-04-08 03:05 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-02 13:17 - 2015-04-02 13:17 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-02 13:17 - 2015-04-02 13:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-02 13:17 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-02 13:17 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-02 13:17 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-02 13:14 - 2015-04-02 13:15 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Piotr\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-02 11:41 - 2015-04-02 11:41 - 02208768 _____ () C:\Users\Piotr\Desktop\adwcleaner_4.200_www.INSTALKI.pl.exe
2015-03-31 20:09 - 2015-03-31 20:09 - 00000000 ____D () C:\Users\Piotr\Tracing
2015-03-31 20:09 - 2015-03-31 20:09 - 00000000 ____D () C:\Users\Piotr\Tracing
2015-03-29 20:07 - 2015-03-29 20:08 - 03203574 _____ () C:\Users\Piotr\Desktop\SWScan00037.bmp
2015-03-26 23:33 - 2015-03-26 23:33 - 00000000 ____D () C:\Users\Piotr\Desktop\minidump
2015-03-26 23:31 - 2015-03-25 16:10 - 00262144 _____ () C:\Users\Piotr\Desktop\032515-19702-01.dmp
2015-03-26 23:31 - 2015-03-24 11:19 - 00262144 _____ () C:\Users\Piotr\Desktop\032415-17004-01.dmp
2015-03-25 21:58 - 2015-03-25 21:58 - 00030208 _____ () C:\Users\Piotr\Desktop\Odwołanie.dot
2015-03-25 16:25 - 2015-03-25 16:25 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2015-03-25 16:24 - 2015-03-25 16:24 - 10569452 _____ (Igor Pavlov) C:\Users\Piotr\Desktop\vga_utility@bios.exe
2015-03-25 16:24 - 2015-03-25 16:24 - 00000000 ____D () C:\Users\Piotr\Desktop\@bios
2015-03-24 18:55 - 2015-03-24 18:55 - 00000000 ____D () C:\Users\Piotr\AppData\Local\PDFCreator
2015-03-24 18:54 - 2015-04-03 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-03-24 18:54 - 2015-03-24 18:54 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-03-24 18:54 - 2015-03-24 18:54 - 00000572 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2015-03-24 17:00 - 2015-04-09 20:06 - 00000000 ____D () C:\AdwCleaner
2015-03-24 16:55 - 2015-03-24 16:55 - 02168320 _____ () C:\Users\Piotr\Desktop\AdwCleaner_www.INSTALKI.pl.exe
2015-03-20 02:17 - 2015-03-20 02:17 - 00032768 _____ () C:\Windows\system32\persistent_q.db-shm
2015-03-20 02:17 - 2015-03-20 02:17 - 00003176 _____ () C:\Windows\system32\persistent_q.db-wal
2015-03-20 02:17 - 2015-03-20 02:17 - 00001024 _____ () C:\Windows\system32\persistent_q.db
2015-03-20 00:43 - 2015-03-20 00:43 - 00000689 _____ () C:\Users\Piotr\Desktop\CrystalDiskInfo.lnk
2015-03-20 00:43 - 2015-03-20 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-03-19 12:45 - 2015-03-19 13:28 - 00000000 ____D () C:\Users\Piotr\Desktop\zasilacz
2015-03-18 00:57 - 2015-03-18 00:57 - 00000577 _____ () C:\Users\Public\Desktop\Free Editor.lnk
2015-03-18 00:57 - 2015-03-18 00:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Editor
2015-03-18 00:54 - 2015-03-18 00:54 - 36276224 _____ (Blue Labs, LLC ) C:\Users\Piotr\Desktop\freeeditor_setup.exe
2015-03-17 20:23 - 2014-09-29 16:55 - 00709333 _____ () C:\Users\Piotr\Desktop\zasilacza_sch_ok.sch
2015-03-17 14:58 - 2015-03-17 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-03-17 14:57 - 2015-04-09 20:08 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-17 14:57 - 2015-04-09 20:08 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-17 14:57 - 2015-03-17 14:57 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-03-17 14:57 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-03-17 14:57 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 20:13 - 2014-01-21 18:47 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3725892325-662792573-1056446912-1001
2015-04-09 20:09 - 2014-04-24 20:06 - 01809117 _____ () C:\Windows\WindowsUpdate.log
2015-04-09 20:08 - 2014-02-09 14:11 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\uTorrent
2015-04-09 20:08 - 2014-01-21 18:42 - 00000000 __RDO () C:\Users\Piotr\SkyDrive
2015-04-09 20:08 - 2014-01-21 18:42 - 00000000 __RDO () C:\Users\Piotr\SkyDrive
2015-04-09 20:07 - 2014-07-18 10:51 - 00000000 ____D () C:\ProgramData\VMware
2015-04-09 20:07 - 2014-07-18 10:51 - 00000000 ____D () C:\ProgramData\VMware
2015-04-09 20:07 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-09 20:07 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-04-09 19:59 - 2014-03-20 19:00 - 00000000 ____D () C:\Users\Piotr\AppData\Local\CrashDumps
2015-04-09 19:59 - 2014-01-21 18:40 - 00000000 ____D () C:\Users\Piotr
2015-04-09 19:51 - 2014-11-02 17:01 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Skype
2015-04-09 19:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-09 13:32 - 2014-01-21 19:52 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\GG
2015-04-09 13:32 - 2014-01-21 19:52 - 00000000 ____D () C:\Users\Piotr\AppData\Local\GG
2015-04-08 14:04 - 2014-06-03 10:02 - 00003974 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389280093
2015-04-08 03:03 - 2014-03-03 16:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-08 03:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Branding
2015-04-08 02:00 - 2015-03-06 00:59 - 00000581 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-08 02:00 - 2014-03-03 16:38 - 00000581 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-08 02:00 - 2014-01-21 18:41 - 00001462 _____ () C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-08 01:58 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-04-08 01:09 - 2014-04-03 13:05 - 00000000 ____D () C:\Users\Piotr\AppData\Local\ChomikBox
2015-04-08 01:05 - 2014-04-03 13:05 - 00000000 ____D () C:\Users\Piotr\.gstreamer-0.10
2015-04-08 01:05 - 2014-04-03 13:05 - 00000000 ____D () C:\Users\Piotr\.gstreamer-0.10
2015-04-08 01:05 - 2014-01-21 18:43 - 01833256 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-08 01:05 - 2013-08-23 01:12 - 00808602 _____ () C:\Windows\system32\perfh015.dat
2015-04-08 01:05 - 2013-08-23 01:12 - 00164482 _____ () C:\Windows\system32\perfc015.dat
2015-04-08 00:16 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-08 00:11 - 2014-01-21 19:26 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 00:11 - 2014-01-21 19:26 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-06 19:02 - 2015-01-10 13:23 - 00000600 _____ () C:\Users\Piotr\AppData\Local\PUTTY.RND
2015-04-06 11:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-05 16:12 - 2014-03-18 17:14 - 00000000 ____D () C:\Users\Piotr\AppData\Local\ManyCam
2015-04-05 14:04 - 2014-04-21 13:16 - 00000132 _____ () C:\Users\Piotr\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
2015-04-05 12:54 - 2014-01-27 21:02 - 00000000 ____D () C:\Users\Piotr\AppData\Local\Adobe
2015-04-02 22:57 - 2014-07-18 10:55 - 00000000 ____D () C:\Users\Piotr\AppData\Local\VMware
2015-04-02 22:57 - 2014-04-03 13:22 - 00000000 ____D () C:\Users\Piotr\AppData\Local\Microsoft Help
2015-04-02 22:33 - 2014-03-22 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-04-02 22:28 - 2014-03-22 22:46 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-30 23:49 - 2014-11-02 17:01 - 00000000 ____D () C:\ProgramData\Skype
2015-03-30 23:49 - 2014-11-02 17:01 - 00000000 ____D () C:\ProgramData\Skype
2015-03-30 23:48 - 2014-11-02 17:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-29 20:09 - 2014-07-18 10:55 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\VMware
2015-03-29 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-03-29 10:18 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-25 16:25 - 2014-07-29 12:21 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2015-03-21 15:59 - 2015-01-10 20:25 - 00000000 ____D () C:\Users\Piotr\Desktop\Watch.Dogs-RELOADED
2015-03-18 00:57 - 2014-06-26 11:00 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-03-17 15:14 - 2015-01-22 02:43 - 00800440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-03-17 14:57 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-16 22:52 - 2015-02-01 05:42 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\Kamerzysta
2015-03-16 22:52 - 2014-10-10 14:54 - 00000000 ____D () C:\Users\Piotr\AppData\Roaming\MPC-HC
2015-03-16 22:52 - 2014-04-23 11:05 - 00000000 ____D () C:\Program Files (x86)\Origin

==================== Files in the root of some directories =======

2014-07-28 23:23 - 2014-07-28 23:23 - 0000132 _____ () C:\Users\Piotr\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP
2014-04-21 13:16 - 2015-04-05 14:04 - 0000132 _____ () C:\Users\Piotr\AppData\Roaming\Preferencje Adobe CS5 dla formatu PNG
2014-03-20 12:56 - 2014-09-30 15:04 - 0005120 _____ () C:\Users\Piotr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-10 13:23 - 2015-04-06 19:02 - 0000600 _____ () C:\Users\Piotr\AppData\Local\PUTTY.RND
2014-03-13 12:12 - 2014-03-13 12:12 - 0007636 _____ () C:\Users\Piotr\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Piotr\AppData\Local\Temp\Quarantine.exe
C:\Users\Piotr\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-08 15:14

==================== End Of Log ============================

Kod: Zaznacz cały

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Piotr at 2015-04-09 20:18:05
Running from C:\Users\Piotr\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
µTorrent (HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
Acronis True Image 2014 (HKLM-x32\...\{6B38A7DF-F641-45D5-BBCA-3E676ABCF5C8}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version:  - ALLPlayer Group, Ltd.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AQQ (HKLM-x32\...\AQQ) (Version: 2.6.0.50 - Creative Team S.A.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies)
AVG PC TuneUp 2015 (pl-PL) (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
Camtasia Studio 8 (HKLM-x32\...\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}) (Version: 8.0.0.878 - TechSmith Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl)
Common (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Contents (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
Corel VideoStudio Pro X4 (HKLM-x32\...\_{AA902C31-B49D-4608-BCCF-2519EB77722D}) (Version: 14.0.0.342 - Corel Corporation)
CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PL (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
DeviceIO (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
EAGLE 6.5.0 (HKLM-x32\...\EAGLE 6.5.0) (Version: 6.5.0 - CadSoft Computer GmbH)
EAGLE 7.1.0 (HKLM-x32\...\EAGLE 7.1.0) (Version: 7.1.0 - CadSoft Computer GmbH)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.5.0.0 - NewsGator Technologies, Inc.)
Free Editor (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66B4}_is1) (Version: 1.0 - Blue Labs, LLC)
Geeks3D FurMark 1.15.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.25.000 - Runtime Software)
GG (HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\GG) (Version: 12 - GG Network S.A.)
GIGABYTE VGA @BIOS (HKLM-x32\...\{AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}) (Version: 6.50 - GIGABYTE)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
ICA (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
K-Lite Codec Pack 8.7.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
Malwarebytes Anti-Malware wersja 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
ManyCam 4.0.109 (HKLM-x32\...\ManyCam) (Version: 4.0.109 - Visicom Media Inc.)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.3.0.0 - Electronic Arts)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Odkurzacz (HKLM-x32\...\Odkurzacz 13.5_is1) (Version: 13.5.0.1911 - FranmoSoftware - Maciej Opaliński)
OpenFM (HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\OpenFM) (Version: 2 - GG Network S.A.)
Opera Stable 28.0.1750.51 (HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\Opera 28.0.1750.51) (Version: 28.0.1750.51 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.0 - pdfforge)
PureHD (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Remove Logo Now! 1.5 (HKLM-x32\...\Remove Logo Now!_is1) (Version: 1.5 - SoftOrbits)
Setup (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Share (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
Share64 (Version: 14.0.0.342 - Corel Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
Spintires v1.0 (2014) (HKLM-x32\...\Spintires v1.0 (2014)1.0) (Version: 1.0 - Friends in War)
System Requirements Lab Detection (HKLM-x32\...\{91D5083E-3041-429A-B379-002F08EE42DE}) (Version: 2.2.4.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: 1.3.32.1010 - )
The Sims 4 Update v1.3.32.1010 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 3 Zwierzaki (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Train Simulator 2015 (HKLM-x32\...\Train Simulator 2015_is1) (Version:  - )
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.145 - TuneUp Software) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VIO (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.3 - VMware, Inc)
VMware Workstation (Version: 10.0.3 - VMware, Inc.) Hidden
VSClassic (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
VSPro (x32 Version: 14.0.0.342 - Corel Corporation) Hidden
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WATCH_DOGS Update v1.03.483 (HKLM-x32\...\V0FUQ0hfRE9HUw==_is1) (Version: 1 - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Zzoomit (HKLM-x32\...\SeeWeblists) (Version:  - SeeWeblists)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3725892325-662792573-1056446912-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Piotr\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2014-09-30 14:19 - 00000929 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {205BD49A-085B-4928-AC45-829AE3A48CB0} - System32\Tasks\Opera scheduled Autoupdate 1389280093 => D:\Opera\launcher.exe [2015-04-07] (Opera Software)
Task: {501FB3FF-ED10-4689-9D29-E16AC81F8651} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-22] (Google Inc.)
Task: {75F9A99C-8A9A-49DE-AC1E-8B6D339EDFBE} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => D:\TuneUp Utilities 2015\OneClick.exe [2014-11-24] (AVG Technologies)
Task: {8F649575-4024-4844-936F-0EE6A3192EE9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-05] (Adobe Systems Incorporated)
Task: {A2F5CB9F-9DDD-4381-8498-8F43ECF98050} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {BB6E44EE-0D6F-458D-9928-BEB78734C36F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-22] (Google Inc.)
Task: {D008B0EB-3C30-4352-A668-B70A931054E9} - System32\Tasks\AutoPico Daily Restart => H:\download\KMSpico
Task: {D0F98C25-640D-44EA-BCDD-3C1D44118411} - System32\Tasks\{0E36D42D-C289-4472-B1BB-A9B4000071B0} => pcalua.exe -a "D:\ATU Premium\TrueImageHome\Uninstall.exe" -c {6B38A7DF-F641-45D5-BBCA-3E676ABCF5C8}
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-24 13:48 - 2014-11-24 13:48 - 00713528 _____ () D:\TuneUp Utilities 2015\avgrepliba.dll
2013-10-01 10:26 - 2013-10-01 10:26 - 02810968 _____ () D:\ATU Premium\TrueImageHome\tishell64.dll
2014-11-24 13:49 - 2014-11-24 13:49 - 00856888 _____ () D:\TuneUp Utilities 2015\tulnga.dll
2014-11-26 01:33 - 2014-11-26 01:33 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-06-12 17:44 - 2014-06-12 17:44 - 14407384 _____ () D:\vmware\vmware-hostd.exe
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-02-04 18:25 - 2014-02-04 18:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-02-04 18:28 - 2014-02-04 18:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () D:\vmware\libxml2.dll
2015-01-22 02:43 - 2015-01-22 02:43 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2015-01-22 02:43 - 2015-01-22 02:43 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2015-01-22 02:43 - 2015-01-22 02:43 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () D:\ATU Premium\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Piotr\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Piotr\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3725892325-662792573-1056446912-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Piotr\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: SwitchBoard => 3
HKLM\...\StartupApproved\StartupFolder: => "CodecPackTrayMenu.lnk"
HKLM\...\StartupApproved\StartupFolder: => "CodecPackUpdateChecker.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Watch.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "LifeCam"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "GG AutoUpdate (GGMod+)"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Ulead Photo Express Calendar Checker"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Onet.pl AutoUpdate"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\StartupFolder: => "Tutorial_SW.lnk"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "GG"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "ALLUpdate"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "ChomikBox"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-3725892325-662792573-1056446912-1001\...\StartupApproved\Run: => "AlcoholAutomount"

==================== Accounts: =============================

Administrator (S-1-5-21-3725892325-662792573-1056446912-500 - Administrator - Enabled)
Gość (S-1-5-21-3725892325-662792573-1056446912-501 - Limited - Enabled)
Piotr (S-1-5-21-3725892325-662792573-1056446912-1001 - Administrator - Enabled) => C:\Users\Piotr

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 23%
Total physical RAM: 8173.22 MB
Available physical RAM: 6268.65 MB
Total Pagefile: 12269.22 MB
Available Pagefile: 10229.93 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:80 GB) (Free:6.79 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:70 GB) (Free:8.03 GB) NTFS
Drive f: (0012301635) (CDROM) (Total:0.48 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: A74478CD)
Partition 1: (Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=70 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 000A8F04)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Kod: Zaznacz cały

Users shortcut scan result (x64) Version: 11-03-2015
Ran by Piotr at 2015-04-09 20:18:34
Running from C:\Users\Piotr\Desktop
Boot Mode: Normal
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\GetDataBack for NTFS.lnk -> D:\Runtime Software\GetDataBack for NTFS\gdbnt.exe (Runtime Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk -> D:\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk -> D:\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk -> D:\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk -> D:\Adobe\Adobe Photoshop CS5\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1045-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> D:\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk -> D:\TuneUp Utilities 2015\Integrator.exe (AVG Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk -> C:\Windows\BrowserChoice\html\default.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> D:\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> D:\ff\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Uninstall XAMPP.lnk -> D:\xampp\uninstall.exe (Bitnami)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP Control Panel.lnk -> D:\xampp\xampp-control.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP htdocs folder.lnk -> D:\xampp\htdocs ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> D:\WinRAR\CoNowego.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> D:\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> D:\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> D:\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Windows Media Encoder.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmenc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Encoding Script.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\WMEncUtil.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media File Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmeditor.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Profile Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\WMProEdt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Stream Editor.lnk -> C:\Program Files (x86)\Windows Media Components\Encoder\wmstreamedt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Train Simulator 2015\Train Simulator 2015.lnk -> D:\Train Simulator 2015\RailWorks.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Train Simulator 2015\Uninstall.lnk -> D:\Train Simulator 2015\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4\The Sims 4.lnk -> D:\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4\Uninstall The Sims 4.lnk -> D:\The Sims 4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 8.lnk -> C:\Windows\Installer\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Studio 8.lnk -> C:\Windows\Installer\{72144B9D-58C4-4C09-A5CF-C6A914B912E8}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\AutorunsDisabled\Watch.lnk -> D:\BearPaw 2400CU Plus\Driver\WATCH.exe (Common Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor\Smart File Advisor Updater.lnk -> C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor\Startup Application Checker.lnk -> C:\Program Files (x86)\Smart File Advisor\StartupChecker.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype dla Pulpitu.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software\GetDataBack for NTFS.lnk -> D:\Runtime Software\GetDataBack for NTFS\gdbnt.exe (Runtime Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\O programie QuickTime.lnk -> C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk -> C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\PictureViewer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Darowizna na PDFCreator.lnk -> D:\PDFCreator\Darowizna na PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator Pomoc.lnk -> D:\PDFCreator\PDFCreator_english.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\PDFCreator.lnk -> D:\PDFCreator\PDFCreator.exe (pdfforge)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator\Strona WWW programu PDFCreator.lnk -> D:\PDFCreator\PDFCreator.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Error Reporter.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Usuń Origin.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Electronic Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz\Odkurzacz.lnk -> D:\Odkurzacz\odkurzacz.exe (FranmoSoftware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz\Usuń Odkurzacz.lnk -> D:\Odkurzacz\unins001.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Centrum Microsoft Office 2010 Upload Center.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Certyfikat cyfrowy dla projektów VBA.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Narzędzia pakietu Microsoft Office 2010\Preferencje językowe pakietu Microsoft Office 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam\Microsoft LifeCam Help.lnk -> C:\Program Files (x86)\Microsoft LifeCam\MSWebCam.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam\Microsoft LifeCam.lnk -> C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\ManyCam.lnk -> C:\Program Files (x86)\ManyCam\ManyCam.exe (Visicom Media Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\Uninstall ManyCam.lnk -> C:\Program Files (x86)\ManyCam\uninstall.exe (Visicom Media Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\User Guide.lnk -> C:\Program Files (x86)\ManyCam\help\UserGuide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Deinstalacja programu Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool\LGMobile Support Tool.lnk -> C:\ProgramData\LGMOBILEAX\LGMLauncher.exe (LG Electronics)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool\Uninstall.lnk -> C:\ProgramData\LGMOBILEAX\B2C_Client\B2CAppUninstall.exe (LG Electronics)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (Kaspersky Lab ZAO)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Odwiedź Kaspersky Lab w internecie.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kl.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Pomoc dla Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\Doc\pl-PL\kis\context.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Umowa licencyjna.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\Doc\pl\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext (x64).lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudioNext.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\GraphStudioNext.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> D:\JRE 8 X32\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune Manual.lnk -> D:\HD Tune\hdtune.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune on the Web.lnk -> D:\HD Tune\HDTune.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\HD Tune.lnk -> D:\HD Tune\HDTune.exe (EFD Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune\Uninstall HD Tune.lnk -> D:\HD Tune\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE\@BIOS.lnk -> C:\Program Files (x86)\GIGABYTE\@BIOS\BIOS_Run.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\FurMark.lnk -> C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.15\FurMark.exe (Geeks3D (www.geeks3d.com))
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\Uninstall  FurMark.lnk -> C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.15\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Editor\Free Editor.lnk -> D:\Free Editor\FreeEditor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Editor\Uninstall Free Editor.lnk -> D:\Free Editor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme\AIDA64 Extreme Documentation.lnk -> D:\AIDA64 Extreme\aida64.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme\AIDA64 Extreme.lnk -> D:\AIDA64 Extreme\aida64.exe (FinalWire Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme\Strona WWW programu AIDA64 Extreme.lnk -> D:\AIDA64 Extreme\aida64.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FeedDemon\FeedDemon.lnk -> D:\FeedDemon\FeedDemon.exe (NewsGator Technologies, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0\EAGLE 7.1.0.lnk -> D:\EAGLE-7.1.0\bin\eagle.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0\Manual.lnk -> D:\EAGLE-7.1.0\doc\manual_en.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0\Tutorial.lnk -> D:\EAGLE-7.1.0\doc\tutorial_en.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0\EAGLE 6.5.0.lnk -> D:\EAGLE-6.5.0\bin\eagle.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0\Manual.lnk -> D:\EAGLE-6.5.0\doc\manual_en.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0\Tutorial.lnk -> D:\EAGLE-6.5.0\doc\tutorial_en.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo\CrystalDiskInfo.lnk -> D:\CrystalDiskInfo\DiskInfo.exe (Crystal Dew World)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> D:\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> D:\HWMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\CorelDRAW X5.lnk -> C:\Windows\Installer\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}\NewShortcut1.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Duplexing Wizard.lnk -> C:\Windows\Installer\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}\NewShortcut4.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Video Tutorials.lnk -> C:\Windows\Installer\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}\NewShortcut6_CB374E334DC6464A9290A10D941E6568.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\Corel PHOTO-PAINT X5 Object Model Diagram PDF .lnk -> D:\Corel\CorelDRAW Graphics Suite X5\Data\Corel PHOTO-PAINT Object Model Diagram.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\CorelDRAW X5 Object Model Diagram PDF.lnk -> D:\Corel\CorelDRAW Graphics Suite X5\Data\CorelDRAW Object Model Diagram.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\Macro Programming Guide PDF.lnk -> D:\Corel\CorelDRAW Graphics Suite X5\Data\Macro Programming Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X4\Corel VideoStudio Pro X4.lnk -> D:\Corel VideoStudio Pro X4\vstudio.exe (Corel TW Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl\ChomikBox.lnk -> D:\Chomikbox\ChomikBox.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\ALLPlayer Skin Creator.lnk -> D:\ALLPlayer\ALLSkinCreator.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\ALLPlayer.lnk -> D:\ALLPlayer\ALLPlayer.exe (ALLPlayer Group Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer\Strona WWW programu ALLPlayer V5.X.lnk -> D:\ALLPlayer\allplayerEng.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\A.C.I.D. Wizard.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\ACID.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol Command Launcher.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxCmd.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Data-Type Analyzer.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxDTA.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Uninstall Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\uninst.exe (Alcohol Soft Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Acronis True Image 2014.lnk -> D:\ATU Premium\TrueImageHome\TrueImageLauncher.exe (Acronis)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Acronis WinPE ISO Builder.lnk -> D:\ATU Premium\TrueImageHome\winpe_iso.exe (Acronis)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Acronis System Report.lnk -> D:\ATU Premium\TrueImageHome\SystemReport.exe (Acronis)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E00483BE-694A-4C74-85B1-8E2ADC5C5368}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E00483BE-694A-4C74-85B1-8E2ADC5C5368}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E00483BE-694A-4C74-85B1-8E2ADC5C5368}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E00483BE-694A-4C74-85B1-8E2ADC5C5368}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{CB9CCAD9-4412-42F8-B9F3-A0BB460CCE67}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{CB9CCAD9-4412-42F8-B9F3-A0BB460CCE67}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{CB9CCAD9-4412-42F8-B9F3-A0BB460CCE67}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{CB9CCAD9-4412-42F8-B9F3-A0BB460CCE67}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BF6395CB-A08B-4444-8BCD-E029770FC577}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BF6395CB-A08B-4444-8BCD-E029770FC577}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BF6395CB-A08B-4444-8BCD-E029770FC577}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BF6395CB-A08B-4444-8BCD-E029770FC577}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B16AE5F7-4B1A-4C2D-89E6-FB5B88A50E96}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B16AE5F7-4B1A-4C2D-89E6-FB5B88A50E96}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B16AE5F7-4B1A-4C2D-89E6-FB5B88A50E96}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B16AE5F7-4B1A-4C2D-89E6-FB5B88A50E96}\PlayTasks\0\The Sims™ 3 Skok w Przyszłość.lnk -> D:\The Sims 3 Skok w Przyszłość\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A5DE3E8B-0E7A-4B2D-A1D5-E8C689CBDF5C}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A5DE3E8B-0E7A-4B2D-A1D5-E8C689CBDF5C}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A5DE3E8B-0E7A-4B2D-A1D5-E8C689CBDF5C}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{A5DE3E8B-0E7A-4B2D-A1D5-E8C689CBDF5C}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9C2EF3E0-EF72-48C8-9426-53481FA66AAF}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zwierzaki\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9C2EF3E0-EF72-48C8-9426-53481FA66AAF}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zwierzaki\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9C2EF3E0-EF72-48C8-9426-53481FA66AAF}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zwierzaki\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{9C2EF3E0-EF72-48C8-9426-53481FA66AAF}\PlayTasks\0\The Sims™ 3 Zwierzaki.lnk -> D:\The Sims 3 Zwierzaki\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{98BF316F-C6F8-4E6D-BA69-81EC7CE35B8B}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{98BF316F-C6F8-4E6D-BA69-81EC7CE35B8B}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{98BF316F-C6F8-4E6D-BA69-81EC7CE35B8B}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{98BF316F-C6F8-4E6D-BA69-81EC7CE35B8B}\PlayTasks\0\The Sims™ 3 Skok w Przyszłość.lnk -> D:\The Sims 3 Skok w Przyszłość\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{96D5E9AE-892A-4EB0-8255-9BBD8982958B}\PlayTasks\3\Centrum Pomocy.lnk -> D:\Electronic Arts\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{96D5E9AE-892A-4EB0-8255-9BBD8982958B}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\Electronic Arts\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{96D5E9AE-892A-4EB0-8255-9BBD8982958B}\PlayTasks\1\Przeczytaj.lnk -> D:\Electronic Arts\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{96D5E9AE-892A-4EB0-8255-9BBD8982958B}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\Electronic Arts\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{85C1E673-8C86-4E7D-BCEF-5B37280403EE}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{85C1E673-8C86-4E7D-BCEF-5B37280403EE}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{85C1E673-8C86-4E7D-BCEF-5B37280403EE}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{85C1E673-8C86-4E7D-BCEF-5B37280403EE}\PlayTasks\0\The Sims™ 3 Skok w Przyszłość.lnk -> D:\The Sims 3 Skok w Przyszłość\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{3AE6DB73-A5B7-4917-93AF-D15C82800FCD}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{3AE6DB73-A5B7-4917-93AF-D15C82800FCD}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{3AE6DB73-A5B7-4917-93AF-D15C82800FCD}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{3AE6DB73-A5B7-4917-93AF-D15C82800FCD}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{30FE861D-F865-4BA5-AA3E-2CAA86125A1D}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{30FE861D-F865-4BA5-AA3E-2CAA86125A1D}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{30FE861D-F865-4BA5-AA3E-2CAA86125A1D}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Skok w Przyszłość\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{30FE861D-F865-4BA5-AA3E-2CAA86125A1D}\PlayTasks\0\The Sims™ 3 Skok w Przyszłość.lnk -> D:\The Sims 3 Skok w Przyszłość\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{1AAB9027-D6A0-4A76-8586-5E52B9409616}\PlayTasks\3\Centrum Pomocy.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{1AAB9027-D6A0-4A76-8586-5E52B9409616}\PlayTasks\2\Umowa Użytkownika.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\pl_EULA.rtf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{1AAB9027-D6A0-4A76-8586-5E52B9409616}\PlayTasks\1\Przeczytaj.lnk -> D:\The Sims 3 Zostań gwiazdą\Support\Przeczytaj.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{1AAB9027-D6A0-4A76-8586-5E52B9409616}\PlayTasks\0\The Sims™ 3 Zostań gwiazdą.lnk -> D:\The Sims 3 Zostań gwiazdą\Game\Bin\Sims3Launcher.exe (No File)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VMware Workstation.lnk -> D:\vmware\vmware.exe (VMware, Inc.)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\Links\Desktop.lnk -> C:\Users\Piotr\Desktop ()
Shortcut: C:\Users\Piotr\Links\Downloads.lnk -> E:\Pobrane (No File)
Shortcut: C:\Users\Piotr\Links\Dysk Google.lnk -> C:\Users\Piotr\Dysk Google ()
Shortcut: C:\Users\Piotr\Links\GG dysk.lnk -> C:\Users\Piotr\GG dysk ()
Shortcut: C:\Users\Piotr\Favorites\GG dysk.lnk -> C:\Users\Piotr\GG dysk ()
Shortcut: C:\Users\Piotr\Desktop\CDBurnerXP.lnk -> D:\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\Piotr\Desktop\CrystalDiskInfo.lnk -> D:\CrystalDiskInfo\DiskInfo.exe (Crystal Dew World)
Shortcut: C:\Users\Piotr\Desktop\FurMark.lnk -> C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.15\FurMark.exe (Geeks3D (www.geeks3d.com))
Shortcut: C:\Users\Piotr\Desktop\Omsi — skrót.lnk -> D:\OMSI2\Omsi.exe (MR-Software)
Shortcut: C:\Users\Piotr\Desktop\Train Simulator 2015.lnk -> D:\Train Simulator 2015\RailWorks.exe ()
Shortcut: C:\Users\Piotr\Desktop\Watch_Dogs.exe — skrót.lnk -> D:\WATCH_DOGS\bin\Watch_Dogs.exe (Ubisoft Entertainment)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Word\Justyna%20Kijak%20(1)304351552153047359\Justyna%20Kijak%20(1).doc.lnk -> E:\Pobrane\Justyna Kijak (1).doc (No File)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\AQQ.lnk -> D:\AQQ\AQQ.exe (AQQ Sp. z o.o.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk -> C:\Users\Piotr\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk -> C:\Users\Piotr\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Co nowego w ostatniej wersji.lnk -> D:\WinRAR\CoNowego.txt ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Podręcznik RARa dla konsoli.lnk -> D:\WinRAR\Rar.txt ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Pomoc WinRARa.lnk -> D:\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> D:\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\Tutorial_SW.lnk -> D:\BearPaw 2400CU Plus\Driver\sw_tuto.exe ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs\More Portable Programs.lnk -> C:\2-click run\More Portable Programs.url (No File)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software\Opera.lnk -> D:\Opera\28.0.1750.51\opera.exe (Opera Software)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPortal\AQQ\Deinstalacja.lnk -> D:\AQQ\uninstall.exe ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPortal\AQQ\Uruchom AQQ.lnk -> D:\AQQ\AQQ.exe (AQQ Sp. z o.o.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIGABYTE\GIGABYTE VGA @BIOS\GIGABYTE VGA @BIOS.lnk -> C:\Users\Piotr\AppData\Roaming\Microsoft\Installer\{AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}\_BIOS.exe_AA12545D5EB84078AFD98E8DC0AE3A76.exe (Macrovision Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\Binutils Manual.lnk -> D:\GCC\manual\binutils\binutils.html ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\cpp Manual.lnk -> D:\GCC\manual\cpp\cpp.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\Gcc Manual.lnk -> D:\GCC\manual\gcc\gcc.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\gdb Manual.lnk -> D:\GCC\manual\gdb\gdb.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\gFortran Manual.lnk -> D:\GCC\manual\gfortran\gfortran.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\gprof Manual.lnk -> D:\GCC\manual\gprof\gprof.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\Make Manual.lnk -> D:\GCC\manual\make\make.html ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\openmp.lnk -> D:\GCC\manual\openmp\libgomp.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCC 4.6.4\quad precision math library.lnk -> D:\GCC\manual\quadmath\libquadmath.pdf ()
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BearPaw 2400CU Plus\Direct Scan.lnk -> D:\BearPaw 2400CU Plus\Driver\WATCH.exe (Common Group)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run\Spintires v1.0 (2014)\Spintires.lnk -> D:\Spintires v1.0 (2014)\SpinTires.exe (Oovee Ltd.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\SendTo\Dysk lokalny (E).lnk -> E:\ (No File)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ALLPlayer.lnk -> D:\ALLPlayer\ALLPlayer.exe (ALLPlayer Group Ltd.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CDBurnerXP.lnk -> D:\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ChomikBox.lnk -> D:\Chomikbox\ChomikBox.exe ( )
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDFCreator.lnk -> D:\PDFCreator\PDFCreator.exe (pdfforge)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uruchom AQQ.lnk -> D:\AQQ\AQQ.exe (AQQ Sp. z o.o.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acronis True Image 2014.lnk -> D:\ATU Premium\TrueImageHome\TrueImageLauncher.exe (Acronis)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AVG PC TuneUp 2015.lnk -> D:\TuneUp Utilities 2015\Integrator.exe (AVG Technologies)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Corel VideoStudio Pro X4.lnk -> D:\Corel VideoStudio Pro X4\vstudio.exe (Corel TW Corp.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\DAEMON Tools Lite.lnk -> D:\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FeedDemon.lnk -> D:\FeedDemon\FeedDemon.exe (NewsGator Technologies, Inc.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GG (2).lnk -> C:\Users\Piotr\AppData\Local\GG\Application\ggapp.exe (GG Network S.A.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GG.lnk -> C:\Users\Piotr\AppData\Local\GG\Application\ggapp.exe (GG Network S.A.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> D:\ff\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera (2).lnk -> D:\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> D:\Opera\launcher.exe (Opera Software)
Shortcut: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TrueCrypt.lnk -> D:\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
Shortcut: C:\Users\Piotr\AppData\Local\OpenFM\Application\openfm.lnk -> C:\Users\Piotr\AppData\Local\OpenFM\Application\openfm.exe (Mozilla Foundation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Piotr\AppData\Local\GG\Application\gg.lnk -> C:\Users\Piotr\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
Shortcut: C:\Users\Public\Desktop\Alcohol 120%.lnk -> C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe (Alcohol Soft Development Team)
Shortcut: C:\Users\Public\Desktop\CorelDRAW X5.lnk -> C:\Windows\Installer\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}\NewShortcut1.exe (Acresso Software Inc.)
Shortcut: C:\Users\Public\Desktop\CPUID HWMonitor.lnk -> D:\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\Free Editor.lnk -> D:\Free Editor\FreeEditor.exe ()
Shortcut: C:\Users\Public\Desktop\GetDataBack for NTFS.lnk -> D:\Runtime Software\GetDataBack for NTFS\gdbnt.exe (Runtime Software)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> D:\ff\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\PDFCreator.lnk -> D:\PDFCreator\PDFCreator.exe (pdfforge)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\The Sims 4.lnk -> D:\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.)
Shortcut: C:\Users\Public\Desktop\Video Tutorials.lnk -> C:\Windows\Installer\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}\NewShortcut6_CB374E334DC6464A9290A10D941E6568.exe (Acresso Software Inc.)
Shortcut: C:\Users\Public\Desktop\VMware Workstation.lnk -> D:\vmware\vmware.exe (VMware, Inc.)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VUGames\SWAT 4\Odinstaluj SWAT 4.lnk -> C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe (InstallShield Software Corporation) -> /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}  uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Odinstaluj QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {8DC42D05-680B-41B0-8878-6C14D24602DB} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\Reset settings.lnk -> C:\Program Files (x86)\ManyCam\ManyCam.exe (Visicom Media Inc.) -> --remove-settings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Odinstaluj Kaspersky Internet Security.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{8ED07EBD-22AD-415A-B71E-C1AD86862C2E} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter64.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configureAudio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow64\ffdshow.ax",configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax",configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavaudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavsplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video (x64).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV64\lavvideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk -> C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) -> "C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madVR.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Filters\madVR\madHcCtrl.exe (madshi.net) -> editLocalSettingsDontWait
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk -> C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe () -> /resetsettings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> D:\JRE 8 X32\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> D:\JRE 8 X32\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0\Readme.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> "D:\EAGLE-7.1.0\doc\README_en.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 7.1.0\Update Documentation.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> "D:\EAGLE-7.1.0\doc\UPDATE_en.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0\Readme.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> "D:\EAGLE-6.5.0\doc\README_en.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAGLE Layout Editor 6.5.0\Update Documentation.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> "D:\EAGLE-6.5.0\doc\UPDATE_en.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5\Documentation\CorelDRAW Graphics Suite X5 Guidebook (PDF).lnk -> D:\Corel\CorelDRAW Graphics Suite X5\Setup\DocLauncher.exe (Corel Corporation) -> Help\GB.pdf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl\Odinstaluj ChomikBox.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {C7B52FAF-58D8-438C-B810-F78C3C927504}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Pomoc.lnk -> C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Check for updates.lnk -> D:\ATU Premium\TrueImageHome\TrueImageLauncher.exe (Acronis) -> /check_updates
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Clone Disk.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /clone_disk
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Convert Acronis backup.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /convert_tib_to_vhd
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Convert Windows backup.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /convert_vhd_to_tib
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\DriveCleanser.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /drive_cleanser
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\File Shredder.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /file_shredder
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Mount Image.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /mount_image
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\System Clean-up.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /system_cleanup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Tools and Utilities\Try&Decide.lnk -> D:\ATU Premium\TrueImageHome\TrueImageTools.exe (Acronis) -> /tnd_tool
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Piotr\Desktop\hibernuj.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> -h
ShortcutWithArgument: C:\Users\Piotr\Desktop\Reset.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /r /t 1
ShortcutWithArgument: C:\Users\Piotr\Desktop\Wyłącz.lnk -> C:\Windows\System32\shutdown.exe (Microsoft Corporation) -> /s /t 1
ShortcutWithArgument: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIGABYTE\GIGABYTE VGA @BIOS\Uninstall GIGABYTE VGA @BIOS.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {AA12545D-5EB8-4078-AFD9-8E8DC0AE3A76}
ShortcutWithArgument: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\SendTo\AQQ.lnk -> D:\AQQ\AQQ.exe (AQQ Sp. z o.o.) -> AQQ_SHELL_EXTENSION
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Piotr\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Bitnami for XAMPP.url -> https://bitnami.com/stack/xampp?utm_source=bitnami&utm_medium=installer&utm_campaign=XAMPP%2BInstaller
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\FurMark online scores and ranking.url -> hxxp://ozone3d.net/redirect.php?id=217
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\Geeks3D.com.url -> hxxp://www.geeks3d.com/category/geeks3d/furmark-geeks3d/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\Homepage.url -> hxxp://www.ozone3d.net/benchmarks/fur/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\Scores comparative tables.url -> hxxp://ozone3d.net/redirect.php?id=222
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D\Benchmarks\FurMark_1.15\SLI and CrossFire support.url -> hxxp://ozone3d.net/redirect.php?id=211
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Acronis website.url -> hxxp://www.acronis.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\User's guide.url -> hxxp://download.acronis.com/pdf/ATIH2014_userguide_en-US.pdf
InternetURL: C:\Users\Piotr\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Piotr\Favorites\Odloty.pl sex anonse kobiet, ogłoszenia i anonse towarzyskie, sex oferty.url -> hxxp://www.odloty.pl/pl/ogloszenia-towarzyskie/katowice/centrum/ewcia19-final-w-cenie/89460.html
InternetURL: C:\Users\Piotr\Favorites\Pincoyashow 's Cam, Zdjęcia, Video i Live Chat Webcam na Cam4.url -> hxxp://www.cam4.pl/pincoyashow
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Pulpit Sc14\Załaczniki koniec mies\Kontakt z Serwisem.url -> 0
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Pulpit Sc14\Kontakty\Kontakt z Serwisem.url -> 0
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Pulpit Sc14\Justyna\KZZ\Kontakt z Serwisem.url -> 0
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Pulpit Sc14\Justyna\Inwentaryzacja 2011\Kontakt z Serwisem.url -> 0
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Nowy folder\Centralna Baza Druków Pocztowych (2).url -> https://10.1.1.11/cbdruk/
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Nowy folder\Centralna Baza Druków Pocztowych.url -> https://10.1.1.11/cbdruk/
InternetURL: C:\Users\Piotr\Desktop\Nowy folder\Nowy folder\EKN\Justyna\Centralna Baza Druków Pocztowych.url -> https://10.1.1.11/cbdruk/
InternetURL: C:\Users\Piotr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPortal\AQQ\AQQ Strona domowa.url -> hxxp://aqq.eu

==================== End of log =============================


[djarta]

Wykonaj wszystko z tego tematu: Kroki kończące temat.
Końcowo pokazujesz: raport z DelFix oraz raport z pełnego skanowania Malwarebytes

[Pablo922]

Jest już ok, dzięki.

Kod: Zaznacz cały

# DelFix v10.9 - Logfile created 10/04/2015 at 21:34:59
# Updated 27/02/2015 by Xplode
# Username : Piotr - PC
# Operating System : Windows 8.1 Pro  (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\Users\Piotr\Desktop\adwcleaner_4.201_www.INSTALKI.pl.exe
Deleted : C:\Users\Piotr\Desktop\FRST64.exe
Deleted : C:\Users\Piotr\Desktop\JRT.exe
Deleted : C:\Users\Piotr\Downloads\Extras.Txt
Deleted : C:\Users\Piotr\Downloads\OTL.Txt
Deleted : C:\Users\Piotr\Downloads\OTL 3.2.69.0 [1].exe
Deleted : HKLM\SOFTWARE\OldTimer Tools

########## - EOF - ##########


Kod: Zaznacz cały

Malwarebytes Anti-Malware
www.malwarebytes.org

Data skanu: 10 04 15
Czas skanu: 21:41:55
Raport:
Administrator: Tak

Wersja: 2.01.4.1018
Baza danych malware: v2015.04.10.06
Baza danych rootkitów: v2015.03.31.01
Licencja: Darmowy
Ochrona przeciw malware: Wyłączony
Ochrona przeciw szkodliwymi stronami: Wyłączony
Samoobrona: Wyłączony

System operacyjny: Windows 8.1
Procesor: x64
System plików: NTFS
Użytkownik: Piotr

Typ skanu: Niestandardowe skanowanie
Wynik: Zakończono
obiekty zeskanowane: 504398
Minęło: 45 min, 40 s

Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Wyłączony
Rootkity: Wyłączony
Heurystyka: Włączony
PUP: Włączony
PUM: Włączony

Procesy: 0
(Nie wykryto zagrożeń)

Moduły: 0
(Nie wykryto zagrożeń)

Klucze rejestru: 0
(Nie wykryto zagrożeń)

Wartości rejestru: 0
(Nie wykryto zagrożeń)

Dane rejestru: 0
(Nie wykryto zagrożeń)

Foldery: 0
(Nie wykryto zagrożeń)

Pliki: 0
(Nie wykryto zagrożeń)

Sektory fizyczne: 0
(Nie wykryto zagrożeń)


(end)