Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Big problem with virus or something.


  • Please log in to reply
50 replies to this topic

#1 MarioPL98

MarioPL98

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 15 December 2015 - 04:29 PM

Hi. Let's start from beginning, because it's much to describe.

I tried to format pendrive to fat32 with 60 GB partition. I downloaded that program www.ridgecrop.demon.co.uk/index.htm?guiformat.htm . After download my 360 Total Security warned me about trojan in this file, he moved it to quarantine. While moving to quarantine 360 freezed for few seconds and then everything happend. Maybe i will write all in list:

1. Almost every icon on desktop got padlock in corner. Any permission changes or taking files/folders ownership didn't help. 

2. wuauserv began to take 25% of cpu (1 core of 4), when i turn it off, it goes back on

3. Page file resetted to default, and when i tried to change it back, after restart i got messenge " there was a problem with the page file configuration and the system has created a temporary page file". Nothing helps. Now pagefile is taking almost 14 GB and I have 1 GB free space on my SSD (I have 16 GB ram and pagefile was disabled before)

4. Also i got some weird, random alerts about denied access while i tried to open some files or system settings.

5. Tried scanning with MBam and 360 with 3 search engines enabled. 

6. Tried to search services and processes manually, but everything seems to be like before.

 

Now I'm downloading Eset Sysrescue.

 

PC Specs: phenom II 960t, 2x8 gb ram crucial ddr3, kingston ssd 120GB, seagate HDD 500GB, msi 870a-g46 MB, HD 6770
 

GUYS HELP, I HAVE WORK TO DO AND THIS F**** ME UP :C

PS I haven't backup.



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:08 PM

Posted 16 December 2015 - 10:19 AM

Hi MarioPL98 :)

My name is Aura and I'll be assisting you with your issue. Follow the instructions below please.

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • Flush DNS;
    • Report IE Proxy Settings;
    • Reset IE Proxy Settings;
    • Report FF Proxy Settings;
    • Reset FF Proxy Settings;
    • List content of Hosts;
    • List IP Configuration;
    • List Winsock Entries;
    • List Last 10 Event Viewer Errors;
    • List Installed Programs;
    • List Devices - Only Problems;
    • List Users, Partitions and Memory size;
      OQmAcqS.png
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 MarioPL98

MarioPL98
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 16 December 2015 - 11:08 AM

Somehow I removed those paddlocks, but i still get error with pagefile at startup. System says that temporary page file was created but when i tried do delete pagefile it just did it (as far as I remember there was error that file is in use). Now there is no pagefile but I can't turn it on. Anyway I wasn't using pagefile last 2 years, because I have 16 gigs of ram and 5GB space on SSD (HDD is slow as f***).

 

Log:

MiniToolBox by Farbar  Version: 02-11-2015
Ran by USER (administrator) on 16-12-2015 at 16:57:42
Running from "C:\Users\USER\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: MS-7599 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Konfiguracja IP systemu Windows
 
Pomylnie oprniono pami podrczn programu rozpoznawania nazw DNS.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Hamachi Network Interface = Hamachi (Connected)
TP-LINK 150Mbps Wireless N PCI Express Adapter = Połączenie sieci bezprzewodowej 3 (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Realtek PCIe GBE Family Controller = Połączenie lokalne (Media disconnected)
 
 
# ----------------------------------
# Konfiguracja IPv4
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=disabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Tak
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
 
 
popd
# Koniec konfiguracji IPv4
 
 
 
Konfiguracja IP systemu Windows
 
   Nazwa hosta . . . . . . . . . . . : USER-Komputer
   Sufiks podstawowej domeny DNS . . : 
   Typ wza . . . . . . . . . . . . : Hybrydowy
   Routing IP wczony . . . . . . . : Nie
   Serwer WINS Proxy wczony. . . . : Nie
   Lista przeszukiwania sufiksw DNS : home
 
Karta bezprzewodowej sieci LAN Poczenie sieci bezprzewodowej 4:
 
   Stan nonika . . . .  . . . . . . .: Nonik odczony
   Sufiks DNS konkretnego poczenia : 
   Opis. . . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Adres fizyczny. . . . . . . . . . : 8A-DE-27-67-A9-81
   DHCP wczone . . . . . . . . . . : Tak
   Autokonfiguracja wczona . . . . : Tak
 
Karta bezprzewodowej sieci LAN Poczenie sieci bezprzewodowej 3:
 
   Sufiks DNS konkretnego poczenia : home
   Opis. . . . . . . . . . . . . . . : TP-LINK 150Mbps Wireless N PCI Express Adapter
   Adres fizyczny. . . . . . . . . . : E8-DE-27-67-A9-81
   DHCP wczone . . . . . . . . . . : Tak
   Autokonfiguracja wczona . . . . : Tak
   Adres IPv6 poczenia lokalnego . : fe80::e8a0:e893:277c:8dec%16(Preferowane) 
   Adres IPv4. . . . . . . . . . . . . : 192.168.1.2(Preferowane) 
   Maska podsieci. . . . . . . . . . : 255.255.255.0
   Dzierawa uzyskana. . . . . . . . : 16 grudnia 2015 15:38:19
   Dzierawa wygasa. . . . . . . . . : 17 grudnia 2015 15:38:20
   Brama domylna. . . . . . . . . . : 192.168.1.254
   Serwer DHCP . . . . . . . . . . . : 192.168.1.254
   Identyfikator IAID DHCPv6 . . . . : 350805543
   Identyfikator DUID klienta DHCPv6 : 00-01-00-01-1A-50-B8-E7-6C-62-6D-3C-B1-04
   Serwery DNS . . . . . . . . . . . : 192.168.1.254
   NetBIOS przez Tcpip . . . . . . . : Wczony
 
Karta Ethernet Poczenie lokalne:
 
   Stan nonika . . . .  . . . . . . .: Nonik odczony
   Sufiks DNS konkretnego poczenia : 
   Opis. . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Adres fizyczny. . . . . . . . . . : 6C-62-6D-3C-B1-04
   DHCP wczone . . . . . . . . . . : Tak
   Autokonfiguracja wczona . . . . : Tak
 
Karta Ethernet Hamachi:
 
   Sufiks DNS konkretnego poczenia : 
   Opis. . . . . . . . . . . . . . . : Hamachi Network Interface
   Adres fizyczny. . . . . . . . . . : 7A-79-19-80-D8-0A
   DHCP wczone . . . . . . . . . . : Tak
   Autokonfiguracja wczona . . . . : Tak
   Adres IPv6. . . . . . . . . . . . : 2620:9b::1980:d80a(Preferowane) 
   Adres IPv6 poczenia lokalnego . : fe80::5175:cdf2:636f:6b22%14(Preferowane) 
   Adres IPv4. . . . . . . . . . . . . : 25.128.216.10(Preferowane) 
   Maska podsieci. . . . . . . . . . : 255.0.0.0
   Dzierawa uzyskana. . . . . . . . : 16 grudnia 2015 15:38:18
   Dzierawa wygasa. . . . . . . . . : 15 grudnia 2016 15:40:25
   Brama domylna. . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   Serwer DHCP . . . . . . . . . . . : 25.0.0.1
   Identyfikator IAID DHCPv6 . . . . : 393902411
   Identyfikator DUID klienta DHCPv6 : 00-01-00-01-1A-50-B8-E7-6C-62-6D-3C-B1-04
   Serwery DNS . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS przez Tcpip . . . . . . . : Wczony
 
Karta Ethernet VirtualBox Host-Only Network:
 
   Sufiks DNS konkretnego poczenia : 
   Opis. . . . . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
   Adres fizyczny. . . . . . . . . . : 0A-00-27-00-00-00
   DHCP wczone . . . . . . . . . . : Nie
   Autokonfiguracja wczona . . . . : Tak
   Adres IPv6 poczenia lokalnego . : fe80::ed9f:d875:131b:b157%18(Preferowane) 
   Adres IPv4. . . . . . . . . . . . . : 192.168.56.1(Preferowane) 
   Maska podsieci. . . . . . . . . . : 255.255.255.0
   Brama domylna. . . . . . . . . . : 
   Identyfikator IAID DHCPv6 . . . . : 487063591
   Identyfikator DUID klienta DHCPv6 : 00-01-00-01-1A-50-B8-E7-6C-62-6D-3C-B1-04
   Serwery DNS . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS przez Tcpip . . . . . . . : Wczony
Serwer:  netiaspot.home
Address:  192.168.1.254
 
Nazwa:   google.com
Addresses:  2a00:1450:401b:801::200e
 77.252.2.82
 77.252.2.88
 77.252.2.89
 77.252.2.95
 77.252.2.96
 77.252.2.102
 77.252.2.103
 77.252.2.109
 77.252.2.110
 77.252.2.116
 77.252.2.117
 77.252.2.123
 
 
Badanie google.com [216.58.209.46] z 32 bajtami danych:
Odpowied z 216.58.209.46: bajtw=32 czas=11ms TTL=56
Odpowied z 216.58.209.46: bajtw=32 czas=11ms TTL=56
 
Statystyka badania ping dla 216.58.209.46:
    Pakiety: Wysane = 2, Odebrane = 2, Utracone = 0
             (0% straty),
Szacunkowy czas bdzenia pakietw w millisekundach:
    Minimum = 11 ms, Maksimum = 11 ms, Czas redni = 11 ms
Serwer:  netiaspot.home
Address:  192.168.1.254
 
Nazwa:   yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Badanie yahoo.com [98.139.183.24] z 32 bajtami danych:
Odpowied z 98.139.183.24: bajtw=32 czas=127ms TTL=48
Odpowied z 98.139.183.24: bajtw=32 czas=133ms TTL=48
 
Statystyka badania ping dla 98.139.183.24:
    Pakiety: Wysane = 2, Odebrane = 2, Utracone = 0
             (0% straty),
Szacunkowy czas bdzenia pakietw w millisekundach:
    Minimum = 127 ms, Maksimum = 133 ms, Czas redni = 130 ms
 
Badanie 127.0.0.1 z 32 bajtami danych:
Odpowied z 127.0.0.1: bajtw=32 czas<1 ms TTL=128
Odpowied z 127.0.0.1: bajtw=32 czas<1 ms TTL=128
 
Statystyka badania ping dla 127.0.0.1:
    Pakiety: Wysane = 2, Odebrane = 2, Utracone = 0
             (0% straty),
Szacunkowy czas bdzenia pakietw w millisekundach:
    Minimum = 0 ms, Maksimum = 0 ms, Czas redni = 0 ms
===========================================================================
Lista interfejsw
 17...8a de 27 67 a9 81 ......Microsoft Virtual WiFi Miniport Adapter #2
 16...e8 de 27 67 a9 81 ......TP-LINK 150Mbps Wireless N PCI Express Adapter
 11...6c 62 6d 3c b1 04 ......Realtek PCIe GBE Family Controller
 14...7a 79 19 80 d8 0a ......Hamachi Network Interface
 18...0a 00 27 00 00 00 ......VirtualBox Host-Only Ethernet Adapter
  1...........................Software Loopback Interface 1
===========================================================================
 
Tabela tras IPv4
===========================================================================
Aktywne trasy:
Miejsce docelowe w sieci   Maska sieci      Brama          Interfejs Metryka
          0.0.0.0          0.0.0.0         25.0.0.1    25.128.216.10   9256
          0.0.0.0          0.0.0.0    192.168.1.254      192.168.1.2     25
         25.0.0.0        255.0.0.0         On-link     25.128.216.10   9256
    25.128.216.10  255.255.255.255         On-link     25.128.216.10   9256
   25.255.255.255  255.255.255.255         On-link     25.128.216.10   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
     192.168.56.0    255.255.255.0         On-link      192.168.56.1    266
     192.168.56.1  255.255.255.255         On-link      192.168.56.1    266
   192.168.56.255  255.255.255.255         On-link      192.168.56.1    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     25.128.216.10   9256
        224.0.0.0        240.0.0.0         On-link      192.168.56.1    266
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     25.128.216.10   9256
  255.255.255.255  255.255.255.255         On-link      192.168.56.1    266
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Trasy trwae:
  Adres sieciowy   Maska sieci           Adres bramy                  Metryka
          0.0.0.0          0.0.0.0         25.0.0.1  Domylne 
===========================================================================
 
Tabela tras IPv6
===========================================================================
Aktywne trasy:
 Jeli Metryka Miejsce docelowe w sieci      Brama
 14   9020 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 14    276 2620:9b::/96             On-link
 14    276 2620:9b::1980:d80a/128   On-link
 14    276 fe80::/64                On-link
 18    266 fe80::/64                On-link
 16    281 fe80::/64                On-link
 14    276 fe80::5175:cdf2:636f:6b22/128
                                    On-link
 16    281 fe80::e8a0:e893:277c:8dec/128
                                    On-link
 18    266 fe80::ed9f:d875:131b:b157/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    276 ff00::/8                 On-link
 18    266 ff00::/8                 On-link
 16    281 ff00::/8                 On-link
===========================================================================
Trasy trwae:
 Jeli Metryka Miejsce docelowe w sieci      Brama
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/16/2015 03:40:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/16/2015 07:12:48 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/16/2015 12:57:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/16/2015 12:11:48 AM) (Source: SideBySide) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
 
Error: (12/16/2015 12:10:28 AM) (Source: SideBySide) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
 
Error: (12/16/2015 12:08:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2015 09:54:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2015 09:47:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2015 09:39:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2015 09:35:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (12/16/2015 04:49:09 PM) (Source: Schannel) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 40.
 
Error: (12/16/2015 04:49:09 PM) (Source: Schannel) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 40.
 
Error: (12/16/2015 03:38:19 PM) (Source: Service Control Manager) (User: )
Description: Nie można uruchomić usługi AODDriver4.2.0 z powodu następującego błędu: 
%%3
 
Error: (12/16/2015 03:38:09 PM) (Source: volmgr) (User: )
Description: Inicjowanie zrzutu awaryjnego nie powiodło się!
 
Error: (12/16/2015 07:11:25 AM) (Source: Service Control Manager) (User: )
Description: Nie można uruchomić usługi AODDriver4.2.0 z powodu następującego błędu: 
%%3
 
Error: (12/16/2015 07:10:54 AM) (Source: volmgr) (User: )
Description: Inicjowanie zrzutu awaryjnego nie powiodło się!
 
Error: (12/16/2015 12:55:52 AM) (Source: Service Control Manager) (User: )
Description: Nie można uruchomić usługi AODDriver4.2.0 z powodu następującego błędu: 
%%3
 
Error: (12/16/2015 12:55:42 AM) (Source: volmgr) (User: )
Description: Inicjowanie zrzutu awaryjnego nie powiodło się!
 
Error: (12/16/2015 12:54:17 AM) (Source: Service Control Manager) (User: )
Description: Nie można uruchomić usługi AODDriver4.2.0 z powodu następującego błędu: 
%%3
 
Error: (12/16/2015 12:54:06 AM) (Source: volmgr) (User: )
Description: Inicjowanie zrzutu awaryjnego nie powiodło się!
 
 
Microsoft Office Sessions:
=========================
Error: (12/16/2015 03:40:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/16/2015 07:12:48 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/16/2015 12:57:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/16/2015 12:11:48 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\USER\Desktop\esetsmartinstaller_plk.exe
 
Error: (12/16/2015 12:10:28 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\USER\Desktop\esetsmartinstaller_plk.exe
 
Error: (12/16/2015 12:08:28 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2015 09:54:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2015 09:47:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2015 09:39:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/15/2015 09:35:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-12-15 21:16:31.219
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\USER\Desktop\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-15 21:16:31.185
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\USER\Desktop\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-05 01:02:20.117
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-05 01:02:20.093
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-05 01:02:19.045
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-05 01:02:19.022
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-05 01:02:17.997
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-05 01:02:17.974
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-05 01:02:16.950
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-07-05 01:02:16.927
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.2.0.1021 - 360 Security Center)
7z SFX Builder v2.1 (HKLM-x32\...\{0C1F1BEB-C237-4E32-914F-2A7D7D56E79B}_is1) (Version: 2.1 - M. Brunjadze)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.19.2 - Mirillis)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Any File Remover wersja 10.0 (HKLM-x32\...\{55D9567E-7993-4F10-952B-7FFEE5DA2584}_is1) (Version: 10.0 - SAT-NET)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{9F429DF7-F8DD-4980-9673-E6DACA012F6C}) (Version: 3.3 - Microsoft Corporation) Hidden
ASIO Proxy for foobar2000 (HKLM-x32\...\ASIOProxy) (Version: 0.7.1.2 - Maxim V.Anisiutkin)
Automatyczna aktualizacja oprogramowania Creative (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Avidemux 2.6 (HKLM-x32\...\Avidemux 2.6 (64-bit)) (Version: 2.6.1.8321 - )
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.739 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.06.0005 - Bloody)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Camtasia Studio 8 (HKLM-x32\...\{1B57499B-1BEB-426A-A406-D9D004A1D2CE}) (Version: 8.5.0.1954 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CodeBlocks (HKCU\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Creative Live! Cam Vista IM Driver (1.11.02.00) (HKLM\...\Creative VF0260) (Version:  - )
Creative Live! Central 3 (HKLM-x32\...\Creative Live! Central 2) (Version: 3.01.21 - Creative Technology Ltd)
Creeper World 3 Arc Eternal (HKLM-x32\...\Q3JlZXBlcldvcmxkM0FyY0V0ZXJuYWw=_is1) (Version: 1 - )
CrystalDiskMark 3.0.3b (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3b - Crystal Dew World)
CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0348 - Disc Soft Ltd)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.1.2 - DivX, LLC)
Duplicate Cleaner Pro 3.2.6 (HKLM-x32\...\Duplicate Cleaner Pro) (Version: 3.2.6 - DigitalVolcano Software Ltd)
DVDStyler v2.9.2 (HKLM-x32\...\DVDStyler_is1) (Version:  - )
Dxtory version 2.0.127 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.127 - ExKode Co. Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Exact Audio Copy 1.0beta4 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta4 - Andre Wiethoff)
Fallout New Vegas Ultimate Edition (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: Fallout New Vegas Ultimate Edition - )
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015PL_is1) (Version: 1.2.0.0 - GIANTS Software)
FastImageResizer (remove only) (HKLM-x32\...\FastImageResizer) (Version:  - )
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Audio Editor 2014 v8.9.2 (HKLM-x32\...\Free Audio Editor 2014_is1) (Version:  - Copyright© 2005-2014 FAEMedia, Inc.)
Free Download Manager 3.9.3 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Geeks3D FurMark 1.12.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 3.0.9.0 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Deskjet 2540 series — podstawowe oprogramowanie urządzenia (HKLM\...\{6C828975-2FD1-4B84-AC7C-FFF4FB1EAD76}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 2540 series Pomoc (HKLM-x32\...\{387813C9-5DFE-453E-95AE-142F2C6E929E}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Informacje o systemie Creative (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Intel® IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation)
InterVideo DeviceService (HKLM-x32\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.20 - IObit)
ISO Creator 1.0 (HKLM-x32\...\{78D80EAF-1ADB-46A8-AF6F-EBB18B6ADBCE}) (Version: 1.0.0 - Bunny-Wabbit)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JD SimWheel Server version 4.1 (HKLM-x32\...\{8D1397D0-6905-4B9C-9CDF-8B9B109BD35B}_is1) (Version: 4.1 - John Diamantis)
K-Lite Mega Codec Pack 11.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.5 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\{5DE67937-45D5-45E4-923C-0B7F7EC929A7}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.5.2.0 - Lightworks)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Live Update 5 (HKLM-x32\...\{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1) (Version: 5.0.111 - MSI)
Live! Cam Sync HD VF0770 Driver (1.00.02.00) (HKLM\...\Creative VF0770) (Version:  - Creative Technology Ltd.)
LocalESPCui for pl-pl Dev12 (HKLM-x32\...\{A434BC99-C8B4-38F9-4EFD-C0FD1530C9EE}) (Version: 8.100.25984 - Microsoft) Hidden
LogMeIn Hamachi (HKLM-x32\...\{D31AA60E-A9E5-47CF-AE3C-C980C5A1FF51}) (Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LOOT wersja 0.8.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.1 - LOOT Team)
MagicYUV Lossless Video Codec version 1.1 (HKLM-x32\...\{90410593-E0EB-4F9B-B984-65BEA8F07B91}_is1) (Version: 1.1 - INNOMAGIC Bt.)
Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MeGUI (remove only) (HKLM-x32\...\MeGUI) (Version: 0.3.5 - MeGUI Team)
Microsoft .NET Framework 4.5 SDK - PLK Lang Pack (HKLM-x32\...\{DCBF58FD-AFD7-4F67-91EA-909B613EFB6A}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{9B1121CA-2BF6-3CD9-A047-AF9F803AFE93}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (ENU) (HKLM-x32\...\{AD82FCEF-6FDD-4C9B-8844-8BCBDC1091A0}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Language Pack - PLK (HKLM-x32\...\Microsoft Help Viewer 2.1 Language Pack - PLK) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office 2010 dla Użytkowników Domowych i Małych Firm (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MKVToolNix 7.9.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.9.0 - Moritz Bunkus)
Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pl)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
My MP4Box GUI 0.6.0.6 (HKLM\...\{3FBE3061-F2BC-4D3A-B4A9-8FB15C503F87}_is1) (Version: 0.6.0.6 - Matt Bodin)
NetWorx 5.3.3 (HKLM\...\NetWorx_is1) (Version:  - Softperfect Research)
New Vegas Configator version 1.6 (HKLM-x32\...\New Vegas Configator_is1) (Version: 1.6 - Rudolf Enberg)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.54.10 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
OMC ModPack Client wersja 1.2.6.2 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.2.6.2 - Odem Mortis)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{9c621a4b-905e-49a8-aaed-c7d6e1bc3e36}) (Version: latest - ppy Pty Ltd)
paint.net (HKLM\...\{87D5082F-F857-40FE-9C8A-3F2B6C39F426}) (Version: 4.0.2 - dotPDN LLC)
Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
ReClock (HKLM-x32\...\ReClock) (Version:  - SlySoft, Inc.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0015-0415-1000-0000000FF1CE}_Office14.SingleImage_{A3D90824-E20D-4AC0-BAAD-E52436E8CC9A}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0016-0415-1000-0000000FF1CE}_Office14.SingleImage_{A3D90824-E20D-4AC0-BAAD-E52436E8CC9A}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0018-0415-1000-0000000FF1CE}_Office14.SingleImage_{A3D90824-E20D-4AC0-BAAD-E52436E8CC9A}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0019-0415-1000-0000000FF1CE}_Office14.SingleImage_{A3D90824-E20D-4AC0-BAAD-E52436E8CC9A}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001A-0415-1000-0000000FF1CE}_Office14.SingleImage_{A3D90824-E20D-4AC0-BAAD-E52436E8CC9A}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0415-1000-0000000FF1CE}_Office14.SingleImage_{A3D90824-E20D-4AC0-BAAD-E52436E8CC9A}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.SingleImage_{EE3A99C9-FD8F-4923-9F82-27365DA4B873}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.SingleImage_{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0415-1000-0000000FF1CE}_Office14.SingleImage_{A0E29E5C-CA3F-4371-8481-BB8176D299A0}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-002C-0415-1000-0000000FF1CE}_Office14.SingleImage_{C14975C4-C57A-4A61-93C7-12F4D8C4DDC9}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F3FAAB68-7697-4B1F-A23A-72312565AEAB}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0415-1000-0000000FF1CE}_Office14.SingleImage_{371D932B-484D-47B7-BD1D-9AD00A056159}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-006E-0415-1000-0000000FF1CE}_Office14.SingleImage_{3EDF67B6-64E8-4F38-9537-B95115BE8B13}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00A1-0415-1000-0000000FF1CE}_Office14.SingleImage_{A3D90824-E20D-4AC0-BAAD-E52436E8CC9A}) (Version:  - Microsoft) Hidden
SHIFT 2 UNLEASHED™ (HKLM-x32\...\{E8C37E27-5205-4C8A-BECB-B00533045AAE}) (Version: 1.0.0.0 - Electronic Arts)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SmoothVideo Project version 3.1.6 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.6 - SVP)
SoftPerfect RAM Disk 3.4.5 (HKLM\...\{33A14ED9-0340-4193-BEDB-B95BC8196182}_is1) (Version:  - SoftPerfect Research)
SolveigMM AVI Trimmer wersja 2.1.1407.1 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 2.1.1407.1 - Solveig Multimedia)
Sony USB Driver (HKLM-x32\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version:  - )
Sorenson Squeeze (HKLM-x32\...\{AD11F61E-604D-4B15-8FC3-E587224CA3DE}) (Version: 10.0.0 - Sorenson Media)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SUPER © v2014.build.61+Recorder (2014/06/19) wersja v2014.build (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.61+Recorder - eRightSoft)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
SVP 4 (HKCU\...\{1a770802-9c34-455f-b992-9a84a9998d13}) (Version: 4.0 - SVP Team)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
TEdit 3 (HKLM-x32\...\{23522FB2-3CC3-4865-97C5-1A32A4776B02}) (Version: 3.5.14135.0 - BinaryConstruct)
Terrafirma (HKLM-x32\...\{9EA1E037-86B8-496B-9C8C-31B3E3017C53}) (Version: 2.2.2.0 - Sean Kasun)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tony Hawk's American Wasteland (HKLM-x32\...\{624CC3F0-77C2-476E-ACBF-7F530CAEAD3B}) (Version: 1.1 - Aspyr Media, Inc)
Total Recorder 8.5 Standard Edition (HKLM-x32\...\TotalRecorder) (Version:  - )
TP-LINK TL-WN781ND Driver (HKLM-x32\...\{87C7B472-9BC2-43C8-9F03-86D2908E1A51}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Ulead VideoStudio 11 (HKLM-x32\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{33952D66-D503-10CA-DD8E-E365C15EB4E0}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B048B812-32DE-3474-FA64-223B6A63AD47}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vhd Resizer (HKLM-x32\...\{8FAA57C5-7BD1-4285-B4B1-36D7337D7BE5}) (Version: 1.0.42 - Xcarab)
VideoStudio (HKLM-x32\...\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden
Virtual Wheel (HKLM\...\{83ADF5AC-6941-48BC-A5B9-C4AB3AD1DE74}) (Version: 0.3 - TinCanMan)
vJoy Device Driver 0.2.0.5 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 0.2.0.5 - Shaul Eizikovich)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VSO Inspector 2.0.2 (HKLM-x32\...\VSO Inspector_is1) (Version:  - VSO-Software SARL)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.)
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebM Project Directshow Filters (HKCU\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Wiedźmin Edycja Rozszerzona (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.4.5.1280 - CD Projekt Red)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.1.0 - Ministerstwo Finansów)
XMedia Recode version 3.2.5.8 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.5.8 - XMedia Recode)
XSplit Gamecaster (HKLM-x32\...\{5AADA165-FB60-41C0-8825-3E5B6C5F244C}) (Version: 2.1.1412.1628 - SplitmediaLabs)
 
========================= Devices: ================================
 
Name: USB Device(VID_1f3a_PID_efe8)
Description: USB Device(VID_1f3a_PID_efe8)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: USB Devices
Service: awUSB
Device ID: ROOT\USB\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.2.0
Device ID: ROOT\LEGACY_AODDRIVER4.2.0\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 17%
Total physical RAM: 16383.18 MB
Available physical RAM: 13510.21 MB
Total Virtual: 16381.39 MB
Available Virtual: 13205.94 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:111.69 GB) (Free:15.17 GB) NTFS
2 Drive d: (Dysk lokalny) (Fixed) (Total:465.66 GB) (Free:80.58 GB) NTFS
 
========================= Users: ========================================
 
Konta uľytkownik˘w dla \\USER-KOMPUTER
 
Administrator            Go†                     USER                     
Polecenie zostao wykonane pomylnie.
 
 
**** End of log ****


#4 MarioPL98

MarioPL98
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 16 December 2015 - 11:14 AM

I don't know why, but polish letters don't work in this program.



#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:08 PM

Posted 16 December 2015 - 11:25 AM

Personally, I think that the culprits here are 360 Total Security, and Advanced SystemCare 9. Both have "PC Booster" features that can cause these kind of random issues on a system since managing the pagefile is something they can do.

Also, you might want to consider using another Antivirus, since Qihoo 360 have been removed from the benchmark tests of reputed organizations due to deceptive practices.

https://www.virusbtn.com/pdf/VB-AVC-AVT-press-release.pdf

And about programs like Advanced SystemCare 9...

warning.gifPC Booster/Tune-Up Program Warning!
"PC Booster/Tune Up" programs are part of the worst programs you can install on a system. When it comes to messing up your system (Windows), these are as worst as malware. They are completely worthless and useless to use. The worst is that they'll often take action on your system without you knowing, nor authorizing it, which could lead to your system being altered in a way you don't want it to be or even worst, a "broke" system. Every feature they provide, you can either do it natively under Windows, do it via another standalone executable (which is way easier and safer to use) or they aren't providing something you need. Here's a few examples:
  • Cleaning temporary files: TFC (standalone executable), CCleaner (installed), Cleanmgr.exe (in-built);
  • Managing start-up entries: Autoruns (standalone executable), CCleaner (installed), Task Manager and Registry (in-built);
  • Driver Updater: Not needed, all you need is to go on your manufacturer website so you'll be sure to get the right, official, working drivers for your computer or hardware;
  • Registry Cleaner/Defragger: Completely useless and also dangerous;
  • Disk Defragging: Disk Defrag (in-built), O&O Disk Defrag (installed), Defraggler (installed);
  • Powerful uninstaller: Not needed, only needed when you have to make sure a program is completely uninstalled. Revo Uninstaller have a portable version you can use;
  • "Enhanced" Task Manager: Procexp (standalone executable), Process Hacker (portable or installed);
  • "Active security": Any Antivirus and Antimalware can beat that, easily. These programs aren't made to replace Antivirus or Antimalware products and shouldn't be seen as such;
  • Repair Hard Drive issues: Simple chkdsk /r command under Windows (in-built);
Having such program installing on your system will just bloat it down and you have more chances to have issues by using them than without. These products are advertised as a program that can solve all your issues, remove every malware, speed up your computer performance over 100%, etc. The truth is that there's not a single program that can do that. First of all, these programs aren't made to remove virus and malware, leave this in the hands of Antivirus and Antimalware, period. Secondly, there's so many kind of issues under Windows that there's not a single program that can address them all. If you think that BSOD (Blue Screen of Death) issues can be solved by opening a program and clicking on a "Fix" button, then I'm sorry to tell you but, you're wrong. Also, you cannot boost the performance of a hardware over it's hardware capabilities. Of course you can overclock some components, like your CPU, RAM and GPU, but these aren't done via these programs, but via your BIOS interface. I could recommend you a program for every feature these programs advertise, and also tell you exactly in detail why most of them are completely useless, such as Registry cleaner (dangerous to use), and driver updater (dangerous to use, and also completely useless, it'll not improve your system performance). In the end, buying such programs is the exact same as being scammed (because this is what it is, a pure scam) and using one of these programs will result you in having a system less performant than prior to using it.

Relevant articles if you want to read more about PC Boosters/Optimizers and why they are useless:This being said, I would start by uninstalling these programs.
  • 360 Total Security;
  • Advanced SystemCare 9 - I would also uninstall any programs you have by IObit;
  • Java 8 Update 45 - Outdated and vulnerable;
  • Java 8 Update 45 (64-bit) - Outdated and vulnerable;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 MarioPL98

MarioPL98
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 16 December 2015 - 11:33 AM

I don't use any of PC boosting options of either ACS and 360. I do It by myself and last time i did it about 2-3 weeks ago. I Use ASC only for things like duplicated file finder or folder/file defrag or  (on hdd). My antivirus before was Avast and I had huge problems with it. I'm also not newbie. I'm learning in third best technical school in country (IT specialist profile). Also i'm sure that not this program was a problem because all services of ASC were turned off while problem occured. The only thing that is turned on in 360 is real time scanner.

 

I won't change java version, because I had many troubles to set that one up to work with my apps (when i was switching from java 7)..

 

PS iObit tools aren't bad imho, but they need advanced user to work well. Never had problems with them. I'm using ASC from version 2 on many computers and never before had any problems related to this software.


Edited by MarioPL98, 16 December 2015 - 11:36 AM.


#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:08 PM

Posted 16 December 2015 - 11:44 AM

I'm pretty sure your 360 Total Security is what caused your issue. Maybe changing all the permissions and locking down the system is what it does in order to prevent an infection from doing any damage. In any cases, guiformat.exe is safe to use and not malicious. I guess this was a false positive from Qihoo 360, because no other Antivirus detects it as malicious as well (not even Qihoo).

https://www.virustotal.com/fr/file/647fb4f5108af632c3d52fec34934922c50c70585697504e92fb80b3b7d05ee3/analysis/1450284048/
 

I Use ASC only for things like duplicated file finder


I would avoid using such features/programs, because you can easily delete system files and thus create corruption on your system (which I suspect is already present according to your Event Viewer log).
 

I won't change java version, because I had many troubles to set that one up to work with my apps (when i was switching from java 7)..


In that case you should disable it in all your web browsers and only enable it when you need it and you are sure the website you're on is safe. Because right now, running this version of Java creates a security hole in your system sadly.

Also, it appears that your pagefile issue is related to your messed up permissions problem as well.

https://support.microsoft.com/en-us/kb/315270

Edited by Aura, 16 December 2015 - 11:45 AM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 MarioPL98

MarioPL98
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 16 December 2015 - 11:50 AM

For things like duplicated file finder IN 1 SEPARATED FOLDER, where i store my photos for example and when i do fast backup, I just copy all photos, not checking if i copied them before*****

 

Java is disabled in all browsers, because I hate when some java popup appears. Chrome even doesn't support java.

 

And about that virus - maybe it was just single infected file caused by any javascript or something like that.



#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:08 PM

Posted 16 December 2015 - 11:51 AM

We aren't sure if you are infected yet or not. We can check quickly however, but I doubt.

zcMPezJ.pngAdwCleaner - Scan Mode
  • Download AdwCleaner and move it to your Desktop;
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the EULA (I accept), let the database update, then click on Scan;
  • Let the scan complete. Once it's done, click on the Logfile button to open the scan log;
  • Please copy/paste the content of the log that will open in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 MarioPL98

MarioPL98
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 16 December 2015 - 11:56 AM

I used AdwCleaner before 2 times but I couldn't download this version

 

Przechwytywanie.png

 

Even now this appears. It didn't with versions before 5.0.2.5. I have 5.014 and it works well. Should I add this to trusted files? Also the same thing happens with guiformat.exe



#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:08 PM

Posted 16 December 2015 - 12:00 PM

For the time being, it would be best if you completely disable Qihoo 360, as it might interfere with the scans.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 MarioPL98

MarioPL98
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 16 December 2015 - 12:11 PM

AdwCleaner didn't find anything.

Also this appears every boot
DSC_0770.jpg



#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:08 PM

Posted 16 December 2015 - 12:12 PM

This is a buggy startup entry. Follow the instructions below please.

sUc2qjf.pngAutoruns - Start-up Entries
Follow the instructions below to give me an Autoruns log containing your start-up entries:
  • Download Autoruns.zip from the Sysinternals Suite webpage;
  • Extract the content of the Autoruns.zip folder where you want, then go in the folder, right-click on Autoruns.exe and select Run as Administrator;
  • Accept the EULA on opening, then wait for all the entries to load;
  • Click on File then Save and save the file to a location easily accessible as a .arn (Autoruns) file;
  • Upload the file on Dropbox, Google Drive or OneDrive and post the download URL for it here;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 MarioPL98

MarioPL98
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 16 December 2015 - 12:21 PM

http://sendfile.es/pokaz/612015---arq8.html < .arn

 

And that fix https://support.microsoft.com/en-us/kb/315270 is for windows xp, not windows 7.

 

Even, if i set to use default page file, it doesn't work.

 

If I click yes in this UAC prompt at startup, i get alert like this http://jackstromberg.com/wp-content/uploads/2014/01/Windows-7-Error-a-problem-occured-with-your-paging-file-configuration.png


Edited by MarioPL98, 16 December 2015 - 12:25 PM.


#15 MarioPL98

MarioPL98
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:12:08 AM

Posted 16 December 2015 - 12:28 PM

Now I noticed that update service takes 1 core of my cpu in about 10-20 min from boot. Then it just stops.






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users