Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unpleasant visit of zodiac-game.info


  • This topic is locked This topic is locked
19 replies to this topic

#1 MetalowaGlowa

MetalowaGlowa

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:12:09 PM

Posted 19 August 2016 - 10:08 AM

Hello, starting today I'm troubled by zodiac-game.info web page opening at the start of the system. It opens in Edge browser (the only one I do not use at all) yet it is annoying.

Tried to follow internet advices and remove it manually (uninstall suspicious programs, folders and registry entries in pointed locations) didn't achieve almost anything. 

Noticed one thing - while removing some bad registry entries a quick .cmd (a little black window) appeared and quickly disappeared - guess something started to run, the same happend at first scan wid adwCleaner when it showed 7 threats.

Had some experience with this forum so far (you've helped a lot) so i know the drill.

Malwarebytes, FRST, and AdwCleaner logs as follows:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Data skanowania: 2016-08-19
Czas skanowania: 16:23
Raport: malware scan.txt
Administrator: Tak
 
Wersja: 2.2.1.1043
Baza szkodliwego oprogramowania: v2016.08.19.06
Baza danych rootkitów: v2016.08.15.01
Licencja: Darmowa
Ochrona przed złośliwym oprogramowaniem: Wyłączony
Ochrona przed szkodliwymi stronami: Wyłączony
Samoobrona: Wyłączony
 
System operacyjny: Windows 10
Procesor: x64
System plików: NTFS
Użytkownik: metalowa_glowa
 
Typ skanowania: Dokładne skanowanie
Wynik: Zakończono
Obiekty przeskanowane: 409443
Czas, który upłynął: 21 min, 59 s
 
Pamięć: Włączony
Autostart: Włączony
System plików: Włączony
Archiwa: Wyłączony
Rootkity: Włączony
Heurystyka: Wyłączony
PUP: Włączony
PUM: Włączony
 
Procesy: 0
(Nie wykryto zagrożeń)
 
Moduły: 0
(Nie wykryto zagrożeń)
 
Klucze rejestru: 0
(Nie wykryto zagrożeń)
 
Wartości rejestru: 0
(Nie wykryto zagrożeń)
 
Dane rejestru: 0
(Nie wykryto zagrożeń)
 
Foldery: 0
(Nie wykryto zagrożeń)
 
Pliki: 0
(Nie wykryto zagrożeń)
 
Sektory fizyczne: 0
(Nie wykryto zagrożeń)
 
it's in Polish (sorry for that) it says "no threat detected"
 
(end)
 
FRST:
 
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 17-08-2016
Uruchomiony przez metalowa_glowa (administrator)  METALOWAGLOWA (19-08-2016 16:51:32)
Uruchomiony z C:\Users\metalowa_glowa\Downloads
Załadowane profile: metalowa_glowa (Dostępne profile: metalowa_glowa & DefaultAppPool)
Platform: Windows 10 Home Wersja 1607 (X64) Język: Polski (Polska)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Edge)
Tryb startu: Normal
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ericsson AB) C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PC Remote) C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.0_none_36d3ccc3ddfd1ecb\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Rejestr (filtrowane) ===========================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2370856 2010-09-24] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-05] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\Run: [PC Remote Server] => C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe [1190648 2014-10-12] (PC Remote)
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\Run: [metalowa_glowa] => explorer.exe hxxp://sd-steam.info <===== UWAGA
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\RunOnce: [Uninstall C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\RunOnce: [Uninstall C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWoW64\nvinit.dll => C:\WINDOWS\SysWoW64\nvinit.dll [155952 2016-07-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} =>  Brak pliku
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} =>  Brak pliku
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} =>  Brak pliku
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} =>  Brak pliku
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-07-23]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-07-23]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-07-23]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.63
Tcpip\..\Interfaces\{485ebed6-fab5-4498-b889-9b560fbd2f13}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b82c5223-e8fa-4acc-b18a-543c18d3a4dd}: [DhcpNameServer] 62.179.1.61 62.179.1.63
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
Toolbar: HKLM - Brak nazwy - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Brak pliku
 
FireFox:
========
FF ProfilePath: C:\Users\metalowa_glowa\AppData\Roaming\Mozilla\Firefox\Profiles\qp32ipc2.default-1455479818204
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1362770674-4107001041-3769634335-1000: @my.com/Games -> C:\Users\metalowa_glowa\AppData\Local\MyComGames\NPMyComDetector.dll [2016-07-07] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-1362770674-4107001041-3769634335-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\metalowa_glowa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-04] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1362770674-4107001041-3769634335-1000: ubisoft.com/uplaypc -> D:\Gry\trials evol\datapack\orbit\npuplaypc.dll [Brak pliku]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-30]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
 
Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => Brak pliku
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentacje Google) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-27]
CHR Extension: (Dokumenty Google) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-27]
CHR Extension: (Dysk Google) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Arkusze Google) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-02]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-05-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-21]
 
Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\metalowa_glowa\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-06-28]
 
==================== Usługi (filtrowane) ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [337408 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_2de0c; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_2de0c; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [803840 2016-07-16] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [245312 2016-06-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6211648 2016-06-08] (GOG.com)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
S3 Origin Client Service; D:\Gry\klient ORIGIN\OriginClientService.exe [2122248 2016-06-17] (Electronic Arts)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2015-08-06] (PowerUp Software, LLC) [Brak podpisu cyfrowego]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-11-01] ()
S3 RmSvc; C:\Windows\System32\RMapi.dll [141312 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe [463912 2010-06-09] (Ericsson AB)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_2de0c; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_2de0c; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
 
===================== Sterowniki (filtrowane) ==========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-08-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-04-14] ()
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-07-16] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel® Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [45920 2016-07-16] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-07-16] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; Brak ImagePath
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
 
==================== Jeden miesiąc - utworzone pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2016-08-19 16:51 - 2016-08-19 16:52 - 00024942 _____ C:\Users\metalowa_glowa\Downloads\FRST.txt
2016-08-19 16:51 - 2016-08-19 16:51 - 00000000 ____D C:\FRST
2016-08-19 16:50 - 2016-08-19 16:51 - 02394624 _____ (Farbar) C:\Users\metalowa_glowa\Downloads\FRST64.exe
2016-08-19 16:47 - 2016-08-19 16:47 - 00001831 _____ C:\Users\metalowa_glowa\Desktop\AdwCleaner.txt
2016-08-19 16:46 - 2016-08-19 16:46 - 00001124 _____ C:\Users\metalowa_glowa\Desktop\malware scan.txt
2016-08-19 16:12 - 2016-08-19 16:12 - 00000000 ____H C:\ProgramData\cm-lock
2016-08-19 15:42 - 2016-08-19 15:42 - 03784256 _____ C:\Users\metalowa_glowa\Downloads\AdwCleaner.exe
2016-08-17 20:06 - 2016-08-17 20:06 - 00108139 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Siegajac wysoko - Raising the Bar (2016) [AC3.480p.WEB-DL.XviD-NOiSE] [Lektor PL].torrent
2016-08-17 20:06 - 2016-08-17 20:06 - 00062603 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Phantaruk 2016 [PL] [ISO] [CODEX].torrent
2016-08-17 20:06 - 2016-08-17 20:06 - 00016287 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Bounty Train 2016 [GOG].torrent
2016-08-16 22:56 - 2016-08-16 22:56 - 00000769 _____ C:\Users\metalowa_glowa\Desktop\Marvel Ultimate Alliance 2.lnk
2016-08-16 22:56 - 2016-08-16 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvel Ultimate Alliance 2
2016-08-14 21:34 - 2016-08-18 23:19 - 00000000 ____D C:\Users\metalowa_glowa\Documents\Telltale Games
2016-08-14 21:15 - 2016-08-14 21:15 - 00000000 ____D C:\Users\metalowa_glowa\Documents\Ghost Games
2016-08-14 20:59 - 2016-08-14 20:59 - 00120991 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] W harmonii - En équilibre - In Harmony (2015) [480p] [BRRiP] [XViD-faldi] [AC3] [Lektor PL]  (1).torrent
2016-08-14 20:58 - 2016-08-14 20:58 - 00120991 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] W harmonii - En équilibre - In Harmony (2015) [480p] [BRRiP] [XViD-faldi] [AC3] [Lektor PL] .torrent
2016-08-14 20:48 - 2016-08-14 20:48 - 00594606 _____ C:\Users\metalowa_glowa\Downloads\SecondSight.WidescreenFix.zip
2016-08-14 20:35 - 2016-08-14 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GT Interactive
2016-08-14 20:34 - 2012-05-12 10:03 - 434159616 _____ C:\Users\metalowa_glowa\Desktop\Driver.iso
2016-08-14 19:06 - 2016-08-14 19:31 - 624341225 _____ C:\Users\metalowa_glowa\Downloads\Disneys_Tarzan_Action_Game-THEiSOZONE.7z
2016-08-14 18:27 - 2016-08-14 18:50 - 576755101 _____ C:\Users\metalowa_glowa\Downloads\Disneys_Hercules_Action_Game-THEiSOZONE.7z
2016-08-14 17:28 - 2016-08-14 17:36 - 178062547 _____ C:\Users\metalowa_glowa\Downloads\Dexters_Laboratory_-_Science_Aint_Fair-THEiSOZONE.7z
2016-08-14 15:16 - 2016-08-14 15:16 - 00000000 ____D C:\driver paralel lines
2016-08-14 15:08 - 2016-08-14 15:08 - 00000802 _____ C:\Users\Public\Desktop\The Wolf Among Us.lnk
2016-08-14 15:08 - 2016-08-14 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Wolf Among Us [GOG.com]
2016-08-14 15:01 - 2016-08-14 15:01 - 00031496 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Raj Wiara - Paradise Faith 2012 [720p BRRip XviD AC3-WiZARDS] [Lektor PL] [Ekipa TnT].torrent
2016-08-14 01:17 - 2016-08-14 01:17 - 00000154 _____ C:\Users\Public\Desktop\Earth Defense Force Insect Armageddon.lnk
2016-08-14 01:17 - 2016-08-14 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D3Publisher
2016-08-13 23:23 - 2016-08-13 23:23 - 00000920 _____ C:\Users\metalowa_glowa\Desktop\Eisenhorn XENOS.lnk
2016-08-13 23:23 - 2016-08-13 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eisenhorn XENOS
2016-08-13 16:33 - 2016-08-13 16:33 - 00057328 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] 45 lat - 45 Years (2015) [BDRiP] [XViD-K12] [Lektor PL].torrent
2016-08-13 16:32 - 2016-08-13 16:32 - 00057356 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Slaba plec- (2015) [DVDRiP] [XViD-K12] [Film PL].torrent
2016-08-13 16:29 - 2016-08-13 16:29 - 00056866 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Gernika. Prawdziwa historia - Gernika - Guernica (2016) [WEB-DL.XviD-KiT] [ENG] [Lektor PL].torrent
2016-08-13 16:29 - 2016-08-13 16:29 - 00056798 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Mam na imie Emily - My Name Is Emily (2015) [HDTV.XviD-NOiSE] [ENG] [Lektor PL].torrent
2016-08-13 16:27 - 2016-08-13 16:27 - 00086371 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Klub - The Club - El Club (2015) [BDRiP] [XViD-K12] [Lektor PL] .torrent
2016-08-13 16:22 - 2016-08-13 16:22 - 00023293 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Rising Islands 2016 [CODEX].torrent
2016-08-12 21:46 - 2016-08-12 21:46 - 00000000 ____D C:\Users\metalowa_glowa\AppData\LocalLow\Ghost Town Games
2016-08-11 20:34 - 2016-08-11 20:34 - 00038591 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Eisenhorn- Xenos 2016 [ENG] [ISO] [CODEX].torrent
2016-08-09 20:29 - 2016-08-09 20:29 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-08-09 20:26 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-09 20:26 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-09 20:26 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-09 20:26 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-09 20:26 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-09 20:26 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-09 20:26 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-09 20:26 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-09 20:26 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-09 20:26 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-09 20:26 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-09 20:26 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-09 20:26 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-09 20:26 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-09 20:26 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-09 20:26 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-09 20:26 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-09 20:26 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-09 20:26 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-09 20:26 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-09 20:26 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 20:26 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-09 20:26 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-09 20:26 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-09 20:26 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-09 20:26 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-09 20:26 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-09 20:26 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-09 20:26 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-09 20:26 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-09 20:26 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-09 20:26 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-09 20:26 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-09 20:26 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-09 20:26 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-09 20:26 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-09 20:26 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-09 20:26 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-09 20:26 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-09 20:26 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-09 20:26 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-09 20:26 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-09 20:26 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-09 20:26 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-09 20:26 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-09 20:26 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-09 20:26 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-09 20:26 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-09 20:25 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-09 20:25 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-09 20:25 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-09 20:25 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-09 20:25 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-09 20:25 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-09 20:25 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-08 14:52 - 2016-08-08 14:52 - 00003640 _____ C:\WINDOWS\System32\Tasks\metalowa_glowa
2016-08-07 22:00 - 2016-08-07 22:03 - 03788441 _____ C:\Users\metalowa_glowa\Downloads\SC1_PS3_Textures.zip
2016-08-07 20:03 - 2016-08-07 20:05 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-07 19:33 - 2016-08-07 19:33 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-08-07 19:33 - 2016-08-07 19:33 - 00000000 ____D C:\WINDOWS\system32\NV
2016-08-07 19:33 - 2016-08-07 19:33 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-07 19:33 - 2016-07-11 04:34 - 01887800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvCamera64.dll
2016-08-07 19:33 - 2016-07-11 04:34 - 01595840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvCamera32.dll
2016-08-07 19:33 - 2016-05-04 04:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-07 19:33 - 2016-05-04 04:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-07 19:33 - 2016-05-04 04:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-07 19:33 - 2016-05-04 04:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-07 19:32 - 2016-07-11 04:34 - 00213952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-07 19:32 - 2016-07-11 04:34 - 00203320 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-07 19:30 - 2016-07-18 08:56 - 00047040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-08-07 19:30 - 2016-07-11 04:34 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 35117112 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 31680568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 25442240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 20417200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 17764408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 17463992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 14487768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 10700592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 10656296 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 10243600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 09028360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 08742360 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 08622576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 03382240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 02868160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 02497984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 01939000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436881.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436881.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00999872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00930360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00909248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00852024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00694488 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00583920 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-07 19:27 - 2016-08-07 19:27 - 00000000 ____D C:\NVIDIA
2016-08-07 16:25 - 2016-08-07 16:25 - 00056815 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Niesamowity swiat April - Avril et le monde truqué - April and the Extraordinary World (2015) [BDRip.XviD-B89] [Dubbing PL].torrent
2016-08-07 11:54 - 2016-08-18 23:50 - 00000000 ____D C:\Nowy folder
2016-08-06 15:33 - 2016-08-06 15:33 - 00000222 _____ C:\Users\metalowa_glowa\Desktop\Batman Arkham Origins Blackgate - Deluxe Edition.url
2016-08-06 11:49 - 2016-08-06 11:32 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-06 11:45 - 2016-08-17 19:46 - 00000000 ____D C:\Windows.old
2016-08-06 11:45 - 2016-08-06 11:45 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-06 11:45 - 2016-08-06 11:45 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-06 11:45 - 2016-08-06 11:45 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-06 11:45 - 2016-08-06 11:45 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-06 11:45 - 2016-07-15 20:29 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-08-06 11:45 - 2016-07-15 20:29 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-08-06 11:45 - 2016-07-15 20:14 - 06354944 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-08-06 11:45 - 2016-07-15 19:45 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-08-06 11:45 - 2016-07-15 19:29 - 05489664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-08-06 11:44 - 2016-08-06 11:44 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\Program Files\MSBuild
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\inetpub
2016-08-06 11:41 - 2016-08-06 11:08 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-06 11:40 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-06 11:40 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-06 11:40 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-06 11:40 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-06 11:40 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-06 11:40 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-06 11:30 - 2016-08-06 11:30 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2016-08-06 11:27 - 2016-08-06 11:27 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-06 11:24 - 2016-08-06 16:04 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\ConnectedDevicesPlatform
2016-08-06 11:24 - 2016-08-06 11:24 - 00000000 ____D C:\ProgramData\USOShared
2016-08-06 11:23 - 2016-08-06 11:23 - 00000020 ___SH C:\Users\metalowa_glowa\ntuser.ini
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Szablony
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Moje dokumenty
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Menu Start
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Dane aplikacji
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historia
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dane aplikacji
2016-08-06 11:21 - 2016-08-06 11:22 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2016-08-06 11:21 - 2016-08-06 11:22 - 00011433 _____ C:\WINDOWS\diagerr.xml
2016-08-06 11:17 - 2016-08-19 16:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-06 11:17 - 2016-08-06 11:17 - 00003596 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-06 11:17 - 2016-08-06 11:17 - 00003494 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-08-06 11:17 - 2016-08-06 11:17 - 00003432 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1463820016
2016-08-06 11:17 - 2016-08-06 11:17 - 00003372 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-06 11:17 - 2016-08-06 11:17 - 00003356 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1407442411
2016-08-06 11:17 - 2016-08-06 11:17 - 00003188 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-08-06 11:17 - 2016-08-06 11:17 - 00002980 _____ C:\WINDOWS\System32\Tasks\CTF Host
2016-08-06 11:17 - 2016-08-06 11:17 - 00002814 _____ C:\WINDOWS\System32\Tasks\klcp_update
2016-08-06 11:17 - 2016-08-06 11:17 - 00002308 _____ C:\WINDOWS\System32\Tasks\{73EF4EB6-093C-4D3A-A3F9-87995FFD12A2}
2016-08-06 11:17 - 2016-08-06 11:17 - 00002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-06 11:17 - 2016-08-06 11:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-08-06 11:17 - 2016-08-06 11:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2016-08-06 11:05 - 2016-08-06 11:05 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-06 11:00 - 2016-08-06 11:00 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-08-06 10:59 - 2016-08-06 11:08 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-06 10:57 - 2016-08-15 12:21 - 00000000 ____D C:\Users\metalowa_glowa
2016-08-06 10:57 - 2016-08-06 11:13 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Ustawienia lokalne
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Szablony
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Moje dokumenty
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Menu Start
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Documents\Moje wideo
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Documents\Moje obrazy
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Documents\Moja muzyka
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Dane aplikacji
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\AppData\Local\Historia
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\AppData\Local\Dane aplikacji
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Ustawienia lokalne
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Szablony
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Moje dokumenty
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Menu Start
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje wideo
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje obrazy
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moja muzyka
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Dane aplikacji
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historia
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Dane aplikacji
2016-08-06 10:56 - 2016-08-19 16:16 - 02922172 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-06 10:56 - 2016-08-06 10:56 - 01539412 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-08-06 10:53 - 2016-08-06 10:53 - 00074452 _____ C:\WINDOWS\system32\Drivers\RTWAVES30.dat
2016-08-06 10:53 - 2016-08-06 10:53 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-06 10:53 - 2016-08-06 10:53 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-08-06 10:53 - 2016-08-06 10:53 - 00000000 ____D C:\Program Files\Realtek
2016-08-06 10:53 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-06 10:52 - 2016-08-07 19:33 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-06 10:52 - 2016-08-07 19:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-06 10:52 - 2016-08-06 11:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-06 10:52 - 2016-08-06 11:00 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-06 10:52 - 2016-08-06 10:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2016-08-06 10:52 - 2016-08-06 10:52 - 00000000 ____D C:\Program Files\Synaptics
2016-08-06 10:52 - 2016-07-11 00:58 - 06385720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 02465848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 01362880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-06 10:52 - 2016-07-11 00:58 - 00546240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-06 10:52 - 2016-07-07 19:05 - 07211925 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-06 10:50 - 2016-08-19 16:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-06 10:50 - 2016-08-09 22:08 - 00346680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-06 10:50 - 2016-08-06 10:50 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-05 09:30 - 2016-08-05 09:30 - 00056863 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Bumerang - Boomerang (2015) [BRRip.Xvid-KiT] [Lektor PL].torrent
2016-08-03 21:13 - 2016-08-03 21:13 - 00057352 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Francuska suita - Suite Francaise 2014 [BRRip.XViD-NOiSE] [Lektor PL].torrent
2016-08-03 21:13 - 2016-08-03 21:13 - 00057180 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Nieslusznie oskarzona - The Trials of Cate McCall 2013 [DVDRip.XviD-BiDA] [Lektor PL].torrent
2016-08-03 21:13 - 2016-08-03 21:13 - 00015375 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Beta Test 2016 [HDRip.XViD-ETRG] [ENG].torrent
2016-08-02 22:43 - 2016-08-02 22:43 - 00000738 _____ C:\Users\metalowa_glowa\Desktop\Dark Messiah Of Might And Magic.lnk
2016-08-02 22:43 - 2016-08-02 22:43 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Dark Messiah Of Might And Magic
2016-08-02 21:14 - 2016-08-03 21:32 - 00000000 ____D C:\Users\metalowa_glowa\Desktop\Anatomy A Photographic Atlas, 8E Rohen [PDF] [ENG] [marta$]
2016-08-02 20:37 - 2016-08-02 20:37 - 00014974 _____ C:\Users\metalowa_glowa\Downloads\[Electro-Torrent.pl] Co robimy w ukryciu - What We Do in the Shadows 2014 [BRRIP XviD-KiT] [Lektor PL].torrent
2016-08-01 20:14 - 2016-08-01 20:17 - 00000000 ____D C:\książki
2016-08-01 12:58 - 2016-08-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-08-01 12:58 - 2016-08-01 12:58 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-08-01 12:55 - 2016-08-01 12:57 - 13682000 _____ (KLCP ) C:\Users\metalowa_glowa\Downloads\K-Lite_Codec_Pack_1225_Basic.exe
2016-08-01 12:51 - 2016-08-01 12:51 - 20256957 _____ ( ) C:\Users\metalowa_glowa\Downloads\klcp_update_1227_20160726.exe
2016-07-24 13:01 - 2016-07-24 13:01 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\CDex
2016-07-24 13:00 - 2016-07-24 13:00 - 06072993 _____ C:\Users\metalowa_glowa\Downloads\CDex-1.77-portable-unicode.zip
2016-07-23 13:42 - 2016-07-15 23:10 - 07155655 _____ C:\Users\metalowa_glowa\Desktop\Lothar_Wicke-Atlas_anatomii_radiologicznej(2009).djvu
2016-07-23 10:06 - 2016-07-23 10:20 - 337290857 _____ C:\Users\metalowa_glowa\Downloads\ESPNExtremeGames.7z
2016-07-23 08:13 - 2016-07-23 09:01 - 00136882 _____ C:\Users\metalowa_glowa\Desktop\Bookmarks.txt
2016-07-23 07:50 - 2016-08-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2016-07-23 07:50 - 2016-07-23 07:50 - 00002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
2016-07-23 07:50 - 2016-07-23 07:50 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
2016-07-23 07:50 - 2016-07-23 07:50 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-07-23 07:50 - 2016-07-23 07:50 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\WinZip
2016-07-23 07:49 - 2016-07-23 07:50 - 00000000 ____D C:\ProgramData\WinZip
2016-07-23 07:49 - 2016-07-23 07:49 - 00712896 _____ (WinZip Computing, S.L.) C:\Users\metalowa_glowa\Downloads\winzip20_c1.exe
2016-07-23 07:49 - 2016-07-23 07:49 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2016-07-23 07:49 - 2016-07-23 07:49 - 00000000 ____D C:\ProgramData\UniqueId
2016-07-23 07:49 - 2016-07-23 07:49 - 00000000 ____D C:\Program Files\WinZip
2016-07-23 07:41 - 2016-07-23 07:42 - 00000000 ____D C:\Users\metalowa_glowa\Desktop\masaż
2016-07-22 19:55 - 2016-08-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crimzon Clover - World Ignition [GOG.com]
2016-07-22 19:55 - 2016-07-22 19:55 - 00001872 _____ C:\Users\Public\Desktop\Crimzon Clover - World Ignition.lnk
2016-07-22 19:49 - 2016-08-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zombie Night Terror [GOG.com]
2016-07-22 19:49 - 2016-07-22 19:49 - 00001673 _____ C:\Users\Public\Desktop\Zombie Night Terror.lnk
2016-07-22 19:48 - 2016-07-22 22:18 - 00000000 ____D C:\Users\metalowa_glowa\AppData\LocalLow\NoClip
2016-07-22 19:46 - 2016-08-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zombie Vikings
2016-07-22 19:46 - 2016-07-22 19:46 - 00000712 _____ C:\Users\metalowa_glowa\Desktop\Zombie Vikings.lnk
2016-07-22 19:42 - 2016-07-22 19:43 - 172861247 _____ () C:\Users\metalowa_glowa\Downloads\tfd-103-rev4.exe
2016-07-22 19:39 - 2016-07-22 19:41 - 172860008 _____ () C:\Users\metalowa_glowa\Downloads\Niepotwierdzony 997822.crdownload
2016-07-22 19:22 - 2016-07-22 19:23 - 172861096 _____ () C:\Users\metalowa_glowa\Downloads\Niepotwierdzony 181353.crdownload
 
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2016-08-19 16:49 - 2015-11-17 22:50 - 00000000 ____D C:\AdwCleaner
2016-08-19 16:37 - 2012-07-25 22:53 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\ElevatedDiagnostics
2016-08-19 16:23 - 2014-10-06 18:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-19 16:16 - 2016-07-17 00:05 - 01185158 _____ C:\WINDOWS\system32\perfh015.dat
2016-08-19 16:16 - 2016-07-17 00:05 - 00308878 _____ C:\WINDOWS\system32\perfc015.dat
2016-08-19 16:12 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-19 15:40 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-19 15:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-19 15:40 - 2016-05-20 00:31 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\Packages
2016-08-19 06:08 - 2014-12-04 23:35 - 00119296 _____ C:\WINDOWS\SysWOW64\zlib.dll
2016-08-18 23:09 - 2012-08-07 18:44 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\uTorrent
2016-08-18 23:01 - 2012-08-07 23:04 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\vlc
2016-08-18 18:04 - 2016-06-12 14:13 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\AIMP
2016-08-17 01:21 - 2012-09-15 13:06 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-14 15:22 - 2012-09-01 14:46 - 00000000 ____D C:\Users\metalowa_glowa\Documents\My Games
2016-08-14 15:14 - 2016-06-27 23:41 - 00000000 ____D C:\gry
2016-08-14 01:47 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-14 01:29 - 2012-08-11 18:45 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\SKIDROW
2016-08-13 14:44 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-12 22:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-12 21:33 - 2012-08-07 18:02 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-11 23:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-09 22:09 - 2016-02-13 19:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-09 20:36 - 2014-06-30 20:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-09 20:30 - 2012-08-07 20:20 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-07 19:32 - 2014-08-03 12:09 - 00000000 ____D C:\temp
2016-08-07 17:55 - 2015-03-01 22:28 - 00000000 ____D C:\Dell
2016-08-07 16:13 - 2015-05-05 13:28 - 00000000 ____D C:\Users\metalowa_glowa\chomik
2016-08-07 15:56 - 2013-04-08 17:20 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\ChomikBox
2016-08-07 15:47 - 2013-04-08 17:20 - 00000000 ____D C:\Users\metalowa_glowa\.gstreamer-0.10
2016-08-07 10:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-06 11:49 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-06 11:45 - 2016-07-17 00:05 - 00000000 ____D C:\WINDOWS\OCR
2016-08-06 11:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-06 11:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-08-06 11:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-06 11:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-08-06 11:41 - 2016-07-16 13:44 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-08-06 11:41 - 2016-07-16 13:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-08-06 11:41 - 2016-07-16 13:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-08-06 11:41 - 2016-07-16 13:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-08-06 11:41 - 2016-07-16 13:44 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-08-06 11:41 - 2016-07-16 13:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-08-06 11:41 - 2016-07-16 13:43 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-08-06 11:41 - 2016-07-16 13:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-08-06 11:41 - 2016-07-16 13:43 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-08-06 11:41 - 2016-07-16 13:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-08-06 11:41 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-08-06 11:41 - 2016-07-16 13:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-08-06 11:41 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-08-06 11:34 - 2012-08-07 20:20 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-08-06 11:28 - 2016-05-20 00:34 - 00002481 _____ C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-06 11:28 - 2016-05-20 00:34 - 00000000 ___RD C:\Users\metalowa_glowa\OneDrive
2016-08-06 11:24 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-06 11:24 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-06 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-06 11:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-06 11:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-06 11:21 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-06 11:17 - 2016-05-19 23:56 - 00023140 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-06 11:16 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-08-06 11:16 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-06 11:08 - 2016-07-17 00:04 - 00000000 ____D C:\WINDOWS\system32\0409
2016-08-06 11:08 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-06 11:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System
2016-08-06 11:08 - 2016-07-16 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teenage Mutant Ninja Turtles Mutants in Manhattan
2016-08-06 11:08 - 2016-07-12 18:56 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
2016-08-06 11:08 - 2016-07-08 08:50 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2016-08-06 11:08 - 2016-07-07 06:27 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2016-08-06 11:08 - 2016-07-06 21:03 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-08-06 11:08 - 2016-07-06 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Fend Reloaded
2016-08-06 11:08 - 2016-07-02 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zombie Army Trilogy
2016-08-06 11:08 - 2016-06-29 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops 2
2016-08-06 11:08 - 2016-06-28 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Batman [GOG.com]
2016-08-06 11:08 - 2016-06-27 08:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Professional
2016-08-06 11:08 - 2016-06-27 08:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Photo Recovery
2016-08-06 11:08 - 2016-06-12 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2016-08-06 11:08 - 2016-06-05 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-08-06 11:08 - 2016-06-04 21:28 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rock of Ages
2016-08-06 11:08 - 2016-05-26 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxLauncher
2016-08-06 11:08 - 2016-05-01 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-08-06 11:08 - 2016-05-01 18:57 - 00000000 ____D C:\WINDOWS\SysWOW64\QuickTime
2016-08-06 11:08 - 2016-03-18 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Muve
2016-08-06 11:08 - 2016-03-04 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2016-08-06 11:08 - 2016-02-13 19:39 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-06 11:08 - 2015-12-26 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZTE MF823
2016-08-06 11:08 - 2015-12-11 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robin Hood - Legenda Sherwood
2016-08-06 11:08 - 2015-12-01 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
2016-08-06 11:08 - 2015-11-30 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2016-08-06 11:08 - 2015-11-26 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fire Chief
2016-08-06 11:08 - 2015-08-28 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\King Arthur
2016-08-06 11:08 - 2015-08-16 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2016-08-06 11:08 - 2015-07-21 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BYclouder LG Lumia 620 Video Converter
2016-08-06 11:08 - 2015-05-03 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2016-08-06 11:08 - 2015-04-18 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-06 11:08 - 2015-02-03 23:38 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2016-08-06 11:08 - 2015-01-27 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2016-08-06 11:08 - 2014-11-15 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-06 11:08 - 2014-11-10 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-08-06 11:08 - 2014-11-09 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2016-08-06 11:08 - 2014-10-06 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-06 11:08 - 2014-09-28 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANZERS - Phase1
2016-08-06 11:08 - 2014-09-21 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-06 11:08 - 2014-08-13 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2016-08-06 11:08 - 2014-08-07 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne
2016-08-06 11:08 - 2014-08-06 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-08-06 11:08 - 2014-08-06 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-08-06 11:08 - 2013-06-03 17:00 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-08-06 11:08 - 2013-04-08 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
2016-08-06 11:08 - 2013-03-13 20:54 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-06 11:08 - 2013-03-13 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-06 11:08 - 2012-10-28 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView
2016-08-06 11:08 - 2012-09-30 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-08-06 11:08 - 2012-09-15 13:12 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-06 11:08 - 2012-09-15 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-06 11:08 - 2012-09-03 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
2016-08-06 11:08 - 2012-09-01 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-08-06 11:08 - 2012-09-01 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polish Empire Mod
2016-08-06 11:08 - 2012-08-26 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
2016-08-06 11:08 - 2012-08-12 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2016-08-06 11:08 - 2012-08-09 21:39 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-08-06 11:08 - 2012-08-09 21:26 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dark Omen
2016-08-06 11:08 - 2012-08-08 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-06 11:08 - 2012-08-07 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-06 11:08 - 2012-07-26 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Off
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\2C0A
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0C0A
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0C04
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0816
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0804
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0424
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\041F
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\041E
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\041D
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\041B
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0419
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0416
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0415
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0414
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0413
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0412
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0411
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0410
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\040E
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\040D
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\040C
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\040B
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\040A
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0408
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0407
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0406
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0405
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0404
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0401
2016-08-06 11:08 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-06 11:05 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-06 11:05 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-06 11:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-06 11:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-06 11:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-06 11:02 - 2015-12-26 19:14 - 00000000 ____D C:\WINDOWS\SysWOW64\SupportAppPBZTE MF823
2016-08-06 11:02 - 2014-08-03 13:23 - 00000000 ____D C:\WINDOWS\SysWOW64\SDA
2016-08-06 11:02 - 2013-09-11 13:56 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-08-06 11:02 - 2012-08-07 21:05 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2016-08-06 11:02 - 2012-08-07 17:37 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-08-06 11:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-06 11:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-06 11:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\schemas
2016-08-06 11:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-06 11:01 - 2016-05-01 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MumboJumbo
2016-08-06 11:01 - 2016-04-11 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine Ltd
2016-08-06 11:01 - 2015-11-26 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-08-06 11:01 - 2015-03-29 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2016-08-06 11:01 - 2014-04-01 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RePack by XLASER
2016-08-06 11:01 - 2014-02-14 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-08-06 11:01 - 2013-10-02 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2016-08-06 11:01 - 2013-07-21 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPSS Inc
2016-08-06 11:01 - 2013-04-24 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URUSoft
2016-08-06 11:01 - 2012-09-15 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-08-06 11:01 - 2012-08-11 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Namco Bandai Games
2016-08-06 11:01 - 2012-08-07 17:11 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-08-06 11:01 - 2012-07-25 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2016-08-06 11:01 - 2009-07-14 20:09 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-08-06 11:00 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-08-06 11:00 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-08-06 11:00 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-06 11:00 - 2016-07-06 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
2016-08-06 11:00 - 2015-10-28 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Double Eleven
2016-08-06 11:00 - 2015-08-27 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company
2016-08-06 11:00 - 2015-08-09 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2016-08-06 11:00 - 2015-07-21 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft
2016-08-06 11:00 - 2013-09-26 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-08-06 11:00 - 2013-02-17 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2016-08-06 11:00 - 2012-11-01 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
2016-08-06 11:00 - 2012-10-01 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-08-06 11:00 - 2012-09-09 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
2016-08-06 11:00 - 2012-08-12 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2016-08-06 10:59 - 2013-10-05 10:01 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-08-06 10:58 - 2015-09-03 18:33 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra
2016-08-06 10:58 - 2013-10-22 21:42 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trust
2016-08-06 10:58 - 2013-06-28 23:58 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Neverwinter Nights
2016-08-06 10:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-06 10:53 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-06 10:53 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-06 10:53 - 2014-11-08 18:18 - 00000000 ____D C:\Intel
2016-08-06 10:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2016-08-06 10:19 - 2015-02-27 23:08 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-06 09:34 - 2015-09-23 00:02 - 00000992 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-08-06 09:33 - 2016-01-04 14:24 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-06 09:22 - 2015-02-27 23:08 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-05 20:04 - 2016-05-21 10:39 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-08-05 20:04 - 2016-05-21 10:39 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-03 00:42 - 2016-06-28 22:37 - 00000000 ____D C:\Users\metalowa_glowa\pinnacle profiles
2016-08-01 12:53 - 2016-05-27 10:22 - 00000000 ____D C:\ProgramData\Skype
2016-08-01 12:53 - 2012-09-02 21:27 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Skype
2016-07-24 19:34 - 2014-09-21 15:53 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-24 19:33 - 2016-05-27 14:33 - 00000000 ____D C:\Users\metalowa_glowa\.oracle_jre_usage
2016-07-24 19:33 - 2014-09-21 15:53 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-07-23 08:13 - 2015-11-03 20:33 - 00000000 ____D C:\Users\metalowa_glowa\Desktop\śmietniczek przechodni
2016-07-23 07:53 - 2016-07-03 17:47 - 00000000 ____D C:\Users\metalowa_glowa\Desktop\Human Anatomy, 4 edition
 
==================== Pliki w katalogu głównym wybranych folderów =======
 
2013-02-17 05:27 - 2013-02-17 05:27 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2015-04-07 18:22 - 2015-04-07 18:22 - 0000551 _____ () C:\Users\metalowa_glowa\AppData\Roaming\AutoGK.ini
2013-09-16 14:18 - 2013-09-16 14:18 - 0000102 _____ () C:\Users\metalowa_glowa\AppData\Local\fusioncache.dat
2013-09-11 14:46 - 2013-09-11 14:46 - 0021086 _____ () C:\Users\metalowa_glowa\AppData\Local\IWDAudHelper.20130911.144608.txt
2013-09-12 20:14 - 2013-09-12 20:14 - 0002242 _____ () C:\Users\metalowa_glowa\AppData\Local\IWDAudHelper.20130912.201427.txt
2013-09-12 20:22 - 2013-09-12 20:22 - 0023560 _____ () C:\Users\metalowa_glowa\AppData\Local\IWDAudHelper.20130912.202208.txt
2013-09-14 11:46 - 2013-09-14 11:46 - 0002264 _____ () C:\Users\metalowa_glowa\AppData\Local\IWDAudHelper.20130914.114650.txt
2013-09-16 13:55 - 2013-09-16 13:55 - 0002242 _____ () C:\Users\metalowa_glowa\AppData\Local\IWDAudHelper.20130916.135523.txt
2014-08-25 23:50 - 2014-08-25 23:50 - 0000000 ___SH () C:\Users\metalowa_glowa\AppData\Local\LumaEmu
2013-09-11 14:44 - 2013-09-11 14:44 - 0001626 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144433.txt
2013-09-11 14:45 - 2013-09-11 14:45 - 0000661 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144546.txt
2013-09-11 14:45 - 2013-09-11 14:45 - 0001651 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144548.txt
2013-09-11 14:45 - 2013-09-11 14:45 - 0001245 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144552.txt
2013-09-11 14:46 - 2013-09-11 14:46 - 0001227 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144631.txt
2013-09-11 14:47 - 2013-09-11 14:47 - 0001587 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144726.txt
2013-09-11 14:48 - 2013-09-11 14:48 - 0001613 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144829.txt
2013-09-12 14:15 - 2013-09-12 14:15 - 0001612 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.141505.txt
2013-09-12 14:17 - 2013-09-12 14:17 - 0001563 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.141713.txt
2013-09-12 14:21 - 2013-09-12 14:21 - 0001611 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.142109.txt
2013-09-12 20:06 - 2013-09-12 20:06 - 0001589 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.200656.txt
2013-09-12 20:14 - 2013-09-12 20:14 - 0000671 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.201421.txt
2013-09-12 20:14 - 2013-09-12 20:14 - 0001245 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.201426.txt
2013-09-12 20:20 - 2013-09-12 20:20 - 0001644 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202049.txt
2013-09-12 20:21 - 2013-09-12 20:21 - 0000661 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202138.txt
2013-09-12 20:21 - 2013-09-12 20:21 - 0001666 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202139.txt
2013-09-12 20:21 - 2013-09-12 20:21 - 0001227 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202146.txt
2013-09-12 20:22 - 2013-09-12 20:22 - 0001229 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202237.txt
2013-09-12 20:23 - 2013-09-12 20:23 - 0001613 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202316.txt
2013-09-12 20:32 - 2013-09-12 20:32 - 0001613 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.203212.txt
2013-09-14 11:46 - 2013-09-14 11:46 - 0000673 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130914.114643.txt
2013-09-14 11:46 - 2013-09-14 11:46 - 0001229 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130914.114649.txt
2013-09-16 13:55 - 2013-09-16 13:55 - 0000671 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130916.135512.txt
2013-09-16 13:55 - 2013-09-16 13:55 - 0001227 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130916.135522.txt
2013-04-28 20:16 - 2013-04-28 20:16 - 0002439 _____ () C:\Users\metalowa_glowa\AppData\Local\unins000.dat
2013-04-28 20:16 - 2013-04-28 20:16 - 0011761 _____ () C:\Users\metalowa_glowa\AppData\Local\unins000.msg
2013-09-11 14:12 - 2013-09-11 14:13 - 0012056 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130911.141225.wdl
2013-09-11 14:13 - 2013-09-11 14:15 - 0012734 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130911.141321.wdl
2013-09-11 14:49 - 2013-09-11 14:50 - 0014767 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130911.144954.wdl
2013-09-12 15:18 - 2013-09-12 15:25 - 0015554 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130912.151826.wdl
2013-09-12 20:05 - 2013-09-12 20:06 - 0016003 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130912.200559.wdl
2013-09-12 20:19 - 2013-09-12 20:19 - 0015674 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130912.201920.wdl
2013-09-12 20:25 - 2013-09-12 20:25 - 0015967 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130912.202528.wdl
2016-08-19 16:12 - 2016-08-19 16:12 - 0000000 ____H () C:\ProgramData\cm-lock
 
==================== Bamital & volsnap =================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo
C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
 
 
LastRegBack: 2016-08-16 20:31
 
==================== Koniec  FRST.txt ============================
 
FRST Addition:
 
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 17-08-2016
Uruchomiony przez metalowa_glowa (19-08-2016 16:52:27)
Uruchomiony z C:\Users\metalowa_glowa\Downloads
Windows 10 Home Wersja 1607 (X64) (2016-08-06 09:23:49)
Tryb startu: Normal
==========================================================
 
 
==================== Konta użytkowników: =============================
 
Administrator (S-1-5-21-1362770674-4107001041-3769634335-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1362770674-4107001041-3769634335-1005 - Limited - Enabled)
Gość (S-1-5-21-1362770674-4107001041-3769634335-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1362770674-4107001041-3769634335-1009 - Limited - Enabled)
Konto domyślne (S-1-5-21-1362770674-4107001041-3769634335-503 - Limited - Disabled)
metalowa_glowa (S-1-5-21-1362770674-4107001041-3769634335-1000 - Administrator - Enabled) => C:\Users\metalowa_glowa
 
==================== Centrum zabezpieczeń ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Zainstalowane programy ======================
 
(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
 
µTorrent (HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advanced Video FX Engine (HKLM-x32\...\Advanced Video FX Engine) (Version:  - )
AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1725, 11.06.2016 - AIMP DevTeam)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version:  - Microsoft)
Alice: Madness Returns (HKLM-x32\...\Alice: Madness Returns_is1) (Version:  - )
Aliens - Colonial Marines Complete (HKLM-x32\...\Aliens - Colonial Marines Complete_is1) (Version:  - )
Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
Any Video Converter Ultimate 5.8.0 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Armored Warfare MyCom (HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\Armored Warfare MyCom) (Version: 1.91 - My.com B.V.)
Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Batman™: Arkham Origins Blackgate - Deluxe Edition (HKLM\...\Steam App 267490) (Version:  - Armature Studio)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Brothers in Arms - Road to Hill 30 (HKLM-x32\...\Brothers in Arms - Road to Hill 30_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Call of Duty Black Ops 2 (HKLM-x32\...\{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1) (Version: 1.0 - Treyarch)
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version:  - ) Hidden
Cataclysm (HKLM-x32\...\Cataclysm) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
ChomikBox (HKLM-x32\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl)
Convoy (HKLM-x32\...\1432538826_is1) (Version: 2.4.0.5 - GOG.com)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.23 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crysis® (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Dark Messiah Of Might And Magic (HKLM-x32\...\Dark Messiah Of Might And Magic_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell Wireless HSPA Mini-Card Drivers (HKLM-x32\...\{9D583F01-A973-4B04-90BD-FB7886779090}) (Version: 6.1.24.4 - Dell)
D-Fend Reloaded 1.4.4 (odinstaluj) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.4 - Alexander Herzog)
DOFix (HKLM\...\{6541f1bd-90c1-48c0-973b-d9bca7361f52}.sdb) (Version:  - )
Dragon Ball Xenoverse - Bundle Edition (HKLM-x32\...\Dragon Ball Xenoverse - Bundle Edition_is1) (Version:  - )
Earth Defense Force Insect Armageddon (HKLM-x32\...\Earth Defense Force Insect Armageddon_is1) (Version:  - )
e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 8.0.7 - Ministerstwo Finansow)
e-Deklaracje Desktop (x32 Version: 8.0.7 - Ministerstwo Finansow) Hidden
Eisenhorn XENOS (HKLM-x32\...\Eisenhorn XENOS_is1) (Version:  - )
Epic Games Launcher (HKLM-x32\...\{50CBA62D-4E71-47DE-B37B-0C36DD9121DE}) (Version: 1.1.47.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
Fire Chief version 1.0 (HKLM-x32\...\{E9E40B7E-EECE-4B08-992E-95456FFAD5C3}_is1) (Version: 1.0 - DreamCatcher Interactive Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freespace 2 (HKLM-x32\...\Freespace 2_is1) (Version:  - GOG.com)
Gaming Mouse (HKLM-x32\...\Gaming Mouse) (Version:  - )
Ghostbusters ™: The Video Game (x32 Version: 1.00.0000 - Atari) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV v.1.07.0 (HKLM-x32\...\Grand Theft Auto IV_is1) (Version:  - )
Ground Control (HKLM-x32\...\Ground Control) (Version:  - )
GT Interactive - Driver (HKLM-x32\...\GT Interactive - Driver) (Version:  - )
Gtk# for .Net 2.12.10 (HKLM-x32\...\{04AE3BBC-ABFF-42CC-9F90-5B35D229328A}) (Version: 2.12.10 - Xamarin, Inc.)
Heroes of Might and Magic V (HKLM-x32\...\{C0086B27-8E52-42D4-8393-236391EF18F6}) (Version: 1.00.0000 - Ubisoft)
Homeworld (HKLM-x32\...\Homeworld) (Version:  - )
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version:  - Gearbox Software)
Human Anatomy Atlas 3.0.1 (HKLM-x32\...\Human Anatomy Atlas 3.0.1) (Version:  - )
Hyper Light Drifter (HKLM-x32\...\1452863689_is1) (Version: 2.0.0.2 - GOG.com)
INK (HKLM\...\Steam App 385710) (Version:  - ZackBellGames)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.64.1 - JMicron Technology Corp.)
Keyboard Lock Status (HKLM-x32\...\{144A1586-E16C-448D-910D-E12ACD65DD98}) (Version: 1.00.0000 - Logitech)
King Arthur (HKLM-x32\...\King Arthur) (Version:  - )
K-Lite Codec Pack 12.2.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.2.5 - KLCP)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legacy of Kain (HKLM-x32\...\KainUninstallKey) (Version:  - )
LEGO® Batman™ - The Videogame (HKLM-x32\...\1423058542_is1) (Version: 2.0.0.5 - GOG.com)
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvel Ultimate Alliance 2 (HKLM-x32\...\Marvel Ultimate Alliance 2_is1) (Version:  - )
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Max Payne (HKLM-x32\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version:  - )
Men of War (HKLM-x32\...\{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}) (Version: 1.17.5.1 - 1C Company)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 pl)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Muve Downloader (HKLM-x32\...\{29850ACF-D3C1-4EEC-84C4-DE795C6207F1}) (Version: 1.5.0 - Muve)
My.com Game Center (HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\MyComGames) (Version: 3.183 - My.com B.V.)
Myth III - The Wolf Age (HKLM-x32\...\{2A48215C-E018-4F4B-9285-3CDC88C6992A}) (Version:  - )
NapiProjekt (2.0.0.2151) (HKLM-x32\...\NapiProjekt_is1) (Version:  - )
NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.81 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{e6d17d96-ddaa-476f-bb07-db601024ffb1}) (Version: 15.8.0 - Intel Corporation)
Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Overlord (HKLM-x32\...\Steam App 11450) (Version:  - Triumph Studios)
Overlord: Raising Hell (HKLM\...\Steam App 12710) (Version:  - Triumph Studios)
PAC-MAN Championship Edition DX+ (HKLM\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Panel sterowania NVIDIA 368.81 (Version: 368.81 - NVIDIA Corporation) Hidden
Panzer Corps Soviet Corps (HKLM-x32\...\Panzer Corps Soviet Corps_is1) (Version:  - )
PANZERS - Phase1 (HKLM-x32\...\PANZERS - Phase1) (Version:  - )
Party Hard (HKLM-x32\...\Steam App 356570) (Version:  - Pinokl Games)
PC Remote (HKLM-x32\...\{C934DF74-D0D9-445C-90AA-34012A04E11D}) (Version: 3.51 - PC Remote)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
Penarium (HKLM-x32\...\UGVuYXJpdW0=_is1) (Version: 1 - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 8.2.8 - PowerUp Software)
PixelJunk Shooter Ultimate (HKLM-x32\...\PixelJunk Shooter Ultimate_is1) (Version:  - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
Rayman Forever (HKLM-x32\...\Rayman Forever_is1) (Version:  - GOG.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Retro City Rampage™ DX (HKLM-x32\...\Steam App 204630) (Version:  - Vblank Entertainment, Inc.)
Robin Hood - Legenda Sherwood (HKLM-x32\...\{9C748279-288D-11D7-928D-00C0CA129740}) (Version: 1.00.000 - )
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Second Sight (HKLM-x32\...\Second Sight_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}) (Version: 7.0.27.13 - Mad Catz)
Sniper Elite (HKLM-x32\...\Sniper Elite_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Spider-Man 3 ™ (HKLM-x32\...\InstallShield_{990166FA-1ACB-4AA7-B592-4D370C7CDD1A}) (Version: 1.00.0000 - Activision)
Spider-Man 3™ (x32 Version: 1.00.0000 - Activision) Hidden
SPSS Statistics 17.0 (HKLM-x32\...\{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}) (Version: 17.0.0 - SPSS Inc.)
Star Wars: Dark Forces (HKLM-x32\...\Steam App 32400) (Version:  - LucasArts)
STAR WARS® - Rogue Squadron 3D (HKLM-x32\...\1421404950_is1) (Version: 2.0.0.3 - GOG.com)
STAR WARS™ - X-Wing Collector's CD (1994) (HKLM-x32\...\1207667213_is1) (Version: 2.0.0.2 - GOG.com)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
Switch Off (HKLM-x32\...\SwitchOff) (Version: 2.3 - YaSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.15.0 - Synaptics Incorporated)
T3A Patch for BFME 1 version 1.06 (HKLM-x32\...\T3APATCH106_is1) (Version: 1.06 - )
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Teenage Mutant Ninja Turtles Mutants in Manhattan (HKLM-x32\...\Teenage Mutant Ninja Turtles Mutants in Manhattan_is1) (Version:  - )
The Aquatic Adventure of the Last Human (HKLM-x32\...\1452863102_is1) (Version: 2.3.0.4 - GOG.com)
The Battle for Middle-earth ™ (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version:  - )
The Wolf Among Us (HKLM-x32\...\1432213513_is1) (Version: 2.0.0.1 - GOG.com)
Tomb Raider 1 + 2 + 3 (HKLM-x32\...\Tomb Raider 1 + 2 + 3_is1) (Version:  - GOG.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
USB Network Joystick (HKLM-x32\...\{2A558A06-A44E-400D-95AD-D9FAA89AFD36}) (Version: 2007.03.12 - )
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Warhammer Battle March (HKLM-x32\...\{ABC91C39-266D-4042-828E-4386E0F25218}) (Version: 2.0.0 - Namco Bandai Games)
WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{99759E36-8961-43DC-A7E6-4601D6AEF166}) (Version: 1.1.2726.0 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
World of Tanks (HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
wxLauncher (HKLM-x32\...\wxLauncher) (Version: 0.10.1 - wxLauncher Team)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.0.20140401 - Xilisoft)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)
Zombie Army Trilogy (HKLM-x32\...\Zombie Army Trilogy_is1) (Version:  - )
Zombie Vikings (HKLM-x32\...\Zombie Vikings_is1) (Version:  - )
ZTE MF823 (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
 
==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
CustomCLSID: HKU\S-1-5-21-1362770674-4107001041-3769634335-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1362770674-4107001041-3769634335-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
 
==================== Zaplanowane zadania (filtrowane) =============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
Task: {06CFDD4F-E981-4492-9A4C-7894AA935D9B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1357AE7B-D1E0-43E7-9878-589ED6E98090} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {18970E0A-9F92-45B9-8DFD-48C04EA67D6E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {1D8F00F2-83A4-4447-A584-6FE57C9D0D1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
Task: {1F147B56-BF7A-4FE6-B713-99FCB028A0E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {231A0272-DDE1-437B-BAE5-AA39076D50F8} - System32\Tasks\SafeZone scheduled Autoupdate 1463820016 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {24D0E25A-FDEC-427A-A95D-6F8A6B332640} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
Task: {27344CD4-7DFD-40C8-90F4-88C19300B572} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {2A06755B-5246-4556-9B08-D5EFE7EBC7EC} - \avast! Emergency Update -> Brak pliku <==== UWAGA
Task: {33FCFF72-8F16-4414-BB07-D9482C615111} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA
Task: {3A9F3E84-B970-4084-A869-B5D562D3FFDE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Brak pliku <==== UWAGA
Task: {3B7F77FF-1555-4847-8D9B-02420EA57F46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {42B51337-0C61-45C9-8A08-C894AC9B3295} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA
Task: {44F29258-32F6-4111-A888-F5A00F688FF1} - \Microsoft\Windows\Setup\gwx\rundetector -> Brak pliku <==== UWAGA
Task: {4AE8E905-A634-4887-BB8B-902DC7FD9B50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {4C584371-4C86-4B22-A5D4-F662D320A6EC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA
Task: {550D9F58-0AB5-45D5-8425-FD08F17D58FB} - System32\Tasks\metalowa_glowa => /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v metalowa_glowa /t REG_SZ /d "explorer.exe hxxp://sd-steam.info" <==== UWAGA
Task: {55B303A9-1334-4BB3-9AC7-998DBA2BE7BE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5BAF4C69-262C-4240-82FE-FBBFE5618FDC} - System32\Tasks\Opera scheduled Autoupdate 1407442411 => C:\Program Files (x86)\Opera\launcher.exe [2016-08-03] (Opera Software)
Task: {5BE91AA6-4313-4E4B-9C09-33DBE53D8152} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {5D0BBE60-FF6B-4451-9ACE-CA18EB50F7F7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {69D04120-7CFE-40FF-A463-0FBA3C2BA842} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA
Task: {69E5810D-4136-4E95-84C9-5F9F18E40509} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Brak pliku <==== UWAGA
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6DA487F1-38C4-424C-A096-2FB343B1E642} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {73EE782E-AE07-4680-A775-BE5C5918EB6E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {7C7C8A5D-62EF-45C8-82DD-905D45919A34} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {7F97CBF8-30A7-46E6-9C4E-C1EC560B4230} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {85CC00DE-5CF5-4C6C-888B-87C4D19C500F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {8AA60CD5-C953-49CF-980D-5DABA0ED69E2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {8B704228-29C8-49EC-AB38-DE9432345015} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {8EE26F47-291C-4FD9-B259-A4D374242111} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {8F6D6D85-CC53-4573-8380-33918C0B1A19} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
Task: {9320AAAE-6D43-4D6B-A539-6FA592E64A57} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {93C3A024-2C95-418A-BAD8-71795B42632D} - System32\Tasks\CTF Host => C:\Users\metalowa_glowa\AppData\Roaming\Wise Uninstaller\Ctfhost\ctfhost.exe
Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-07-16] (Microsoft Corporation)
Task: {A3FA3A40-68BA-4BF4-A580-36195DF7C6F8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {A3FC3478-10B9-425B-BAD5-5DE6C25FC073} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-07-16] (Microsoft Corporation)
Task: {BBD965D8-CF2B-4CBC-A66A-2D14FA92F050} - System32\Tasks\{73EF4EB6-093C-4D3A-A3F9-87995FFD12A2} => pcalua.exe -a C:\Users\metalowa_glowa\Downloads\R290515.exe -d C:\Users\metalowa_glowa\Downloads
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {CD19BC8A-E9FE-49ED-92A5-0E1194F69F00} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {CD1BD567-5622-42F7-BB13-4CDB19F95B5E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CF9C2F4D-B76F-4541-9970-58F56C29102E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {CFFCD985-3EB1-4B30-8504-90FD3F4F28B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
Task: {D0ABE2A0-B8DA-4356-B9B8-4DF97A4886C0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Brak pliku <==== UWAGA
Task: {D11B5472-00A9-471A-B4A0-627C564EA359} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D5B70270-7739-44BE-9F76-C55C4660AF4A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D7B32CE9-12FD-403F-AFE4-DE2CF01B9682} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {DCCB3EAE-2B08-472F-9061-85D61AC41CEA} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-07-07] ()
Task: {DEB09810-1DDD-44AE-950E-967F59FDC216} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
Task: {DF9B7D00-1FFF-4121-9DEB-F81688AE28BE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E26EEC3E-B5B9-43CF-A05E-A3A2F3684EF0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {ED7BD005-C716-4E72-B0D0-555625C145EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {FE32D8A1-CF50-4B19-A981-8F51FD0D4CD6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
 
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Skróty =============================
 
(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)
 
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{FBA2E1A5-7FBE-46BD-BAED-E70E0F268B14}\SupportTasks\0\Pomoc techniczna.lnk -> hxxp://www.dreamcatchergames.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{EA71BC69-0397-4C1D-B5A0-3C2E5E98F5CB}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://www.sierra.com/support/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{EA71BC69-0397-4C1D-B5A0-3C2E5E98F5CB}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.sierrastudios.com/games/groundcontrol/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{B02CEC35-4191-485D-B77D-8C03C03B2366}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://support.ubi.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{B02CEC35-4191-485D-B77D-8C03C03B2366}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.ightandmagic.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{933A6C52-9DF0-4704-A2C9-43306570744F}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://techsupport.ea.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{933A6C52-9DF0-4704-A2C9-43306570744F}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.lordoftherings.ea.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{7D95B5A0-FBEB-4B1A-8BB7-5CB2E4934762}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.maxpayne.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{674FA394-B1FB-4BA5-B55A-00A2D75D8D0D}\SupportTasks\0\Pomoc techniczna.lnk -> hxxp://support.ubi.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{5D294B1B-3F39-4A97-9EEE-084D2CB9AA5F}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://support.ubi.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{5D294B1B-3F39-4A97-9EEE-084D2CB9AA5F}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.brothersinarmsgame.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{1688D0C5-FF94-44A4-8BA6-77B28A73059D}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://www.strategyfirst.com/support/contactform.asp/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{1688D0C5-FF94-44A4-8BA6-77B28A73059D}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.robinhood-game.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxBatch.lnk -> D:\Gry\max payne\MaxBatch.bat ()
Shortcut: C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dark Omen\Options.lnk -> C:\Program Files (x86)\Dark Omen\options.bat ()
 
==================== Załadowane moduły (filtrowane) ==============
 
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-25 17:37 - 2014-11-01 21:34 - 00075136 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-06 11:28 - 2016-08-06 11:28 - 00959168 _____ () C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-09 20:26 - 2016-08-02 10:15 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-09 20:26 - 2016-08-02 10:01 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-09 20:26 - 2016-08-02 09:53 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-09 20:26 - 2016-08-02 09:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-09 20:26 - 2016-08-02 09:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-09 20:26 - 2016-08-02 09:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-13 19:47 - 2016-08-13 19:48 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-13 19:47 - 2016-08-13 19:48 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-13 19:47 - 2016-08-13 19:48 - 35290624 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-08-16 15:41 - 2016-08-16 15:42 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 15:41 - 2016-08-16 15:42 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 19:19 - 2016-06-03 19:23 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-05-20 01:10 - 2016-05-20 01:10 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-30 19:54 - 2016-06-30 19:54 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-19 06:10 - 2016-08-19 06:10 - 03015680 _____ () C:\Program Files\AVAST Software\Avast\defs\16081802\algo.dll
2016-06-30 19:54 - 2016-06-30 19:54 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2012-07-25 23:04 - 2010-02-17 12:20 - 00065576 ____R () C:\Program Files (x86)\Dell\Dell WWAN\WMCore\MBMDebug.dll
2016-06-30 19:54 - 2016-06-30 19:54 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-08-09 20:21 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-09 20:21 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
 
==================== Alternate Data Streams (filtrowane) =========
 
(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)
 
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9 [180]
AlternateDataStreams: C:\ProgramData\TEMP:F0D7EE30 [340]
 
==================== Tryb awaryjny (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
 
 
==================== Powiązania plików (filtrowane) ===============
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)
 
 
==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)
 
IE trusted site: HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\dell.com -> dell.com
 
==================== Hosts - zawartość: ===============================
 
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
 
2009-07-14 04:34 - 2015-12-15 17:18 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Inne obszary ============================
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 62.179.1.61 - 62.179.1.63
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
Zapora systemu Windows [funkcja włączona]
 
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\startupreg: CancelAutoPlay_df => "C:\Program Files (x86)\ZTE MF823\CancelAutoPlay_df.exe" run
MSCONFIG\startupreg: CheckNDISPortF0ac70 => C:\Program Files (x86)\ZTE MF823\CheckNDISPort_df.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellSystemDetect => C:\Users\metalowa_glowa\AppData\Local\Apps\2.0\6EE1JWG0.0R9\JLN1G7DO.GRE\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe
MSCONFIG\startupreg: LockStatusTray => C:\Windows\LockStatusTray.exe
MSCONFIG\startupreg: NSU_agent => "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Onet.pl AutoUpdate => C:\Program Files (x86)\Common Files\Onet.pl\AutoUpdate.exe /tsr
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StereoLinksInstall => "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
MSCONFIG\startupreg: USB Gamepad => C:\Windows\USB Vibration\7906\USB Gamepad.exe -boot
HKLM\...\StartupApproved\Run: => "SaiMfd"
HKLM\...\StartupApproved\Run: => "ProfilerU"
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\StartupApproved\Run: => "OneDrive"
 
==================== Reguły Zapory systemu Windows (filtrowane) ===============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{CAFD0578-B556-4C62-B5A9-590D8CACD48D}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{F2498858-F169-4855-A721-2F54C9B493AB}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{48C76503-B060-486A-BF32-41A5FA6F0171}D:\gry\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) D:\gry\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{38D9B2BB-D84F-4D96-A58F-AAD9398A887E}D:\gry\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) D:\gry\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{EF46BBF5-FC59-49B6-A3A1-B9CE96EA388A}C:\users\metalowa_glowa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\metalowa_glowa\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{10B55BF1-A47D-4D1C-A57A-6B5A6C8FA207}C:\users\metalowa_glowa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\metalowa_glowa\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{56A9003E-DA96-44E5-81F4-7571CF7F04CA}] => (Allow) d:\gry\World of tanks\worldoftanks.exe
FirewallRules: [{DC5BFE4D-E311-4432-BA5A-EEC0C62B4D09}] => (Allow) d:\gry\World of tanks\worldoftanks.exe
FirewallRules: [{203CC7BD-7590-4975-9EFC-091ED6840DA9}] => (Allow) d:\gry\World of tanks\WoTLauncher.exe
FirewallRules: [{A6FED72A-72CC-4601-92E8-4815B7CBD826}] => (Allow) d:\gry\World of tanks\WoTLauncher.exe
FirewallRules: [UDP Query User{5E8A19A1-5C43-4F30-83F2-12EF783A85A1}D:\gry\black ops 2\t6sp.exe] => (Block) D:\gry\black ops 2\t6sp.exe
FirewallRules: [TCP Query User{3AE385DE-6B7F-47DD-87A1-95B54F11F84B}D:\gry\black ops 2\t6sp.exe] => (Block) D:\gry\black ops 2\t6sp.exe
FirewallRules: [UDP Query User{20EB7071-74E2-4E72-B4D0-07E1AC551909}D:\gry\rock of ages\binaries\win32\roa.exe] => (Block) D:\gry\rock of ages\binaries\win32\roa.exe
FirewallRules: [TCP Query User{94D26299-6005-499A-8054-CABBE73B1A14}D:\gry\rock of ages\binaries\win32\roa.exe] => (Block) D:\gry\rock of ages\binaries\win32\roa.exe
FirewallRules: [UDP Query User{0A4A1F1C-3C67-4943-92D9-68EEC226BE35}D:\gry\freespace\fs2_open_3_7_2_sse.exe] => (Allow) D:\gry\freespace\fs2_open_3_7_2_sse.exe
FirewallRules: [TCP Query User{AA7862A4-6E23-43D7-A0F7-F70469DABC98}D:\gry\freespace\fs2_open_3_7_2_sse.exe] => (Allow) D:\gry\freespace\fs2_open_3_7_2_sse.exe
FirewallRules: [{F592EE9F-2CBB-4395-8352-20262CE5233C}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{E954E755-5104-4128-A49F-8E3DEE6D70B2}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{D615DF2D-9844-4D2E-A8D3-16C09428296B}] => (Allow) D:\Gry\mark of chaos\Warhammer.exe
FirewallRules: [{EE866D6C-0A70-4129-A9B0-F58F1ADB6012}] => (Allow) D:\Gry\mark of chaos\Warhammer.exe
FirewallRules: [{CAD64BF9-E5F0-4DFE-B34E-982B9F3D184A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B50DC0BE-3D8F-4BCD-887F-FB1F19454E50}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{1199A679-C98A-4E8D-A74E-FF4487A3039D}C:\program files (x86)\steam\steamapps\metalowa_glowa\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\metalowa_glowa\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{F8B2BCFB-4079-44AF-9C06-89FAB06FF4C6}C:\program files (x86)\steam\steamapps\metalowa_glowa\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\metalowa_glowa\team fortress 2\hl2.exe
FirewallRules: [{146CCA01-FC81-47E2-B81E-C6D29799829E}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{2EC90268-5835-47DC-B6AF-638BFFC30FB6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{7ACAD68B-5E81-44D4-897D-6749128ACA1C}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{767E74E1-D8D3-4517-96E3-103819515F60}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{1D94D740-02E4-4AE2-9BDF-1E9719249722}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{DE4C1082-E5B0-4D9A-9153-B7D40F1BCC25}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{17E62F46-D309-4697-B637-403B406CCB74}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{A6412FEE-D044-4C5C-A259-C182344DF6F9}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{E770AF7E-9F4C-4DD5-A344-B0D750C58BB1}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{F3F22DAA-026D-4DA5-955C-3A58047F3F8F}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{20DB568A-AD91-47C2-A4EF-0203A04396AF}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{41189794-ECA8-4A13-80DB-7C3852E51190}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{B6B8B1FB-B1BC-4A73-A37B-4A09D8CD02AD}] => (Allow) LPort=3724
FirewallRules: [{B3A45F6B-EDE8-49D6-9C5B-3616A3C229A0}] => (Allow) D:\SPSS\statistics.com
FirewallRules: [{4BAF7FC3-30EF-47E1-BCD3-0373540DD749}] => (Allow) D:\SPSS\statistics.exe
FirewallRules: [{712E2E89-5044-41D7-88FC-209AD1283076}] => (Allow) D:\SPSS\SPSSWinWrapIDE.exe
FirewallRules: [{A2303532-7231-4B26-88E5-DD2E4F5DD46E}] => (Allow) D:\SPSS\statistics.com
FirewallRules: [{581493F8-8D92-470C-99DD-D18F39C90922}] => (Allow) D:\SPSS\statistics.exe
FirewallRules: [{BDB769F2-6FC6-4405-BC00-3034C77EA4FA}] => (Allow) D:\SPSS\SPSSWinWrapIDE.exe
FirewallRules: [{EF6C8D6E-C6D1-4CCF-A802-F026ECF8C8B0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{F07C6A55-B6DC-4DD6-813D-151DEE02E0A5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{F8A5946D-734F-442D-BF67-D03DD591E74B}D:\gry\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) D:\gry\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [UDP Query User{F7366524-DF6A-443A-9347-8141D77B45C9}D:\gry\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) D:\gry\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [TCP Query User{4BA23ECE-31CE-48FD-8317-8C58DE765BB7}D:\gry\alice madness returns\alice1\bin\alice.exe] => (Block) D:\gry\alice madness returns\alice1\bin\alice.exe
FirewallRules: [UDP Query User{15A38999-D4AD-4DEA-A972-B051AC882B51}D:\gry\alice madness returns\alice1\bin\alice.exe] => (Block) D:\gry\alice madness returns\alice1\bin\alice.exe
FirewallRules: [{CA16508C-875D-4258-B163-939263228701}] => (Allow) LPort=80
FirewallRules: [{A19AE38F-934A-46A4-B9EF-0801BB4F314C}] => (Allow) LPort=443
FirewallRules: [{DCEE289C-E8DE-4D83-A15D-E69DFB99D087}] => (Allow) LPort=20010
FirewallRules: [{889D5C20-1BF6-4DF2-B2C0-EA7003934476}] => (Allow) LPort=3478
FirewallRules: [{A4E7414D-04D9-4F01-9B09-08BF1E6B8FE5}] => (Allow) LPort=7850
FirewallRules: [{B92B767D-0F0C-46BD-BA1C-F4D0CED8F97D}] => (Allow) LPort=7852
FirewallRules: [{69CB183F-2E8E-4E63-9A42-766A58400C4A}] => (Allow) LPort=7853
FirewallRules: [{26DF64C9-C110-4384-ACBF-4FDF9316575B}] => (Allow) LPort=27022
FirewallRules: [{81A3BB83-3BBA-4536-B66C-B5156F676DB0}] => (Allow) LPort=6881
FirewallRules: [{E4EE7115-CE70-4356-934E-50D922791205}] => (Allow) LPort=33333
FirewallRules: [{ED999E59-89FA-409B-B0A1-B05C05375014}] => (Allow) LPort=20443
FirewallRules: [{FBF94A73-BCB5-487D-8660-0F24637D24AE}] => (Allow) LPort=8090
FirewallRules: [{240C7881-04EC-45D0-9F0D-1FE3DF251D60}] => (Allow) C:\Users\metalowa_glowa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D555520E-E97B-4B17-8EEA-8780346EB8EC}] => (Allow) C:\Users\metalowa_glowa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9AD9C7F3-3159-4296-B33B-05C97ABDBFCC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C2B783D-6F22-4699-B2C8-C90CEFC93FB2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{796EACC8-FCCE-423E-949B-F360A2FD5507}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{B2D33CFC-80C3-4977-92A4-1385D4FBA1E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{26E97B41-6605-429E-B7FE-F365821422E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4E93BC56-0546-4D29-8BC6-EB3C2A55B72B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{56280087-73E1-42FE-9E4C-7305A665AEB0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D0CB9301-6C63-438B-8335-AEBD6CDB6388}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{54EFB213-5EB8-4D0D-90A9-790EB7944E86}] => (Allow) D:\Program Files (x86)\Origin Games\Wing Commander III\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{45ACE8BC-705C-4BB3-A951-BA87E72BCB91}] => (Allow) D:\Program Files (x86)\Origin Games\Wing Commander III\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [TCP Query User{8A237FBB-A67F-4416-BAA9-91501203EC4C}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{C95B53D4-2E2F-4D99-B821-9D0141C8BC26}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{7EFAB168-C3F7-4BBB-816E-C5F25B073C17}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{138E28CD-18DA-46A1-B87A-51C978F29E3B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0ADE2D45-C5B6-445D-BD69-BA11682F606D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1E044D5B-2BB8-45F4-B9FA-AEAEE2E9FFBF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7B254982-8600-4724-8016-A2E95947B637}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Overlord\Overlord.exe
FirewallRules: [{33BFCF36-BDAC-4F2F-8737-42B47D254197}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Overlord\Overlord.exe
FirewallRules: [{A4F1EB70-4CAA-4DAE-91D6-86D97BD1CDA4}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Overlord\Config.exe
FirewallRules: [{9E37E036-9E77-4722-B452-B384E50FFCBD}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Overlord\Config.exe
FirewallRules: [{AD0E385C-01F6-4DBE-BB17-E93F77F2DA88}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Retro City Rampage\retrocityrampage.exe
FirewallRules: [{09E624C5-D175-42CB-B922-CF062DAF662B}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Retro City Rampage\retrocityrampage.exe
FirewallRules: [{0DD003F4-745A-44A2-A0C2-B859E8511DE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FF16D831-6559-4D87-901F-0F1FEA736C2B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{110C0099-FF7B-4BC8-B15E-8C457872B0CD}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{37E2243D-FAA6-496D-8DD2-CA0F5B122406}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{507D52F5-690E-4CDD-9BC3-FA1CCBB662F0}] => (Allow) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe
FirewallRules: [{BCB0A802-4E6E-44EF-A598-335B403F03BC}] => (Allow) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe
FirewallRules: [TCP Query User{F4B2E09C-7D84-448D-BF52-321C9E178370}D:\gry\shadow complex\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe] => (Allow) D:\gry\shadow complex\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe
FirewallRules: [UDP Query User{1E350FD5-4013-4ADB-8977-72FD86ABE5DC}D:\gry\shadow complex\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe] => (Allow) D:\gry\shadow complex\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe
FirewallRules: [{34B52435-81FB-4EE8-8D46-22F6250C7496}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{85FF5CB2-B450-424A-BC75-4208B7981698}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{B3A88267-63A7-4FEB-BF0A-4A3A2492EDE5}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{D3474797-9B96-4FA3-8789-F0C68ED715F2}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{C9134093-A65C-417F-A087-375F6A4DB7C2}] => (Allow) D:\Gry\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{9E673F1F-DBDC-4E70-A37E-F20949FA356E}] => (Allow) D:\Gry\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{773E9AA8-444D-4A9D-BA23-491C1B14D507}] => (Allow) D:\Gry\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{05BA1868-85BF-40FE-952B-A91BCF64BB61}] => (Allow) D:\Gry\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{F9FB06A3-9259-4B07-8D04-5EF8B0230461}] => (Allow) C:\Program Files (x86)\Muve\Muve Downloader\Launcher.exe
FirewallRules: [{B54F5450-711F-455F-8957-52BEB9F079F7}] => (Allow) C:\Program Files (x86)\Muve\Muve Downloader\Launcher.exe
FirewallRules: [{EBBD3910-619E-40D4-B8A9-4D687E0C0541}] => (Allow) C:\Program Files (x86)\Muve\Muve Downloader\MuveDownloader.exe
FirewallRules: [{E3E40F3E-6CE9-4811-AAC6-58EAE7301162}] => (Allow) C:\Program Files (x86)\Muve\Muve Downloader\MuveDownloader.exe
FirewallRules: [{B563AB2C-1E61-4DCD-9F9C-98270F73B496}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{313202F5-B64D-4EED-B842-26D7B795001D}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{60019253-1757-4934-90C7-E3917A003D1A}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\INK\INK.exe
FirewallRules: [{808D5863-6A8F-4B50-A08E-62C4C909C99E}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\INK\INK.exe
FirewallRules: [TCP Query User{398F515E-0B30-4742-AE08-F81B06E36E26}C:\program files (x86)\sega\aliens - colonial marines complete\binaries\win32\acm.exe] => (Block) C:\program files (x86)\sega\aliens - colonial marines complete\binaries\win32\acm.exe
FirewallRules: [UDP Query User{DEB117AD-B50C-4C99-8743-F12589C58335}C:\program files (x86)\sega\aliens - colonial marines complete\binaries\win32\acm.exe] => (Block) C:\program files (x86)\sega\aliens - colonial marines complete\binaries\win32\acm.exe
FirewallRules: [TCP Query User{BAAD5AEF-7A4B-4C2E-B766-27ECFDEF7F00}C:\program files (x86)\dark omen\prg\engrel.exe] => (Block) C:\program files (x86)\dark omen\prg\engrel.exe
FirewallRules: [UDP Query User{858987EF-8674-4ED2-978D-CEE3753D74F4}C:\program files (x86)\dark omen\prg\engrel.exe] => (Block) C:\program files (x86)\dark omen\prg\engrel.exe
FirewallRules: [{E9B08719-9A64-4651-BBB0-57B5991949D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{E3CA241F-7B33-4371-8B02-47066DBF6651}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Block) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{94E6C42D-C53E-4CA7-9AE0-D47985162A54}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Block) C:\program files (x86)\pc remote\pc remote\pcremote.exe
 
==================== Punkty Przywracania systemu =========================
 
18-08-2016 23:12:40 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
 
==================== Wadliwe urządzenia w Menedżerze urządzeń =============
 
Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Błędy w Dzienniku zdarzeń: =========================
 
Dziennik Aplikacja:
==================
Error: (08/19/2016 06:15:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: microsoftedgecp.exe, wersja: 11.0.14393.51, sygnatura czasowa: 0x57a0516c
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000604
Przesunięcie błędu: 0x0000000000000000
Identyfikator procesu powodującego błąd: 0x1cd8
Godzina uruchomienia aplikacji powodującej błąd: 0xmicrosoftedgecp.exe0
Ścieżka aplikacji powodującej błąd: microsoftedgecp.exe1
Ścieżka modułu powodującego błąd: microsoftedgecp.exe2
Identyfikator raportu: microsoftedgecp.exe3
Pełna nazwa pakietu powodującego błąd: microsoftedgecp.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: microsoftedgecp.exe5
 
Error: (08/19/2016 06:15:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: microsoftedgecp.exe, wersja: 11.0.14393.51, sygnatura czasowa: 0x57a0516c
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000604
Przesunięcie błędu: 0x0000000000000000
Identyfikator procesu powodującego błąd: 0x1cd8
Godzina uruchomienia aplikacji powodującej błąd: 0xmicrosoftedgecp.exe0
Ścieżka aplikacji powodującej błąd: microsoftedgecp.exe1
Ścieżka modułu powodującego błąd: microsoftedgecp.exe2
Identyfikator raportu: microsoftedgecp.exe3
Pełna nazwa pakietu powodującego błąd: microsoftedgecp.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: microsoftedgecp.exe5
 
Error: (08/19/2016 06:09:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: microsoftedgecp.exe, wersja: 11.0.14393.51, sygnatura czasowa: 0x57a0516c
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000604
Przesunięcie błędu: 0x0000000000000000
Identyfikator procesu powodującego błąd: 0x1bb4
Godzina uruchomienia aplikacji powodującej błąd: 0xmicrosoftedgecp.exe0
Ścieżka aplikacji powodującej błąd: microsoftedgecp.exe1
Ścieżka modułu powodującego błąd: microsoftedgecp.exe2
Identyfikator raportu: microsoftedgecp.exe3
Pełna nazwa pakietu powodującego błąd: microsoftedgecp.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: microsoftedgecp.exe5
 
Error: (08/18/2016 11:20:49 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3.
Element główny pliku manifestu musi być zmontowany.
 
Error: (08/18/2016 11:15:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury QueryFullProcessImageNameW.  hr = 0x80070006, Nieprawidłowe dojście.
.
 
 
Operacja:
   Wykonywanie operacji asynchronicznej
 
Kontekst:
   Stan bieżący: DoSnapshotSet
 
Error: (08/18/2016 11:14:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.
 
System Error:
Odmowa dostępu.
.
 
Error: (08/18/2016 11:13:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.
 
System Error:
Odmowa dostępu.
.
 
Error: (08/17/2016 08:53:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MetalowaGlowa)
Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2147023673. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
 
Error: (08/17/2016 01:21:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MetalowaGlowa)
Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
 
Error: (08/16/2016 11:45:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: Alliance.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x579b3da6
Nazwa modułu powodującego błąd: Alliance.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x579b3da6
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000002758e6
Identyfikator procesu powodującego błąd: 0x19d0
Godzina uruchomienia aplikacji powodującej błąd: 0xAlliance.exe0
Ścieżka aplikacji powodującej błąd: Alliance.exe1
Ścieżka modułu powodującego błąd: Alliance.exe2
Identyfikator raportu: Alliance.exe3
Pełna nazwa pakietu powodującego błąd: Alliance.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: Alliance.exe5
 
 
Dziennik System:
=============
Error: (08/19/2016 04:12:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa PinnacleUpdate Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (08/19/2016 04:12:40 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (08/19/2016 04:12:39 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (08/19/2016 04:12:39 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (08/19/2016 04:12:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa NetTcpActivator zależy od usługi NetTcpPortSharing, której nie można uruchomić z powodu następującego błędu: 
%%1058 = Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia.
 
Error: (08/19/2016 04:11:58 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Usługa Środowiska i telemetria połączonego użytkownika nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem.
 
Error: (08/19/2016 04:11:09 PM) (Source: DCOM) (EventID: 10010) (User: MetalowaGlowa)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (08/19/2016 03:48:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa PinnacleUpdate Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (08/19/2016 03:48:56 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (08/19/2016 03:48:53 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
 
CodeIntegrity:
===================================
  Date: 2016-08-11 17:48:53.439
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:53.344
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:53.304
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:53.232
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:53.205
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:53.163
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:51.652
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:51.109
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:46:58.753
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:46:58.733
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Statystyki pamięci =========================== 
 
Procesor: Intel® Core™ i7-2670QM CPU @ 2.20GHz
Procent pamięci w użyciu: 44%
Całkowita pamięć fizyczna: 6038.16 MB
Dostępna pamięć fizyczna: 3327.27 MB
Całkowita pamięć wirtualna: 7062.16 MB
Dostępna pamięć wirtualna: 4286.04 MB
 
==================== Dyski ================================
 
Drive c: () (Fixed) (Total:175.69 GB) (Free:45.76 GB) NTFS
Drive d: () (Fixed) (Total:514.15 GB) (Free:7.08 GB) NTFS
Drive f: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)]
 
==================== MBR & Tablica partycji ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=175.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=514.2 GB) - (Type=07 NTFS)
 
==================== Koniec  Addition.txt ============================
  

 



BC AdBot (Login to Remove)

 


#2 polskamachina

polskamachina

  • Malware Response Team
  • 4,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 AM

Posted 19 August 2016 - 12:53 PM

Hi MetalowaGlowa :)

 

My name is polskamachina and I would like to welcome you to the Malware Removal Forum. I will be helping you with your malware issues.

What follows below are some ground rules for this forum.
 

I will reply as soon as possible (typically within 24-48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, please let me know. I am in California at GMT-7 hours (Pacific Standard Time). If I do not respond to you within 48 hours, feel free to send me a private message.

Some points for you to keep in mind:

  • Do NOT run any tools unless instructed to do so.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine. Running any additional tools may detect false positives, interfere with our tools, cause unforeseen damage, or system instability.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • I cannot see your computer. Periodically update me on the condition of your computer, and provide as much detail as you can in every post.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.
  • NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a flash drive, anywhere except on the computer.
  • NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. Please remember to copy the entire post so you do not miss any instructions.

Please give me some time to review your situation and I will get back to you with further instructions.

 

polskamachina



#3 polskamachina

polskamachina

  • Malware Response Team
  • 4,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 AM

Posted 21 August 2016 - 10:27 AM

Hi MetalowaGlowa :)
 
Going over your logs I noticed that you have µTorrent installed

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs as this is by far the most likely reason you were infected!
  • Files that are downloaded from these website are most likely infected, and even though they may appear to be what you wanted, they may infect your computer at the same time! Do not download files from your p2p client and if you do always scan the file with your anti-virus before executing them!
  • Websites that contain links to download are also highly likely to try and infect your computer! Please avoid them as much as possible and if pop-up boxes appear, always try and close them by clicking the cross at the top right of the window or terminating the browser!
  • The best way to eliminate the risk of infection from p2p applications are to avoid these types of web sites and not use any P2P applications.
  • It is pretty much certain that if you continue to use P2P programs, you will get infected again.

I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove this program, you can do so:

  • Click on the lower left Windows icon (used to be the start button.)
  • Click on All apps
  • Click on Control panel
  • Click on Programs -> uninstall a program
  • Proceed and uninstall µTorrent

If you wish to keep it, please do not use it, until your computer is cleaned!
 
Next:
 
Please rerun the FRST64 program but I would like to see the logs in English. :)  Directions are below:

  • Navigate to your Downloads folder
  • Right click the FRST64 icon
  • Select the Rename option
  • Rename the file, EnglishFRST64.exe
  • Double-click the newly named file to run the program.
  • When the FRST window opens, check the box for Addition.txt
  • Click Scan
  • Copy and paste the FRST.txt and Addition.txt logs into your next reply to me

In summary I will need from you:

  • Let me know if you uninstalled µTorrent
  • FRST and Addition logs
  • AdwCleaner log from your previous scan (A copy of all logfiles are saved to C:\AdwCleaner) Please copy and paste the latest log into your next reply to me.
  • How is your computer performing now?

Let me know if you have any questions.
 
polskamachina



#4 MetalowaGlowa

MetalowaGlowa
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:12:09 PM

Posted 21 August 2016 - 01:19 PM

Here is the FRST scan. I'm having difficulty in copying/pasting text. Found the solution (remove the driver in device manager - restarted computer - and it worked but I was only able to paste FRST logs, I'll try another restart and post adwCleaner logs in the second post) sorry for the chaos. Looks like the infection stops me from getting help:)
Right now I'm typing and the letters appear really slowly (only in this forum). Sometimes web pages load longer than usual. No other disfunctions noticed.
As for the uTorrent - stopped using it as you've prescribed but not sure yet if I'll stop using it permamently. I remember though about a month ago - didn't terminate a popping window by "X" or closing web browser (which I usually do) but clicked the button - guess that was THE MISTAKE.
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-08-2016
Ran by metalowa_glowa (administrator) on METALOWAGLOWA (21-08-2016 19:46:00)
Running from C:\Users\metalowa_glowa\Downloads
Loaded Profiles: metalowa_glowa (Available Profiles: metalowa_glowa & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ericsson AB) C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PC Remote) C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\metalowa_glowa\Downloads\EnglishFRST64.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2370856 2010-09-24] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-05] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\Run: [PC Remote Server] => C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe [1190648 2014-10-12] (PC Remote)
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\Run: [metalowa_glowa] => explorer.exe hxxp://sd-steam.info <===== ATTENTION
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\RunOnce: [Uninstall C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\RunOnce: [Uninstall C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWoW64\nvinit.dll => C:\WINDOWS\SysWoW64\nvinit.dll [155952 2016-07-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software)
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-07-23]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-07-23]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-07-23]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.63
Tcpip\..\Interfaces\{485ebed6-fab5-4498-b889-9b560fbd2f13}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b82c5223-e8fa-4acc-b18a-543c18d3a4dd}: [DhcpNameServer] 62.179.1.61 62.179.1.63
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
 
FireFox:
========
FF ProfilePath: C:\Users\metalowa_glowa\AppData\Roaming\Mozilla\Firefox\Profiles\qp32ipc2.default-1455479818204
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [2014-09-01] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1362770674-4107001041-3769634335-1000: @my.com/Games -> C:\Users\metalowa_glowa\AppData\Local\MyComGames\NPMyComDetector.dll [2016-07-07] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-1362770674-4107001041-3769634335-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\metalowa_glowa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-04] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1362770674-4107001041-3769634335-1000: ubisoft.com/uplaypc -> D:\Gry\trials evol\datapack\orbit\npuplaypc.dll [No File]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-30]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
 
Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentacje Google) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-27]
CHR Extension: (Dokumenty Google) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-27]
CHR Extension: (Dysk Google) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Arkusze Google) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-02]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-05-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-21]
 
Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\metalowa_glowa\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-06-28]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [337408 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_2f1d7; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_2f1d7; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [803840 2016-07-16] (Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [245312 2016-06-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6211648 2016-06-08] (GOG.com)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
S3 Origin Client Service; D:\Gry\klient ORIGIN\OriginClientService.exe [2122248 2016-06-17] (Electronic Arts)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2015-08-06] (PowerUp Software, LLC) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-11-01] ()
S3 RmSvc; C:\Windows\System32\RMapi.dll [141312 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe [463912 2010-06-09] (Ericsson AB)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_2f1d7; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_2f1d7; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-08-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-04-14] ()
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-07-16] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel® Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [45920 2016-07-16] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-07-16] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-21 19:46 - 2016-08-21 19:46 - 00024507 _____ C:\Users\metalowa_glowa\Downloads\FRST.txt
2016-08-21 19:44 - 2016-08-21 19:44 - 03784256 _____ C:\Users\metalowa_glowa\Downloads\AdwCleaner.exe
2016-08-21 19:01 - 2016-08-21 19:01 - 00000000 ____H C:\ProgramData\cm-lock
2016-08-19 20:23 - 2016-08-19 20:23 - 00000723 _____ C:\Users\Public\Desktop\Okhlos.lnk
2016-08-19 20:23 - 2016-08-19 20:23 - 00000000 ____D C:\Users\metalowa_glowa\AppData\LocalLow\Coffee Powered Machine
2016-08-19 20:23 - 2016-08-19 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Okhlos [GOG.com]
2016-08-19 17:10 - 2016-08-19 17:10 - 00000000 _____ C:\Users\metalowa_glowa\Desktop\bleeping.txt
2016-08-19 16:51 - 2016-08-21 19:46 - 00000000 ____D C:\FRST
2016-08-19 16:50 - 2016-08-19 16:51 - 02394624 _____ (Farbar) C:\Users\metalowa_glowa\Downloads\EnglishFRST64.exe
2016-08-19 16:47 - 2016-08-19 16:47 - 00001831 _____ C:\Users\metalowa_glowa\Desktop\AdwCleaner.txt
2016-08-19 16:46 - 2016-08-19 16:46 - 00001124 _____ C:\Users\metalowa_glowa\Desktop\malware scan.txt
2016-08-16 22:56 - 2016-08-16 22:56 - 00000769 _____ C:\Users\metalowa_glowa\Desktop\Marvel Ultimate Alliance 2.lnk
2016-08-16 22:56 - 2016-08-16 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvel Ultimate Alliance 2
2016-08-14 21:34 - 2016-08-18 23:19 - 00000000 ____D C:\Users\metalowa_glowa\Documents\Telltale Games
2016-08-14 21:15 - 2016-08-14 21:15 - 00000000 ____D C:\Users\metalowa_glowa\Documents\Ghost Games
2016-08-14 20:48 - 2016-08-14 20:48 - 00594606 _____ C:\Users\metalowa_glowa\Downloads\SecondSight.WidescreenFix.zip
2016-08-14 20:35 - 2016-08-14 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GT Interactive
2016-08-14 20:34 - 2012-05-12 10:03 - 434159616 _____ C:\Users\metalowa_glowa\Desktop\Driver.iso
2016-08-14 19:06 - 2016-08-14 19:31 - 624341225 _____ C:\Users\metalowa_glowa\Downloads\Disneys_Tarzan_Action_Game-THEiSOZONE.7z
2016-08-14 18:27 - 2016-08-14 18:50 - 576755101 _____ C:\Users\metalowa_glowa\Downloads\Disneys_Hercules_Action_Game-THEiSOZONE.7z
2016-08-14 17:28 - 2016-08-14 17:36 - 178062547 _____ C:\Users\metalowa_glowa\Downloads\Dexters_Laboratory_-_Science_Aint_Fair-THEiSOZONE.7z
2016-08-14 15:16 - 2016-08-14 15:16 - 00000000 ____D C:\driver paralel lines
2016-08-14 15:08 - 2016-08-14 15:08 - 00000802 _____ C:\Users\Public\Desktop\The Wolf Among Us.lnk
2016-08-14 15:08 - 2016-08-14 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Wolf Among Us [GOG.com]
2016-08-14 01:17 - 2016-08-14 01:17 - 00000154 _____ C:\Users\Public\Desktop\Earth Defense Force Insect Armageddon.lnk
2016-08-14 01:17 - 2016-08-14 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D3Publisher
2016-08-13 23:23 - 2016-08-13 23:23 - 00000920 _____ C:\Users\metalowa_glowa\Desktop\Eisenhorn XENOS.lnk
2016-08-13 23:23 - 2016-08-13 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eisenhorn XENOS
2016-08-12 21:46 - 2016-08-12 21:46 - 00000000 ____D C:\Users\metalowa_glowa\AppData\LocalLow\Ghost Town Games
2016-08-09 20:29 - 2016-08-09 20:29 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-08-09 20:26 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-09 20:26 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-09 20:26 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-09 20:26 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-09 20:26 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-09 20:26 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-09 20:26 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-09 20:26 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-09 20:26 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-09 20:26 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-09 20:26 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-09 20:26 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-09 20:26 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-09 20:26 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-09 20:26 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-09 20:26 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-09 20:26 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-09 20:26 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-09 20:26 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-09 20:26 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-09 20:26 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 20:26 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-09 20:26 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-09 20:26 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-09 20:26 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-09 20:26 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-09 20:26 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-09 20:26 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-09 20:26 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-09 20:26 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-09 20:26 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-09 20:26 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-09 20:26 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-09 20:26 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-09 20:26 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-09 20:26 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-09 20:26 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-09 20:26 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-09 20:26 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-09 20:26 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-09 20:26 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-09 20:26 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-09 20:26 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-09 20:26 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-09 20:26 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-09 20:26 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-09 20:26 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-09 20:26 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-09 20:25 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-09 20:25 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-09 20:25 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-09 20:25 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-09 20:25 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-09 20:25 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-09 20:25 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-08 14:52 - 2016-08-08 14:52 - 00003640 _____ C:\WINDOWS\System32\Tasks\metalowa_glowa
2016-08-07 22:00 - 2016-08-07 22:03 - 03788441 _____ C:\Users\metalowa_glowa\Downloads\SC1_PS3_Textures.zip
2016-08-07 20:03 - 2016-08-07 20:05 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-08-07 19:33 - 2016-08-07 19:33 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2016-08-07 19:33 - 2016-08-07 19:33 - 00000000 ____D C:\WINDOWS\system32\NV
2016-08-07 19:33 - 2016-08-07 19:33 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-07 19:33 - 2016-07-11 04:34 - 01887800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvCamera64.dll
2016-08-07 19:33 - 2016-07-11 04:34 - 01595840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvCamera32.dll
2016-08-07 19:33 - 2016-05-04 04:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-08-07 19:33 - 2016-05-04 04:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-08-07 19:33 - 2016-05-04 04:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-08-07 19:33 - 2016-05-04 04:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-08-07 19:32 - 2016-07-11 04:34 - 00213952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-07 19:32 - 2016-07-11 04:34 - 00203320 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-07 19:30 - 2016-07-18 08:56 - 00047040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-08-07 19:30 - 2016-07-11 04:34 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 35117112 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 31680568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 25442240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 20417200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 17764408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 17463992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 14487768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 10700592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 10656296 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 10243600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 09028360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 08742360 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 08622576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 03382240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 02868160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 02497984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 01939000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436881.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436881.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00999872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00930360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00909248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00852024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00694488 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00583920 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-08-07 19:30 - 2016-07-11 04:34 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-08-07 19:27 - 2016-08-07 19:27 - 00000000 ____D C:\NVIDIA
2016-08-07 11:54 - 2016-08-19 20:04 - 00000000 ____D C:\Nowy folder
2016-08-06 15:33 - 2016-08-06 15:33 - 00000222 _____ C:\Users\metalowa_glowa\Desktop\Batman Arkham Origins Blackgate - Deluxe Edition.url
2016-08-06 11:49 - 2016-08-06 11:32 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-06 11:45 - 2016-08-17 19:46 - 00000000 ____D C:\Windows.old
2016-08-06 11:45 - 2016-08-06 11:45 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-06 11:45 - 2016-08-06 11:45 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-06 11:45 - 2016-08-06 11:45 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-06 11:45 - 2016-08-06 11:45 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-06 11:45 - 2016-08-06 11:45 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-06 11:45 - 2016-07-15 20:29 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-08-06 11:45 - 2016-07-15 20:29 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-08-06 11:45 - 2016-07-15 20:14 - 06354944 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-08-06 11:45 - 2016-07-15 19:45 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-08-06 11:45 - 2016-07-15 19:29 - 05489664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-08-06 11:44 - 2016-08-06 11:44 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\Program Files\MSBuild
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-06 11:41 - 2016-08-06 11:41 - 00000000 ____D C:\inetpub
2016-08-06 11:41 - 2016-08-06 11:08 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-06 11:40 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-06 11:40 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-06 11:40 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-06 11:40 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-06 11:40 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-06 11:40 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-06 11:30 - 2016-08-06 11:30 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2016-08-06 11:27 - 2016-08-06 11:27 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-06 11:24 - 2016-08-06 16:04 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\ConnectedDevicesPlatform
2016-08-06 11:24 - 2016-08-06 11:24 - 00000000 ____D C:\ProgramData\USOShared
2016-08-06 11:23 - 2016-08-06 11:23 - 00000020 ___SH C:\Users\metalowa_glowa\ntuser.ini
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Szablony
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Moje dokumenty
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Menu Start
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\Dane aplikacji
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historia
2016-08-06 11:23 - 2016-08-06 11:23 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dane aplikacji
2016-08-06 11:21 - 2016-08-06 11:22 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2016-08-06 11:21 - 2016-08-06 11:22 - 00011433 _____ C:\WINDOWS\diagerr.xml
2016-08-06 11:17 - 2016-08-21 19:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-06 11:17 - 2016-08-06 11:17 - 00003596 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-06 11:17 - 2016-08-06 11:17 - 00003494 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-08-06 11:17 - 2016-08-06 11:17 - 00003432 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1463820016
2016-08-06 11:17 - 2016-08-06 11:17 - 00003372 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-06 11:17 - 2016-08-06 11:17 - 00003356 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1407442411
2016-08-06 11:17 - 2016-08-06 11:17 - 00003188 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-08-06 11:17 - 2016-08-06 11:17 - 00002980 _____ C:\WINDOWS\System32\Tasks\CTF Host
2016-08-06 11:17 - 2016-08-06 11:17 - 00002814 _____ C:\WINDOWS\System32\Tasks\klcp_update
2016-08-06 11:17 - 2016-08-06 11:17 - 00002308 _____ C:\WINDOWS\System32\Tasks\{73EF4EB6-093C-4D3A-A3F9-87995FFD12A2}
2016-08-06 11:17 - 2016-08-06 11:17 - 00002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-06 11:17 - 2016-08-06 11:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-08-06 11:17 - 2016-08-06 11:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2016-08-06 11:05 - 2016-08-06 11:05 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-08-06 11:05 - 2016-08-06 11:05 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-06 11:00 - 2016-08-06 11:00 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-08-06 10:59 - 2016-08-06 11:08 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-06 10:57 - 2016-08-15 12:21 - 00000000 ____D C:\Users\metalowa_glowa
2016-08-06 10:57 - 2016-08-06 11:13 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Ustawienia lokalne
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Szablony
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Moje dokumenty
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Menu Start
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Documents\Moje wideo
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Documents\Moje obrazy
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Documents\Moja muzyka
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\Dane aplikacji
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\AppData\Local\Historia
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\metalowa_glowa\AppData\Local\Dane aplikacji
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Ustawienia lokalne
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Szablony
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Moje dokumenty
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Menu Start
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje wideo
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moje obrazy
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Moja muzyka
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Dane aplikacji
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historia
2016-08-06 10:57 - 2016-08-06 10:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Dane aplikacji
2016-08-06 10:56 - 2016-08-21 19:07 - 03094156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-06 10:56 - 2016-08-06 10:56 - 01539412 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-08-06 10:53 - 2016-08-06 10:53 - 00074452 _____ C:\WINDOWS\system32\Drivers\RTWAVES30.dat
2016-08-06 10:53 - 2016-08-06 10:53 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-06 10:53 - 2016-08-06 10:53 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-08-06 10:53 - 2016-08-06 10:53 - 00000000 ____D C:\Program Files\Realtek
2016-08-06 10:53 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-06 10:52 - 2016-08-07 19:33 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-06 10:52 - 2016-08-07 19:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-06 10:52 - 2016-08-06 11:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-06 10:52 - 2016-08-06 11:00 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-06 10:52 - 2016-08-06 10:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2016-08-06 10:52 - 2016-08-06 10:52 - 00000000 ____D C:\Program Files\Synaptics
2016-08-06 10:52 - 2016-07-11 00:58 - 06385720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 02465848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 01362880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-06 10:52 - 2016-07-11 00:58 - 00546240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-06 10:52 - 2016-07-07 19:05 - 07211925 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-06 10:50 - 2016-08-21 19:34 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-06 10:50 - 2016-08-09 22:08 - 00346680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-06 10:50 - 2016-08-06 10:50 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-02 22:43 - 2016-08-02 22:43 - 00000738 _____ C:\Users\metalowa_glowa\Desktop\Dark Messiah Of Might And Magic.lnk
2016-08-02 22:43 - 2016-08-02 22:43 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Dark Messiah Of Might And Magic
2016-08-02 21:14 - 2016-08-03 21:32 - 00000000 ____D C:\Users\metalowa_glowa\Desktop\Anatomy A Photographic Atlas, 8E Rohen [PDF] [ENG] [marta$]
2016-08-01 20:14 - 2016-08-01 20:17 - 00000000 ____D C:\książki
2016-08-01 12:58 - 2016-08-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-08-01 12:58 - 2016-08-01 12:58 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-08-01 12:55 - 2016-08-01 12:57 - 13682000 _____ (KLCP ) C:\Users\metalowa_glowa\Downloads\K-Lite_Codec_Pack_1225_Basic.exe
2016-08-01 12:51 - 2016-08-01 12:51 - 20256957 _____ ( ) C:\Users\metalowa_glowa\Downloads\klcp_update_1227_20160726.exe
2016-07-24 13:01 - 2016-07-24 13:01 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\CDex
2016-07-24 13:00 - 2016-07-24 13:00 - 06072993 _____ C:\Users\metalowa_glowa\Downloads\CDex-1.77-portable-unicode.zip
2016-07-23 13:42 - 2016-07-15 23:10 - 07155655 _____ C:\Users\metalowa_glowa\Desktop\Lothar_Wicke-Atlas_anatomii_radiologicznej(2009).djvu
2016-07-23 10:06 - 2016-07-23 10:20 - 337290857 _____ C:\Users\metalowa_glowa\Downloads\ESPNExtremeGames.7z
2016-07-23 08:13 - 2016-07-23 09:01 - 00136882 _____ C:\Users\metalowa_glowa\Desktop\Bookmarks.txt
2016-07-23 07:50 - 2016-08-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2016-07-23 07:50 - 2016-07-23 07:50 - 00002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
2016-07-23 07:50 - 2016-07-23 07:50 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
2016-07-23 07:50 - 2016-07-23 07:50 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-07-23 07:50 - 2016-07-23 07:50 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\WinZip
2016-07-23 07:49 - 2016-07-23 07:50 - 00000000 ____D C:\ProgramData\WinZip
2016-07-23 07:49 - 2016-07-23 07:49 - 00712896 _____ (WinZip Computing, S.L.) C:\Users\metalowa_glowa\Downloads\winzip20_c1.exe
2016-07-23 07:49 - 2016-07-23 07:49 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 20.5
2016-07-23 07:49 - 2016-07-23 07:49 - 00000000 ____D C:\ProgramData\UniqueId
2016-07-23 07:49 - 2016-07-23 07:49 - 00000000 ____D C:\Program Files\WinZip
2016-07-23 07:41 - 2016-07-23 07:42 - 00000000 ____D C:\Users\metalowa_glowa\Desktop\masaż
2016-07-22 19:55 - 2016-08-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crimzon Clover - World Ignition [GOG.com]
2016-07-22 19:55 - 2016-07-22 19:55 - 00001872 _____ C:\Users\Public\Desktop\Crimzon Clover - World Ignition.lnk
2016-07-22 19:49 - 2016-08-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zombie Night Terror [GOG.com]
2016-07-22 19:49 - 2016-07-22 19:49 - 00001673 _____ C:\Users\Public\Desktop\Zombie Night Terror.lnk
2016-07-22 19:48 - 2016-07-22 22:18 - 00000000 ____D C:\Users\metalowa_glowa\AppData\LocalLow\NoClip
2016-07-22 19:46 - 2016-08-06 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zombie Vikings
2016-07-22 19:46 - 2016-07-22 19:46 - 00000712 _____ C:\Users\metalowa_glowa\Desktop\Zombie Vikings.lnk
2016-07-22 19:42 - 2016-07-22 19:43 - 172861247 _____ () C:\Users\metalowa_glowa\Downloads\tfd-103-rev4.exe
2016-07-22 19:39 - 2016-07-22 19:41 - 172860008 _____ () C:\Users\metalowa_glowa\Downloads\Niepotwierdzony 997822.crdownload
2016-07-22 19:22 - 2016-07-22 19:23 - 172861096 _____ () C:\Users\metalowa_glowa\Downloads\Niepotwierdzony 181353.crdownload
2016-07-22 05:51 - 2016-07-22 05:51 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2016-07-22 05:51 - 2016-07-22 05:51 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-08-21 19:42 - 2012-08-07 23:04 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\vlc
2016-08-21 19:07 - 2016-07-17 00:05 - 01274006 _____ C:\WINDOWS\system32\perfh015.dat
2016-08-21 19:07 - 2016-07-17 00:05 - 00335302 _____ C:\WINDOWS\system32\perfc015.dat
2016-08-21 19:01 - 2014-12-04 23:35 - 00119296 _____ C:\WINDOWS\SysWOW64\zlib.dll
2016-08-20 08:16 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-19 19:35 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-19 17:16 - 2015-11-17 22:50 - 00000000 ____D C:\AdwCleaner
2016-08-19 16:37 - 2012-07-25 22:53 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\ElevatedDiagnostics
2016-08-19 16:23 - 2014-10-06 18:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-19 15:40 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-19 15:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-19 15:40 - 2016-05-20 00:31 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\Packages
2016-08-18 23:09 - 2012-08-07 18:44 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\uTorrent
2016-08-18 18:04 - 2016-06-12 14:13 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\AIMP
2016-08-17 01:21 - 2012-09-15 13:06 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-14 15:22 - 2012-09-01 14:46 - 00000000 ____D C:\Users\metalowa_glowa\Documents\My Games
2016-08-14 15:14 - 2016-06-27 23:41 - 00000000 ____D C:\gry
2016-08-14 01:29 - 2012-08-11 18:45 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\SKIDROW
2016-08-13 14:44 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-12 22:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-12 21:33 - 2012-08-07 18:02 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-11 23:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-09 22:09 - 2016-02-13 19:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-09 22:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-09 20:36 - 2014-06-30 20:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-09 20:30 - 2012-08-07 20:20 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-07 19:32 - 2014-08-03 12:09 - 00000000 ____D C:\temp
2016-08-07 17:55 - 2015-03-01 22:28 - 00000000 ____D C:\Dell
2016-08-07 16:13 - 2015-05-05 13:28 - 00000000 ____D C:\Users\metalowa_glowa\chomik
2016-08-07 15:56 - 2013-04-08 17:20 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Local\ChomikBox
2016-08-07 15:47 - 2013-04-08 17:20 - 00000000 ____D C:\Users\metalowa_glowa\.gstreamer-0.10
2016-08-07 10:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-06 11:49 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-06 11:45 - 2016-07-17 00:05 - 00000000 ____D C:\WINDOWS\OCR
2016-08-06 11:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-06 11:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-08-06 11:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-06 11:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-08-06 11:41 - 2016-07-16 13:44 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-08-06 11:41 - 2016-07-16 13:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-08-06 11:41 - 2016-07-16 13:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-08-06 11:41 - 2016-07-16 13:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-08-06 11:41 - 2016-07-16 13:44 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-08-06 11:41 - 2016-07-16 13:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-08-06 11:41 - 2016-07-16 13:44 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-08-06 11:41 - 2016-07-16 13:43 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-08-06 11:41 - 2016-07-16 13:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-08-06 11:41 - 2016-07-16 13:43 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-08-06 11:41 - 2016-07-16 13:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-08-06 11:41 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-08-06 11:41 - 2016-07-16 13:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-08-06 11:41 - 2016-07-16 13:43 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-08-06 11:41 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-08-06 11:41 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-08-06 11:34 - 2012-08-07 20:20 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-08-06 11:28 - 2016-05-20 00:34 - 00002481 _____ C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-06 11:28 - 2016-05-20 00:34 - 00000000 ___RD C:\Users\metalowa_glowa\OneDrive
2016-08-06 11:24 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-06 11:24 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-06 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-06 11:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-06 11:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-06 11:21 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-06 11:17 - 2016-05-19 23:56 - 00023140 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-06 11:16 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-08-06 11:16 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-06 11:08 - 2016-07-17 00:04 - 00000000 ____D C:\WINDOWS\system32\0409
2016-08-06 11:08 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-06 11:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System
2016-08-06 11:08 - 2016-07-16 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teenage Mutant Ninja Turtles Mutants in Manhattan
2016-08-06 11:08 - 2016-07-12 18:56 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote
2016-08-06 11:08 - 2016-07-08 08:50 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2016-08-06 11:08 - 2016-07-07 06:27 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2016-08-06 11:08 - 2016-07-06 21:03 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-08-06 11:08 - 2016-07-06 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Fend Reloaded
2016-08-06 11:08 - 2016-07-02 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zombie Army Trilogy
2016-08-06 11:08 - 2016-06-29 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops 2
2016-08-06 11:08 - 2016-06-28 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Batman [GOG.com]
2016-08-06 11:08 - 2016-06-27 08:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Professional
2016-08-06 11:08 - 2016-06-27 08:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Photo Recovery
2016-08-06 11:08 - 2016-06-12 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2016-08-06 11:08 - 2016-06-05 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-08-06 11:08 - 2016-06-04 21:28 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rock of Ages
2016-08-06 11:08 - 2016-05-26 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxLauncher
2016-08-06 11:08 - 2016-05-01 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-08-06 11:08 - 2016-05-01 18:57 - 00000000 ____D C:\WINDOWS\SysWOW64\QuickTime
2016-08-06 11:08 - 2016-03-18 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Muve
2016-08-06 11:08 - 2016-03-04 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
2016-08-06 11:08 - 2016-02-13 19:39 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-06 11:08 - 2015-12-26 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZTE MF823
2016-08-06 11:08 - 2015-12-11 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robin Hood - Legenda Sherwood
2016-08-06 11:08 - 2015-12-01 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
2016-08-06 11:08 - 2015-11-30 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2016-08-06 11:08 - 2015-11-26 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fire Chief
2016-08-06 11:08 - 2015-08-28 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\King Arthur
2016-08-06 11:08 - 2015-08-16 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2016-08-06 11:08 - 2015-07-21 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BYclouder LG Lumia 620 Video Converter
2016-08-06 11:08 - 2015-05-03 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2016-08-06 11:08 - 2015-04-18 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-06 11:08 - 2015-02-03 23:38 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2016-08-06 11:08 - 2015-01-27 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2016-08-06 11:08 - 2014-11-15 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-06 11:08 - 2014-11-10 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-08-06 11:08 - 2014-11-09 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2016-08-06 11:08 - 2014-10-06 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-06 11:08 - 2014-09-28 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANZERS - Phase1
2016-08-06 11:08 - 2014-09-21 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-06 11:08 - 2014-08-13 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2016-08-06 11:08 - 2014-08-07 00:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne
2016-08-06 11:08 - 2014-08-06 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-08-06 11:08 - 2014-08-06 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-08-06 11:08 - 2013-06-03 17:00 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-08-06 11:08 - 2013-04-08 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
2016-08-06 11:08 - 2013-03-13 20:54 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-06 11:08 - 2013-03-13 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-06 11:08 - 2012-10-28 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView
2016-08-06 11:08 - 2012-09-30 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-08-06 11:08 - 2012-09-15 13:12 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-06 11:08 - 2012-09-15 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-06 11:08 - 2012-09-03 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
2016-08-06 11:08 - 2012-09-01 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-08-06 11:08 - 2012-09-01 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polish Empire Mod
2016-08-06 11:08 - 2012-08-26 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt
2016-08-06 11:08 - 2012-08-12 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2016-08-06 11:08 - 2012-08-09 21:39 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-08-06 11:08 - 2012-08-09 21:26 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dark Omen
2016-08-06 11:08 - 2012-08-08 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-06 11:08 - 2012-08-07 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-06 11:08 - 2012-07-26 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Off
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\2C0A
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0C0A
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0C04
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0816
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0804
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0424
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\041F
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\041E
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\041D
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\041B
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0419
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0416
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0415
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0414
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0413
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0412
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0411
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0410
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\040E
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\040D
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\040C
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\040B
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\040A
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0408
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0407
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0406
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0405
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0404
2016-08-06 11:08 - 2012-07-25 22:43 - 00000000 ____D C:\WINDOWS\system32\0401
2016-08-06 11:08 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-06 11:05 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-06 11:05 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-06 11:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-06 11:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-06 11:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-06 11:02 - 2015-12-26 19:14 - 00000000 ____D C:\WINDOWS\SysWOW64\SupportAppPBZTE MF823
2016-08-06 11:02 - 2014-08-03 13:23 - 00000000 ____D C:\WINDOWS\SysWOW64\SDA
2016-08-06 11:02 - 2013-09-11 13:56 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-08-06 11:02 - 2012-08-07 21:05 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2016-08-06 11:02 - 2012-08-07 17:37 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-08-06 11:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-06 11:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-06 11:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\schemas
2016-08-06 11:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-06 11:01 - 2016-05-01 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MumboJumbo
2016-08-06 11:01 - 2016-04-11 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine Ltd
2016-08-06 11:01 - 2015-11-26 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-08-06 11:01 - 2015-03-29 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2016-08-06 11:01 - 2014-04-01 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RePack by XLASER
2016-08-06 11:01 - 2014-02-14 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-08-06 11:01 - 2013-10-02 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2016-08-06 11:01 - 2013-07-21 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPSS Inc
2016-08-06 11:01 - 2013-04-24 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URUSoft
2016-08-06 11:01 - 2012-09-15 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-08-06 11:01 - 2012-08-11 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Namco Bandai Games
2016-08-06 11:01 - 2012-08-07 17:11 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-08-06 11:01 - 2012-07-25 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2016-08-06 11:01 - 2009-07-14 20:09 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-08-06 11:00 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-08-06 11:00 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-08-06 11:00 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-06 11:00 - 2016-07-06 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
2016-08-06 11:00 - 2015-10-28 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Double Eleven
2016-08-06 11:00 - 2015-08-27 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company
2016-08-06 11:00 - 2015-08-09 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2016-08-06 11:00 - 2015-07-21 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft
2016-08-06 11:00 - 2013-09-26 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-08-06 11:00 - 2013-02-17 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2016-08-06 11:00 - 2012-11-01 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
2016-08-06 11:00 - 2012-10-01 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-08-06 11:00 - 2012-09-09 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
2016-08-06 11:00 - 2012-08-12 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2016-08-06 10:59 - 2013-10-05 10:01 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-08-06 10:58 - 2015-09-03 18:33 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra
2016-08-06 10:58 - 2013-10-22 21:42 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trust
2016-08-06 10:58 - 2013-06-28 23:58 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Neverwinter Nights
2016-08-06 10:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-06 10:53 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-06 10:53 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-06 10:53 - 2014-11-08 18:18 - 00000000 ____D C:\Intel
2016-08-06 10:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2016-08-06 10:19 - 2015-02-27 23:08 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-06 09:34 - 2015-09-23 00:02 - 00000992 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-08-06 09:33 - 2016-01-04 14:24 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-06 09:22 - 2015-02-27 23:08 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-05 20:04 - 2016-05-21 10:39 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-08-05 20:04 - 2016-05-21 10:39 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-03 00:42 - 2016-06-28 22:37 - 00000000 ____D C:\Users\metalowa_glowa\pinnacle profiles
2016-08-01 12:53 - 2016-05-27 10:22 - 00000000 ____D C:\ProgramData\Skype
2016-08-01 12:53 - 2012-09-02 21:27 - 00000000 ____D C:\Users\metalowa_glowa\AppData\Roaming\Skype
2016-07-24 19:34 - 2014-09-21 15:53 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-24 19:33 - 2016-05-27 14:33 - 00000000 ____D C:\Users\metalowa_glowa\.oracle_jre_usage
2016-07-24 19:33 - 2014-09-21 15:53 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-07-23 08:13 - 2015-11-03 20:33 - 00000000 ____D C:\Users\metalowa_glowa\Desktop\śmietniczek przechodni
2016-07-23 07:53 - 2016-07-03 17:47 - 00000000 ____D C:\Users\metalowa_glowa\Desktop\Human Anatomy, 4 edition
 
==================== Files in the root of some directories =======
 
2013-02-17 05:27 - 2013-02-17 05:27 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2015-04-07 18:22 - 2015-04-07 18:22 - 0000551 _____ () C:\Users\metalowa_glowa\AppData\Roaming\AutoGK.ini
2013-09-16 14:18 - 2013-09-16 14:18 - 0000102 _____ () C:\Users\metalowa_glowa\AppData\Local\fusioncache.dat
2013-09-11 14:46 - 2013-09-11 14:46 - 0021086 _____ () C:\Users\metalowa_glowa\AppData\Local\IWDAudHelper.20130911.144608.txt
2013-09-12 20:14 - 2013-09-12 20:14 - 0002242 _____ () C:\Users\metalowa_glowa\AppData\Local\IWDAudHelper.20130912.201427.txt
2013-09-12 20:22 - 2013-09-12 20:22 - 0023560 _____ () C:\Users\metalowa_glowa\AppData\Local\IWDAudHelper.20130912.202208.txt
2013-09-14 11:46 - 2013-09-14 11:46 - 0002264 _____ () C:\Users\metalowa_glowa\AppData\Local\IWDAudHelper.20130914.114650.txt
2013-09-16 13:55 - 2013-09-16 13:55 - 0002242 _____ () C:\Users\metalowa_glowa\AppData\Local\IWDAudHelper.20130916.135523.txt
2014-08-25 23:50 - 2014-08-25 23:50 - 0000000 ___SH () C:\Users\metalowa_glowa\AppData\Local\LumaEmu
2013-09-11 14:44 - 2013-09-11 14:44 - 0001626 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144433.txt
2013-09-11 14:45 - 2013-09-11 14:45 - 0000661 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144546.txt
2013-09-11 14:45 - 2013-09-11 14:45 - 0001651 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144548.txt
2013-09-11 14:45 - 2013-09-11 14:45 - 0001245 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144552.txt
2013-09-11 14:46 - 2013-09-11 14:46 - 0001227 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144631.txt
2013-09-11 14:47 - 2013-09-11 14:47 - 0001587 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144726.txt
2013-09-11 14:48 - 2013-09-11 14:48 - 0001613 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130911.144829.txt
2013-09-12 14:15 - 2013-09-12 14:15 - 0001612 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.141505.txt
2013-09-12 14:17 - 2013-09-12 14:17 - 0001563 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.141713.txt
2013-09-12 14:21 - 2013-09-12 14:21 - 0001611 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.142109.txt
2013-09-12 20:06 - 2013-09-12 20:06 - 0001589 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.200656.txt
2013-09-12 20:14 - 2013-09-12 20:14 - 0000671 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.201421.txt
2013-09-12 20:14 - 2013-09-12 20:14 - 0001245 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.201426.txt
2013-09-12 20:20 - 2013-09-12 20:20 - 0001644 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202049.txt
2013-09-12 20:21 - 2013-09-12 20:21 - 0000661 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202138.txt
2013-09-12 20:21 - 2013-09-12 20:21 - 0001666 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202139.txt
2013-09-12 20:21 - 2013-09-12 20:21 - 0001227 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202146.txt
2013-09-12 20:22 - 2013-09-12 20:22 - 0001229 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202237.txt
2013-09-12 20:23 - 2013-09-12 20:23 - 0001613 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.202316.txt
2013-09-12 20:32 - 2013-09-12 20:32 - 0001613 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130912.203212.txt
2013-09-14 11:46 - 2013-09-14 11:46 - 0000673 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130914.114643.txt
2013-09-14 11:46 - 2013-09-14 11:46 - 0001229 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130914.114649.txt
2013-09-16 13:55 - 2013-09-16 13:55 - 0000671 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130916.135512.txt
2013-09-16 13:55 - 2013-09-16 13:55 - 0001227 _____ () C:\Users\metalowa_glowa\AppData\Local\PDLSetup.20130916.135522.txt
2013-04-28 20:16 - 2013-04-28 20:16 - 0002439 _____ () C:\Users\metalowa_glowa\AppData\Local\unins000.dat
2013-04-28 20:16 - 2013-04-28 20:16 - 0011761 _____ () C:\Users\metalowa_glowa\AppData\Local\unins000.msg
2013-09-11 14:12 - 2013-09-11 14:13 - 0012056 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130911.141225.wdl
2013-09-11 14:13 - 2013-09-11 14:15 - 0012734 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130911.141321.wdl
2013-09-11 14:49 - 2013-09-11 14:50 - 0014767 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130911.144954.wdl
2013-09-12 15:18 - 2013-09-12 15:25 - 0015554 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130912.151826.wdl
2013-09-12 20:05 - 2013-09-12 20:06 - 0016003 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130912.200559.wdl
2013-09-12 20:19 - 2013-09-12 20:19 - 0015674 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130912.201920.wdl
2013-09-12 20:25 - 2013-09-12 20:25 - 0015967 _____ () C:\Users\metalowa_glowa\AppData\Local\WiDiSetupLog.20130912.202528.wdl
2016-08-21 19:01 - 2016-08-21 19:01 - 0000000 ____H () C:\ProgramData\cm-lock
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-08-16 20:31
 
==================== End of FRST.txt ============================
 
 
Addition:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2016
Ran by metalowa_glowa (21-08-2016 19:46:51)
Running from C:\Users\metalowa_glowa\Downloads
Windows 10 Home Version 1607 (X64) (2016-08-06 09:23:49)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1362770674-4107001041-3769634335-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1362770674-4107001041-3769634335-1005 - Limited - Enabled)
Gość (S-1-5-21-1362770674-4107001041-3769634335-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1362770674-4107001041-3769634335-1009 - Limited - Enabled)
Konto domyślne (S-1-5-21-1362770674-4107001041-3769634335-503 - Limited - Disabled)
metalowa_glowa (S-1-5-21-1362770674-4107001041-3769634335-1000 - Administrator - Enabled) => C:\Users\metalowa_glowa
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Advanced Video FX Engine (HKLM-x32\...\Advanced Video FX Engine) (Version:  - )
AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1725, 11.06.2016 - AIMP DevTeam)
Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version:  - Microsoft)
Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version:  - Microsoft)
Alice: Madness Returns (HKLM-x32\...\Alice: Madness Returns_is1) (Version:  - )
Aliens - Colonial Marines Complete (HKLM-x32\...\Aliens - Colonial Marines Complete_is1) (Version:  - )
Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
Any Video Converter Ultimate 5.8.0 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Armored Warfare MyCom (HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\Armored Warfare MyCom) (Version: 1.91 - My.com B.V.)
Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Batman™: Arkham Origins Blackgate - Deluxe Edition (HKLM\...\Steam App 267490) (Version:  - Armature Studio)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Brothers in Arms - Road to Hill 30 (HKLM-x32\...\Brothers in Arms - Road to Hill 30_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Call of Duty Black Ops 2 (HKLM-x32\...\{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1) (Version: 1.0 - Treyarch)
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version:  - ) Hidden
Cataclysm (HKLM-x32\...\Cataclysm) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
ChomikBox (HKLM-x32\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl)
Convoy (HKLM-x32\...\1432538826_is1) (Version: 2.4.0.5 - GOG.com)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.23 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crysis® (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Dark Messiah Of Might And Magic (HKLM-x32\...\Dark Messiah Of Might And Magic_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell Wireless HSPA Mini-Card Drivers (HKLM-x32\...\{9D583F01-A973-4B04-90BD-FB7886779090}) (Version: 6.1.24.4 - Dell)
D-Fend Reloaded 1.4.4 (odinstaluj) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.4 - Alexander Herzog)
DOFix (HKLM\...\{6541f1bd-90c1-48c0-973b-d9bca7361f52}.sdb) (Version:  - )
Dragon Ball Xenoverse - Bundle Edition (HKLM-x32\...\Dragon Ball Xenoverse - Bundle Edition_is1) (Version:  - )
Earth Defense Force Insect Armageddon (HKLM-x32\...\Earth Defense Force Insect Armageddon_is1) (Version:  - )
e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 8.0.7 - Ministerstwo Finansow)
e-Deklaracje Desktop (x32 Version: 8.0.7 - Ministerstwo Finansow) Hidden
Eisenhorn XENOS (HKLM-x32\...\Eisenhorn XENOS_is1) (Version:  - )
Epic Games Launcher (HKLM-x32\...\{50CBA62D-4E71-47DE-B37B-0C36DD9121DE}) (Version: 1.1.47.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
Fire Chief version 1.0 (HKLM-x32\...\{E9E40B7E-EECE-4B08-992E-95456FFAD5C3}_is1) (Version: 1.0 - DreamCatcher Interactive Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freespace 2 (HKLM-x32\...\Freespace 2_is1) (Version:  - GOG.com)
Gaming Mouse (HKLM-x32\...\Gaming Mouse) (Version:  - )
Ghostbusters ™: The Video Game (x32 Version: 1.00.0000 - Atari) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV v.1.07.0 (HKLM-x32\...\Grand Theft Auto IV_is1) (Version:  - )
Ground Control (HKLM-x32\...\Ground Control) (Version:  - )
GT Interactive - Driver (HKLM-x32\...\GT Interactive - Driver) (Version:  - )
Gtk# for .Net 2.12.10 (HKLM-x32\...\{04AE3BBC-ABFF-42CC-9F90-5B35D229328A}) (Version: 2.12.10 - Xamarin, Inc.)
Heroes of Might and Magic V (HKLM-x32\...\{C0086B27-8E52-42D4-8393-236391EF18F6}) (Version: 1.00.0000 - Ubisoft)
Homeworld (HKLM-x32\...\Homeworld) (Version:  - )
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version:  - Gearbox Software)
Human Anatomy Atlas 3.0.1 (HKLM-x32\...\Human Anatomy Atlas 3.0.1) (Version:  - )
Hyper Light Drifter (HKLM-x32\...\1452863689_is1) (Version: 2.0.0.2 - GOG.com)
INK (HKLM\...\Steam App 385710) (Version:  - ZackBellGames)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.64.1 - JMicron Technology Corp.)
Keyboard Lock Status (HKLM-x32\...\{144A1586-E16C-448D-910D-E12ACD65DD98}) (Version: 1.00.0000 - Logitech)
King Arthur (HKLM-x32\...\King Arthur) (Version:  - )
K-Lite Codec Pack 12.2.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.2.5 - KLCP)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legacy of Kain (HKLM-x32\...\KainUninstallKey) (Version:  - )
LEGO® Batman™ - The Videogame (HKLM-x32\...\1423058542_is1) (Version: 2.0.0.5 - GOG.com)
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvel Ultimate Alliance 2 (HKLM-x32\...\Marvel Ultimate Alliance 2_is1) (Version:  - )
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Max Payne (HKLM-x32\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version:  - )
Men of War (HKLM-x32\...\{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}) (Version: 1.17.5.1 - 1C Company)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 pl)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Muve Downloader (HKLM-x32\...\{29850ACF-D3C1-4EEC-84C4-DE795C6207F1}) (Version: 1.5.0 - Muve)
My.com Game Center (HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\MyComGames) (Version: 3.183 - My.com B.V.)
Myth III - The Wolf Age (HKLM-x32\...\{2A48215C-E018-4F4B-9285-3CDC88C6992A}) (Version:  - )
NapiProjekt (2.0.0.2151) (HKLM-x32\...\NapiProjekt_is1) (Version:  - )
NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.81 - NVIDIA Corporation)
Okhlos (HKLM-x32\...\1318673719_is1) (Version: 2.0.0.3 - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{e6d17d96-ddaa-476f-bb07-db601024ffb1}) (Version: 15.8.0 - Intel Corporation)
Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.13 - Intel® Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Overlord (HKLM-x32\...\Steam App 11450) (Version:  - Triumph Studios)
Overlord: Raising Hell (HKLM\...\Steam App 12710) (Version:  - Triumph Studios)
PAC-MAN Championship Edition DX+ (HKLM\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Panel sterowania NVIDIA 368.81 (Version: 368.81 - NVIDIA Corporation) Hidden
Panzer Corps Soviet Corps (HKLM-x32\...\Panzer Corps Soviet Corps_is1) (Version:  - )
PANZERS - Phase1 (HKLM-x32\...\PANZERS - Phase1) (Version:  - )
Party Hard (HKLM-x32\...\Steam App 356570) (Version:  - Pinokl Games)
PC Remote (HKLM-x32\...\{C934DF74-D0D9-445C-90AA-34012A04E11D}) (Version: 3.51 - PC Remote)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
Penarium (HKLM-x32\...\UGVuYXJpdW0=_is1) (Version: 1 - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 8.2.8 - PowerUp Software)
PixelJunk Shooter Ultimate (HKLM-x32\...\PixelJunk Shooter Ultimate_is1) (Version:  - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
Rayman Forever (HKLM-x32\...\Rayman Forever_is1) (Version:  - GOG.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Retro City Rampage™ DX (HKLM-x32\...\Steam App 204630) (Version:  - Vblank Entertainment, Inc.)
Robin Hood - Legenda Sherwood (HKLM-x32\...\{9C748279-288D-11D7-928D-00C0CA129740}) (Version: 1.00.000 - )
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Second Sight (HKLM-x32\...\Second Sight_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}) (Version: 7.0.27.13 - Mad Catz)
Sniper Elite (HKLM-x32\...\Sniper Elite_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Spider-Man 3 ™ (HKLM-x32\...\InstallShield_{990166FA-1ACB-4AA7-B592-4D370C7CDD1A}) (Version: 1.00.0000 - Activision)
Spider-Man 3™ (x32 Version: 1.00.0000 - Activision) Hidden
SPSS Statistics 17.0 (HKLM-x32\...\{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}) (Version: 17.0.0 - SPSS Inc.)
Star Wars: Dark Forces (HKLM-x32\...\Steam App 32400) (Version:  - LucasArts)
STAR WARS® - Rogue Squadron 3D (HKLM-x32\...\1421404950_is1) (Version: 2.0.0.3 - GOG.com)
STAR WARS™ - X-Wing Collector's CD (1994) (HKLM-x32\...\1207667213_is1) (Version: 2.0.0.2 - GOG.com)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
Switch Off (HKLM-x32\...\SwitchOff) (Version: 2.3 - YaSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.15.0 - Synaptics Incorporated)
T3A Patch for BFME 1 version 1.06 (HKLM-x32\...\T3APATCH106_is1) (Version: 1.06 - )
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Teenage Mutant Ninja Turtles Mutants in Manhattan (HKLM-x32\...\Teenage Mutant Ninja Turtles Mutants in Manhattan_is1) (Version:  - )
The Aquatic Adventure of the Last Human (HKLM-x32\...\1452863102_is1) (Version: 2.3.0.4 - GOG.com)
The Battle for Middle-earth ™ (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version:  - )
The Wolf Among Us (HKLM-x32\...\1432213513_is1) (Version: 2.0.0.1 - GOG.com)
Tomb Raider 1 + 2 + 3 (HKLM-x32\...\Tomb Raider 1 + 2 + 3_is1) (Version:  - GOG.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
USB Network Joystick (HKLM-x32\...\{2A558A06-A44E-400D-95AD-D9FAA89AFD36}) (Version: 2007.03.12 - )
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Warhammer Battle March (HKLM-x32\...\{ABC91C39-266D-4042-828E-4386E0F25218}) (Version: 2.0.0 - Namco Bandai Games)
WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{99759E36-8961-43DC-A7E6-4601D6AEF166}) (Version: 1.1.2726.0 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
World of Tanks (HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
wxLauncher (HKLM-x32\...\wxLauncher) (Version: 0.10.1 - wxLauncher Team)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.0.20140401 - Xilisoft)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)
Zombie Army Trilogy (HKLM-x32\...\Zombie Army Trilogy_is1) (Version:  - )
Zombie Vikings (HKLM-x32\...\Zombie Vikings_is1) (Version:  - )
ZTE MF823 (HKLM-x32\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1362770674-4107001041-3769634335-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1362770674-4107001041-3769634335-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
Task: {06CFDD4F-E981-4492-9A4C-7894AA935D9B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1357AE7B-D1E0-43E7-9878-589ED6E98090} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {18970E0A-9F92-45B9-8DFD-48C04EA67D6E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {1D8F00F2-83A4-4447-A584-6FE57C9D0D1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1F147B56-BF7A-4FE6-B713-99FCB028A0E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {231A0272-DDE1-437B-BAE5-AA39076D50F8} - System32\Tasks\SafeZone scheduled Autoupdate 1463820016 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {24D0E25A-FDEC-427A-A95D-6F8A6B332640} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {27344CD4-7DFD-40C8-90F4-88C19300B572} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {2A06755B-5246-4556-9B08-D5EFE7EBC7EC} - \avast! Emergency Update -> No File <==== ATTENTION
Task: {33FCFF72-8F16-4414-BB07-D9482C615111} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3A9F3E84-B970-4084-A869-B5D562D3FFDE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {3B7F77FF-1555-4847-8D9B-02420EA57F46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {42B51337-0C61-45C9-8A08-C894AC9B3295} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {44F29258-32F6-4111-A888-F5A00F688FF1} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {4AE8E905-A634-4887-BB8B-902DC7FD9B50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {4C584371-4C86-4B22-A5D4-F662D320A6EC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {550D9F58-0AB5-45D5-8425-FD08F17D58FB} - System32\Tasks\metalowa_glowa => /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v metalowa_glowa /t REG_SZ /d "explorer.exe hxxp://sd-steam.info" <==== ATTENTION
Task: {55B303A9-1334-4BB3-9AC7-998DBA2BE7BE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5BAF4C69-262C-4240-82FE-FBBFE5618FDC} - System32\Tasks\Opera scheduled Autoupdate 1407442411 => C:\Program Files (x86)\Opera\launcher.exe [2016-08-03] (Opera Software)
Task: {5BE91AA6-4313-4E4B-9C09-33DBE53D8152} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {5D0BBE60-FF6B-4451-9ACE-CA18EB50F7F7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {69D04120-7CFE-40FF-A463-0FBA3C2BA842} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {69E5810D-4136-4E95-84C9-5F9F18E40509} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6DA487F1-38C4-424C-A096-2FB343B1E642} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {73EE782E-AE07-4680-A775-BE5C5918EB6E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {7C7C8A5D-62EF-45C8-82DD-905D45919A34} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {7F97CBF8-30A7-46E6-9C4E-C1EC560B4230} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {85CC00DE-5CF5-4C6C-888B-87C4D19C500F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {8AA60CD5-C953-49CF-980D-5DABA0ED69E2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {8B704228-29C8-49EC-AB38-DE9432345015} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {8EE26F47-291C-4FD9-B259-A4D374242111} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {8F6D6D85-CC53-4573-8380-33918C0B1A19} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9320AAAE-6D43-4D6B-A539-6FA592E64A57} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {93C3A024-2C95-418A-BAD8-71795B42632D} - System32\Tasks\CTF Host => C:\Users\metalowa_glowa\AppData\Roaming\Wise Uninstaller\Ctfhost\ctfhost.exe
Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-07-16] (Microsoft Corporation)
Task: {A3FA3A40-68BA-4BF4-A580-36195DF7C6F8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {A3FC3478-10B9-425B-BAD5-5DE6C25FC073} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-07-16] (Microsoft Corporation)
Task: {BBD965D8-CF2B-4CBC-A66A-2D14FA92F050} - System32\Tasks\{73EF4EB6-093C-4D3A-A3F9-87995FFD12A2} => pcalua.exe -a C:\Users\metalowa_glowa\Downloads\R290515.exe -d C:\Users\metalowa_glowa\Downloads
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {CD19BC8A-E9FE-49ED-92A5-0E1194F69F00} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {CD1BD567-5622-42F7-BB13-4CDB19F95B5E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CF9C2F4D-B76F-4541-9970-58F56C29102E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {CFFCD985-3EB1-4B30-8504-90FD3F4F28B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D0ABE2A0-B8DA-4356-B9B8-4DF97A4886C0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {D11B5472-00A9-471A-B4A0-627C564EA359} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D5B70270-7739-44BE-9F76-C55C4660AF4A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D7B32CE9-12FD-403F-AFE4-DE2CF01B9682} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {DCCB3EAE-2B08-472F-9061-85D61AC41CEA} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-07-07] ()
Task: {DEB09810-1DDD-44AE-950E-967F59FDC216} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DF9B7D00-1FFF-4121-9DEB-F81688AE28BE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E26EEC3E-B5B9-43CF-A05E-A3A2F3684EF0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {ED7BD005-C716-4E72-B0D0-555625C145EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {FE32D8A1-CF50-4B19-A981-8F51FD0D4CD6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{FBA2E1A5-7FBE-46BD-BAED-E70E0F268B14}\SupportTasks\0\Pomoc techniczna.lnk -> hxxp://www.dreamcatchergames.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{EA71BC69-0397-4C1D-B5A0-3C2E5E98F5CB}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://www.sierra.com/support/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{EA71BC69-0397-4C1D-B5A0-3C2E5E98F5CB}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.sierrastudios.com/games/groundcontrol/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{B02CEC35-4191-485D-B77D-8C03C03B2366}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://support.ubi.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{B02CEC35-4191-485D-B77D-8C03C03B2366}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.ightandmagic.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{933A6C52-9DF0-4704-A2C9-43306570744F}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://techsupport.ea.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{933A6C52-9DF0-4704-A2C9-43306570744F}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.lordoftherings.ea.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{7D95B5A0-FBEB-4B1A-8BB7-5CB2E4934762}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.maxpayne.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{674FA394-B1FB-4BA5-B55A-00A2D75D8D0D}\SupportTasks\0\Pomoc techniczna.lnk -> hxxp://support.ubi.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{5D294B1B-3F39-4A97-9EEE-084D2CB9AA5F}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://support.ubi.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{5D294B1B-3F39-4A97-9EEE-084D2CB9AA5F}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.brothersinarmsgame.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{1688D0C5-FF94-44A4-8BA6-77B28A73059D}\SupportTasks\1\Pomoc techniczna.lnk -> hxxp://www.strategyfirst.com/support/contactform.asp/
Shortcut: C:\Users\metalowa_glowa\AppData\Local\Microsoft\Windows\GameExplorer\{1688D0C5-FF94-44A4-8BA6-77B28A73059D}\SupportTasks\0\Więcej gier od firmy Microsoft.lnk -> hxxp://www.robinhood-game.com/
Shortcut: C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxBatch.lnk -> D:\Gry\max payne\MaxBatch.bat ()
Shortcut: C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dark Omen\Options.lnk -> C:\Program Files (x86)\Dark Omen\options.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-06 10:52 - 2016-07-11 00:58 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-25 17:37 - 2014-11-01 21:34 - 00075136 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-06 11:28 - 2016-08-06 11:28 - 00959168 _____ () C:\Users\metalowa_glowa\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-09 20:26 - 2016-08-02 10:15 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-09 20:26 - 2016-08-02 10:01 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-09 20:26 - 2016-08-02 09:53 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-09 20:26 - 2016-08-02 09:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-09 20:26 - 2016-08-02 09:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-09 20:26 - 2016-08-02 09:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-08-16 15:41 - 2016-08-16 15:42 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 15:41 - 2016-08-16 15:42 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 19:19 - 2016-06-03 19:23 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-05-20 01:10 - 2016-05-20 01:10 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-30 19:54 - 2016-06-30 19:54 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-21 19:02 - 2016-08-21 19:02 - 03015680 _____ () C:\Program Files\AVAST Software\Avast\defs\16082100\algo.dll
2016-06-30 19:54 - 2016-06-30 19:54 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2012-07-25 23:04 - 2010-02-17 12:20 - 00065576 ____R () C:\Program Files (x86)\Dell\Dell WWAN\WMCore\MBMDebug.dll
2016-06-30 19:54 - 2016-06-30 19:54 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-08-09 20:21 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-09 20:21 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9 [180]
AlternateDataStreams: C:\ProgramData\TEMP:F0D7EE30 [340]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\dell.com -> dell.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2015-12-15 17:18 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\metalowa_glowa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 62.179.1.61 - 62.179.1.63
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\startupreg: CancelAutoPlay_df => "C:\Program Files (x86)\ZTE MF823\CancelAutoPlay_df.exe" run
MSCONFIG\startupreg: CheckNDISPortF0ac70 => C:\Program Files (x86)\ZTE MF823\CheckNDISPort_df.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellSystemDetect => C:\Users\metalowa_glowa\AppData\Local\Apps\2.0\6EE1JWG0.0R9\JLN1G7DO.GRE\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe
MSCONFIG\startupreg: LockStatusTray => C:\Windows\LockStatusTray.exe
MSCONFIG\startupreg: NSU_agent => "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Onet.pl AutoUpdate => C:\Program Files (x86)\Common Files\Onet.pl\AutoUpdate.exe /tsr
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StereoLinksInstall => "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
MSCONFIG\startupreg: USB Gamepad => C:\Windows\USB Vibration\7906\USB Gamepad.exe -boot
HKLM\...\StartupApproved\Run: => "SaiMfd"
HKLM\...\StartupApproved\Run: => "ProfilerU"
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{CAFD0578-B556-4C62-B5A9-590D8CACD48D}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{F2498858-F169-4855-A721-2F54C9B493AB}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{48C76503-B060-486A-BF32-41A5FA6F0171}D:\gry\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) D:\gry\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{38D9B2BB-D84F-4D96-A58F-AAD9398A887E}D:\gry\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) D:\gry\armored warfare\armored warfare mycom\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{EF46BBF5-FC59-49B6-A3A1-B9CE96EA388A}C:\users\metalowa_glowa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\metalowa_glowa\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{10B55BF1-A47D-4D1C-A57A-6B5A6C8FA207}C:\users\metalowa_glowa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\metalowa_glowa\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{56A9003E-DA96-44E5-81F4-7571CF7F04CA}] => (Allow) d:\gry\World of tanks\worldoftanks.exe
FirewallRules: [{DC5BFE4D-E311-4432-BA5A-EEC0C62B4D09}] => (Allow) d:\gry\World of tanks\worldoftanks.exe
FirewallRules: [{203CC7BD-7590-4975-9EFC-091ED6840DA9}] => (Allow) d:\gry\World of tanks\WoTLauncher.exe
FirewallRules: [{A6FED72A-72CC-4601-92E8-4815B7CBD826}] => (Allow) d:\gry\World of tanks\WoTLauncher.exe
FirewallRules: [UDP Query User{5E8A19A1-5C43-4F30-83F2-12EF783A85A1}D:\gry\black ops 2\t6sp.exe] => (Block) D:\gry\black ops 2\t6sp.exe
FirewallRules: [TCP Query User{3AE385DE-6B7F-47DD-87A1-95B54F11F84B}D:\gry\black ops 2\t6sp.exe] => (Block) D:\gry\black ops 2\t6sp.exe
FirewallRules: [UDP Query User{20EB7071-74E2-4E72-B4D0-07E1AC551909}D:\gry\rock of ages\binaries\win32\roa.exe] => (Block) D:\gry\rock of ages\binaries\win32\roa.exe
FirewallRules: [TCP Query User{94D26299-6005-499A-8054-CABBE73B1A14}D:\gry\rock of ages\binaries\win32\roa.exe] => (Block) D:\gry\rock of ages\binaries\win32\roa.exe
FirewallRules: [UDP Query User{0A4A1F1C-3C67-4943-92D9-68EEC226BE35}D:\gry\freespace\fs2_open_3_7_2_sse.exe] => (Allow) D:\gry\freespace\fs2_open_3_7_2_sse.exe
FirewallRules: [TCP Query User{AA7862A4-6E23-43D7-A0F7-F70469DABC98}D:\gry\freespace\fs2_open_3_7_2_sse.exe] => (Allow) D:\gry\freespace\fs2_open_3_7_2_sse.exe
FirewallRules: [{F592EE9F-2CBB-4395-8352-20262CE5233C}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{E954E755-5104-4128-A49F-8E3DEE6D70B2}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{D615DF2D-9844-4D2E-A8D3-16C09428296B}] => (Allow) D:\Gry\mark of chaos\Warhammer.exe
FirewallRules: [{EE866D6C-0A70-4129-A9B0-F58F1ADB6012}] => (Allow) D:\Gry\mark of chaos\Warhammer.exe
FirewallRules: [{CAD64BF9-E5F0-4DFE-B34E-982B9F3D184A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B50DC0BE-3D8F-4BCD-887F-FB1F19454E50}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{1199A679-C98A-4E8D-A74E-FF4487A3039D}C:\program files (x86)\steam\steamapps\metalowa_glowa\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\metalowa_glowa\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{F8B2BCFB-4079-44AF-9C06-89FAB06FF4C6}C:\program files (x86)\steam\steamapps\metalowa_glowa\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\metalowa_glowa\team fortress 2\hl2.exe
FirewallRules: [{146CCA01-FC81-47E2-B81E-C6D29799829E}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{2EC90268-5835-47DC-B6AF-638BFFC30FB6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{7ACAD68B-5E81-44D4-897D-6749128ACA1C}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{767E74E1-D8D3-4517-96E3-103819515F60}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{1D94D740-02E4-4AE2-9BDF-1E9719249722}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{DE4C1082-E5B0-4D9A-9153-B7D40F1BCC25}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{17E62F46-D309-4697-B637-403B406CCB74}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{A6412FEE-D044-4C5C-A259-C182344DF6F9}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{E770AF7E-9F4C-4DD5-A344-B0D750C58BB1}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{F3F22DAA-026D-4DA5-955C-3A58047F3F8F}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{20DB568A-AD91-47C2-A4EF-0203A04396AF}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{41189794-ECA8-4A13-80DB-7C3852E51190}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{B6B8B1FB-B1BC-4A73-A37B-4A09D8CD02AD}] => (Allow) LPort=3724
FirewallRules: [{B3A45F6B-EDE8-49D6-9C5B-3616A3C229A0}] => (Allow) D:\SPSS\statistics.com
FirewallRules: [{4BAF7FC3-30EF-47E1-BCD3-0373540DD749}] => (Allow) D:\SPSS\statistics.exe
FirewallRules: [{712E2E89-5044-41D7-88FC-209AD1283076}] => (Allow) D:\SPSS\SPSSWinWrapIDE.exe
FirewallRules: [{A2303532-7231-4B26-88E5-DD2E4F5DD46E}] => (Allow) D:\SPSS\statistics.com
FirewallRules: [{581493F8-8D92-470C-99DD-D18F39C90922}] => (Allow) D:\SPSS\statistics.exe
FirewallRules: [{BDB769F2-6FC6-4405-BC00-3034C77EA4FA}] => (Allow) D:\SPSS\SPSSWinWrapIDE.exe
FirewallRules: [{EF6C8D6E-C6D1-4CCF-A802-F026ECF8C8B0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{F07C6A55-B6DC-4DD6-813D-151DEE02E0A5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{F8A5946D-734F-442D-BF67-D03DD591E74B}D:\gry\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) D:\gry\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [UDP Query User{F7366524-DF6A-443A-9347-8141D77B45C9}D:\gry\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) D:\gry\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [TCP Query User{4BA23ECE-31CE-48FD-8317-8C58DE765BB7}D:\gry\alice madness returns\alice1\bin\alice.exe] => (Block) D:\gry\alice madness returns\alice1\bin\alice.exe
FirewallRules: [UDP Query User{15A38999-D4AD-4DEA-A972-B051AC882B51}D:\gry\alice madness returns\alice1\bin\alice.exe] => (Block) D:\gry\alice madness returns\alice1\bin\alice.exe
FirewallRules: [{CA16508C-875D-4258-B163-939263228701}] => (Allow) LPort=80
FirewallRules: [{A19AE38F-934A-46A4-B9EF-0801BB4F314C}] => (Allow) LPort=443
FirewallRules: [{DCEE289C-E8DE-4D83-A15D-E69DFB99D087}] => (Allow) LPort=20010
FirewallRules: [{889D5C20-1BF6-4DF2-B2C0-EA7003934476}] => (Allow) LPort=3478
FirewallRules: [{A4E7414D-04D9-4F01-9B09-08BF1E6B8FE5}] => (Allow) LPort=7850
FirewallRules: [{B92B767D-0F0C-46BD-BA1C-F4D0CED8F97D}] => (Allow) LPort=7852
FirewallRules: [{69CB183F-2E8E-4E63-9A42-766A58400C4A}] => (Allow) LPort=7853
FirewallRules: [{26DF64C9-C110-4384-ACBF-4FDF9316575B}] => (Allow) LPort=27022
FirewallRules: [{81A3BB83-3BBA-4536-B66C-B5156F676DB0}] => (Allow) LPort=6881
FirewallRules: [{E4EE7115-CE70-4356-934E-50D922791205}] => (Allow) LPort=33333
FirewallRules: [{ED999E59-89FA-409B-B0A1-B05C05375014}] => (Allow) LPort=20443
FirewallRules: [{FBF94A73-BCB5-487D-8660-0F24637D24AE}] => (Allow) LPort=8090
FirewallRules: [{240C7881-04EC-45D0-9F0D-1FE3DF251D60}] => (Allow) C:\Users\metalowa_glowa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D555520E-E97B-4B17-8EEA-8780346EB8EC}] => (Allow) C:\Users\metalowa_glowa\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9AD9C7F3-3159-4296-B33B-05C97ABDBFCC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C2B783D-6F22-4699-B2C8-C90CEFC93FB2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{796EACC8-FCCE-423E-949B-F360A2FD5507}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{B2D33CFC-80C3-4977-92A4-1385D4FBA1E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{26E97B41-6605-429E-B7FE-F365821422E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4E93BC56-0546-4D29-8BC6-EB3C2A55B72B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{56280087-73E1-42FE-9E4C-7305A665AEB0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D0CB9301-6C63-438B-8335-AEBD6CDB6388}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{54EFB213-5EB8-4D0D-90A9-790EB7944E86}] => (Allow) D:\Program Files (x86)\Origin Games\Wing Commander III\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{45ACE8BC-705C-4BB3-A951-BA87E72BCB91}] => (Allow) D:\Program Files (x86)\Origin Games\Wing Commander III\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [TCP Query User{8A237FBB-A67F-4416-BAA9-91501203EC4C}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{C95B53D4-2E2F-4D99-B821-9D0141C8BC26}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{7EFAB168-C3F7-4BBB-816E-C5F25B073C17}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{138E28CD-18DA-46A1-B87A-51C978F29E3B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0ADE2D45-C5B6-445D-BD69-BA11682F606D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1E044D5B-2BB8-45F4-B9FA-AEAEE2E9FFBF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7B254982-8600-4724-8016-A2E95947B637}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Overlord\Overlord.exe
FirewallRules: [{33BFCF36-BDAC-4F2F-8737-42B47D254197}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Overlord\Overlord.exe
FirewallRules: [{A4F1EB70-4CAA-4DAE-91D6-86D97BD1CDA4}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Overlord\Config.exe
FirewallRules: [{9E37E036-9E77-4722-B452-B384E50FFCBD}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Overlord\Config.exe
FirewallRules: [{AD0E385C-01F6-4DBE-BB17-E93F77F2DA88}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Retro City Rampage\retrocityrampage.exe
FirewallRules: [{09E624C5-D175-42CB-B922-CF062DAF662B}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Retro City Rampage\retrocityrampage.exe
FirewallRules: [{0DD003F4-745A-44A2-A0C2-B859E8511DE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FF16D831-6559-4D87-901F-0F1FEA736C2B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{110C0099-FF7B-4BC8-B15E-8C457872B0CD}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{37E2243D-FAA6-496D-8DD2-CA0F5B122406}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{507D52F5-690E-4CDD-9BC3-FA1CCBB662F0}] => (Allow) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe
FirewallRules: [{BCB0A802-4E6E-44EF-A598-335B403F03BC}] => (Allow) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe
FirewallRules: [TCP Query User{F4B2E09C-7D84-448D-BF52-321C9E178370}D:\gry\shadow complex\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe] => (Allow) D:\gry\shadow complex\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe
FirewallRules: [UDP Query User{1E350FD5-4013-4ADB-8977-72FD86ABE5DC}D:\gry\shadow complex\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe] => (Allow) D:\gry\shadow complex\shadowcomplexremastered\binaries\win32\shadowcomplex-win32-egl.exe
FirewallRules: [{34B52435-81FB-4EE8-8D46-22F6250C7496}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{85FF5CB2-B450-424A-BC75-4208B7981698}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{B3A88267-63A7-4FEB-BF0A-4A3A2492EDE5}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{D3474797-9B96-4FA3-8789-F0C68ED715F2}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{C9134093-A65C-417F-A087-375F6A4DB7C2}] => (Allow) D:\Gry\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{9E673F1F-DBDC-4E70-A37E-F20949FA356E}] => (Allow) D:\Gry\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{773E9AA8-444D-4A9D-BA23-491C1B14D507}] => (Allow) D:\Gry\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{05BA1868-85BF-40FE-952B-A91BCF64BB61}] => (Allow) D:\Gry\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{F9FB06A3-9259-4B07-8D04-5EF8B0230461}] => (Allow) C:\Program Files (x86)\Muve\Muve Downloader\Launcher.exe
FirewallRules: [{B54F5450-711F-455F-8957-52BEB9F079F7}] => (Allow) C:\Program Files (x86)\Muve\Muve Downloader\Launcher.exe
FirewallRules: [{EBBD3910-619E-40D4-B8A9-4D687E0C0541}] => (Allow) C:\Program Files (x86)\Muve\Muve Downloader\MuveDownloader.exe
FirewallRules: [{E3E40F3E-6CE9-4811-AAC6-58EAE7301162}] => (Allow) C:\Program Files (x86)\Muve\Muve Downloader\MuveDownloader.exe
FirewallRules: [{B563AB2C-1E61-4DCD-9F9C-98270F73B496}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{313202F5-B64D-4EED-B842-26D7B795001D}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{60019253-1757-4934-90C7-E3917A003D1A}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\INK\INK.exe
FirewallRules: [{808D5863-6A8F-4B50-A08E-62C4C909C99E}] => (Allow) D:\Gry\Civilization IV\SteamApps\common\INK\INK.exe
FirewallRules: [TCP Query User{398F515E-0B30-4742-AE08-F81B06E36E26}C:\program files (x86)\sega\aliens - colonial marines complete\binaries\win32\acm.exe] => (Block) C:\program files (x86)\sega\aliens - colonial marines complete\binaries\win32\acm.exe
FirewallRules: [UDP Query User{DEB117AD-B50C-4C99-8743-F12589C58335}C:\program files (x86)\sega\aliens - colonial marines complete\binaries\win32\acm.exe] => (Block) C:\program files (x86)\sega\aliens - colonial marines complete\binaries\win32\acm.exe
FirewallRules: [TCP Query User{BAAD5AEF-7A4B-4C2E-B766-27ECFDEF7F00}C:\program files (x86)\dark omen\prg\engrel.exe] => (Block) C:\program files (x86)\dark omen\prg\engrel.exe
FirewallRules: [UDP Query User{858987EF-8674-4ED2-978D-CEE3753D74F4}C:\program files (x86)\dark omen\prg\engrel.exe] => (Block) C:\program files (x86)\dark omen\prg\engrel.exe
FirewallRules: [{E9B08719-9A64-4651-BBB0-57B5991949D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{E3CA241F-7B33-4371-8B02-47066DBF6651}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Block) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{94E6C42D-C53E-4CA7-9AE0-D47985162A54}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Block) C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{F953885C-7062-478C-9832-D81FC0F68E11}D:\gry\okhlos\okhlos.exe] => (Block) D:\gry\okhlos\okhlos.exe
FirewallRules: [UDP Query User{E285B712-D0ED-43EE-8A96-1552B7EFF3C1}D:\gry\okhlos\okhlos.exe] => (Block) D:\gry\okhlos\okhlos.exe
 
==================== Restore Points =========================
 
18-08-2016 23:12:40 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
 
==================== Faulty Device Manager Devices =============
 
Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/20/2016 12:23:51 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MetalowaGlowa)
Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
 
Error: (08/19/2016 08:42:04 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3.
Element główny pliku manifestu musi być zmontowany.
 
Error: (08/19/2016 08:25:33 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3.
Element główny pliku manifestu musi być zmontowany.
 
Error: (08/19/2016 06:06:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MetalowaGlowa)
Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2147023673. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa.
 
Error: (08/19/2016 06:15:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: microsoftedgecp.exe, wersja: 11.0.14393.51, sygnatura czasowa: 0x57a0516c
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000604
Przesunięcie błędu: 0x0000000000000000
Identyfikator procesu powodującego błąd: 0x1cd8
Godzina uruchomienia aplikacji powodującej błąd: 0xmicrosoftedgecp.exe0
Ścieżka aplikacji powodującej błąd: microsoftedgecp.exe1
Ścieżka modułu powodującego błąd: microsoftedgecp.exe2
Identyfikator raportu: microsoftedgecp.exe3
Pełna nazwa pakietu powodującego błąd: microsoftedgecp.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: microsoftedgecp.exe5
 
Error: (08/19/2016 06:15:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: microsoftedgecp.exe, wersja: 11.0.14393.51, sygnatura czasowa: 0x57a0516c
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000604
Przesunięcie błędu: 0x0000000000000000
Identyfikator procesu powodującego błąd: 0x1cd8
Godzina uruchomienia aplikacji powodującej błąd: 0xmicrosoftedgecp.exe0
Ścieżka aplikacji powodującej błąd: microsoftedgecp.exe1
Ścieżka modułu powodującego błąd: microsoftedgecp.exe2
Identyfikator raportu: microsoftedgecp.exe3
Pełna nazwa pakietu powodującego błąd: microsoftedgecp.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: microsoftedgecp.exe5
 
Error: (08/19/2016 06:09:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: microsoftedgecp.exe, wersja: 11.0.14393.51, sygnatura czasowa: 0x57a0516c
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000604
Przesunięcie błędu: 0x0000000000000000
Identyfikator procesu powodującego błąd: 0x1bb4
Godzina uruchomienia aplikacji powodującej błąd: 0xmicrosoftedgecp.exe0
Ścieżka aplikacji powodującej błąd: microsoftedgecp.exe1
Ścieżka modułu powodującego błąd: microsoftedgecp.exe2
Identyfikator raportu: microsoftedgecp.exe3
Pełna nazwa pakietu powodującego błąd: microsoftedgecp.exe4
Identyfikator aplikacji względem pakietu powodującego błąd: microsoftedgecp.exe5
 
Error: (08/18/2016 11:20:49 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "1". Błąd w pliku manifestu lub w pliku zasad "2" w wierszu 3.
Element główny pliku manifestu musi być zmontowany.
 
Error: (08/18/2016 11:15:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury QueryFullProcessImageNameW.  hr = 0x80070006, Nieprawidłowe dojście.
.
 
 
Operacja:
   Wykonywanie operacji asynchronicznej
 
Kontekst:
   Stan bieżący: DoSnapshotSet
 
Error: (08/18/2016 11:14:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.
 
System Error:
Odmowa dostępu.
.
 
 
System errors:
=============
Error: (08/21/2016 07:01:30 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (08/21/2016 07:01:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa PinnacleUpdate Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (08/21/2016 07:01:23 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (08/21/2016 07:01:23 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (08/21/2016 07:01:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Usługa NetTcpActivator zależy od usługi NetTcpPortSharing, której nie można uruchomić z powodu następującego błędu: 
%%1058 = Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia.
 
Error: (08/20/2016 08:16:01 AM) (Source: DCOM) (EventID: 10010) (User: MetalowaGlowa)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (08/20/2016 07:53:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa PinnacleUpdate Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (08/20/2016 07:53:27 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (08/20/2016 07:53:25 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
Error: (08/20/2016 07:53:25 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: właściwe dla aplikacjiLokalnyAktywacja{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}ZARZĄDZANIE NTUSŁUGA LOKALNAS-1-5-19LocalHost (użycie LRPC)NiedostępnyNiedostępny
 
 
CodeIntegrity:
===================================
  Date: 2016-08-11 17:48:53.439
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:53.344
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:53.304
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:53.232
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:53.205
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:53.163
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:51.652
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:48:51.109
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:46:58.753
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-08-11 17:46:58.733
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 41%
Total physical RAM: 6038.16 MB
Available physical RAM: 3514.57 MB
Total Virtual: 7062.16 MB
Available Virtual: 4408.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:175.69 GB) (Free:45.27 GB) NTFS
Drive d: () (Fixed) (Total:514.15 GB) (Free:6.46 GB) NTFS
Drive f: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=175.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=514.2 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ===========================
   
  
 


#5 MetalowaGlowa

MetalowaGlowa
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:12:09 PM

Posted 21 August 2016 - 01:34 PM

After 2 restarts and creating a clear notepad file here are the logs. Noticed that when I runned AdwCleaner - there is no copy/paste option anywhere.
One more thing, not sure if it is important. Shape (view) of the icons in different folders seems to change randomly not often though. Sometimes they are large tiles and sometimes a small list. I've noticed it earlier many many times, without the infection. Or maybe it was well hidden and not so harmful.
 
First scan (sorry it's in polish - change of language in AdwCleaner didn't affect already performed logs)
 
# AdwCleaner v6.000 - raport utworzono 19/08/2016 o 15:44:21
# Ostatnia aktualizacja: 12/08/2016 przez ToolsLib
# Baza danych : 2016-08-19.1 [Z serwera]
# System operacyjny : Windows 10 Home  (X64)
# Nazwa użytkownika : metalowa_glowa - METALOWAGLOWA
# Lokalizacja programu : C:\Users\metalowa_glowa\Downloads\AdwCleaner.exe
# Tryb: Skanowanie
 
 
 
***** [ Usługi ] *****
 
Nie wykryto szkodliwych usług.
 
 
***** [ Foldery ] *****
 
Wykryto folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Youtube Downloader
 
 
***** [ Pliki ] *****
 
Nie wykryto szkodliwych plików.
 
 
***** [ DLL ] *****
 
Nie wykryto szkodliwych bibliotek DLL.
 
 
***** [ WMI ] *****
 
Nie wykryto szkodliwych kluczy.
 
 
***** [ Skróty ] *****
 
Nie wykryto zainfekowanych skrótów.
 
 
***** [ Zaplanowane zadania ] *****
 
Nie wykryto szkodliwych zadań.
 
 
***** [ Rejestr ] *****
 
Wykryto klucz: [x64] HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
Wykryto klucz: HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
Wykryto klucz: HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
Wykryto klucz: HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\Software\GreenTree Applications\YTD
Wykryto klucz: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
Wykryto klucz: HKCU\Software\GreenTree Applications\YTD
 
 
***** [ Przeglądarki internetowe ] *****
 
Nie wykryto szkodliwych obiektów w przeglądarkach opartych na Firefoksie.
Nie wykryto szkodliwych obiektów w przeglądarkach opartych na Chromium.
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [892 bajty] - [14/02/2016 22:58:59]
C:\AdwCleaner\AdwCleaner[C5].txt - [1701 bajty] - [17/11/2015 22:52:57]
C:\AdwCleaner\AdwCleaner[S1].txt - [792 bajty] - [14/02/2016 22:49:53]
C:\AdwCleaner\AdwCleaner[S3].txt - [1908 bajty] - [19/08/2016 15:44:21]
C:\AdwCleaner\AdwCleaner[S6].txt - [1580 bajty] - [17/11/2015 22:51:00]
C:\AdwCleaner\AdwCleaner[S7].txt - [744 bajty] - [12/12/2015 17:39:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2126 bajty] ##########
 
 
Last scan:
 
# AdwCleaner v6.000 - Logfile created 21/08/2016 at 19:51:14
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-21.2 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : metalowa_glowa - METALOWAGLOWA
# Running from : C:\Users\metalowa_glowa\Downloads\AdwCleaner.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
No malicious folders found.
 
 
***** [ Files ] *****
 
No malicious files found.
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
No malicious registry element found.
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
 
*************************
 
C:\AdwCleaner\AdwCleaner pierwsyz.txt - [2212 Bytes] - [19/08/2016 17:16:12]
C:\AdwCleaner\AdwCleaner[C1].txt - [892 Bytes] - [14/02/2016 22:58:59]
C:\AdwCleaner\AdwCleaner[C3].txt - [2082 Bytes] - [19/08/2016 15:44:47]
C:\AdwCleaner\AdwCleaner[C5].txt - [1701 Bytes] - [17/11/2015 22:52:57]
C:\AdwCleaner\AdwCleaner[S1].txt - [792 Bytes] - [14/02/2016 22:49:53]
C:\AdwCleaner\AdwCleaner[S3].txt - [2209 Bytes] - [19/08/2016 15:44:21]
C:\AdwCleaner\AdwCleaner[S4].txt - [1828 Bytes] - [19/08/2016 16:10:56]
C:\AdwCleaner\AdwCleaner[S5].txt - [1901 Bytes] - [19/08/2016 16:49:37]
C:\AdwCleaner\AdwCleaner[S6].txt - [1580 Bytes] - [17/11/2015 22:51:00]
C:\AdwCleaner\AdwCleaner[S7].txt - [744 Bytes] - [12/12/2015 17:39:03]
C:\AdwCleaner\AdwCleaner[S8].txt - [1727 Bytes] - [21/08/2016 19:51:14]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [1800 Bytes] ##########


#6 polskamachina

polskamachina

  • Malware Response Team
  • 4,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 AM

Posted 22 August 2016 - 04:45 PM

Hi MetalowaGlowa :)
 
We need to run a fix with FRST.
 
Copy and paste the following text in its entirety into a blank Notepad window:

CreateRestorePoint:
CloseProcesses:
Task: {1D8F00F2-83A4-4447-A584-6FE57C9D0D1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {24D0E25A-FDEC-427A-A95D-6F8A6B332640} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2A06755B-5246-4556-9B08-D5EFE7EBC7EC} - \avast! Emergency Update -> No File <==== ATTENTION
Task: {33FCFF72-8F16-4414-BB07-D9482C615111} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3A9F3E84-B970-4084-A869-B5D562D3FFDE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {42B51337-0C61-45C9-8A08-C894AC9B3295} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {44F29258-32F6-4111-A888-F5A00F688FF1} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {4C584371-4C86-4B22-A5D4-F662D320A6EC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D04120-7CFE-40FF-A463-0FBA3C2BA842} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {69E5810D-4136-4E95-84C9-5F9F18E40509} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8F6D6D85-CC53-4573-8380-33918C0B1A19} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A3FC3478-10B9-425B-BAD5-5DE6C25FC073} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CFFCD985-3EB1-4B30-8504-90FD3F4F28B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D0ABE2A0-B8DA-4356-B9B8-4DF97A4886C0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {DEB09810-1DDD-44AE-950E-967F59FDC216} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} =>  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF Plugin HKU\S-1-5-21-1362770674-4107001041-3769634335-1000: ubisoft.com/uplaypc -> D:\Gry\trials evol\datapack\orbit\npuplaypc.dll [No File]
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => No File
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\Run: [metalowa_glowa] => explorer.exe hxxp://sd-steam.info <===== ATTENTION
Task: {550D9F58-0AB5-45D5-8425-FD08F17D58FB} - System32\Tasks\metalowa_glowa => /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v metalowa_glowa /t REG_SZ /d "explorer.exe hxxp://sd-steam.info" <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9 [180]
AlternateDataStreams: C:\ProgramData\TEMP:F0D7EE30 [340]
CMD: notepad "D:\Gry\max payne\MaxBatch.bat"
CMD: notepad "C:\Program Files (x86)\Dark Omen\options.bat"
Folder: C:\gry

Save the file to your Downloads folder as fixlist.txt

Note: It's important that both files, FRST64.exe and fixlist.txt are in the same location or the fix will not work!

  • Run FRST64.exe from your download folder and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log, Fixlog.txt, in your downloads folder. Please copy and paste that log into your next reply to me. You will also see two Notepad windows appear which will reveal the contents of two batch files. Please copy and paste those Notepad entries into your next reply to me. Do not close Notepad until you have copied and pasted the files into your next reply. Otherwise, it will take some effort to recapture the output.

Next:
 
We need to perform a search:

  • Run FRST64.exe again (if it's not already open)
  • When the FRST window opens, copy and paste the following into the Search: box
    sd-steam.info
  • Click on Search Registry
  • SearchReg.txt will be saved to your Download folder

In summary, I will need the following from you:

  • fixlog.txt log
  • SearchReg.txt
  • MaxBatch.bat contents (from Notepad)
  • options.bat contents (from Notepad)
  • How is your computer performing now?

Let me know if you have any questions.
 
polskamachina



#7 MetalowaGlowa

MetalowaGlowa
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:12:09 PM

Posted 23 August 2016 - 04:46 PM

Unexpected thing happened. During fixlog work, windows update notice displayed. So after restarting some updates have been installed. Not sure if this is important though.
 
Before commencing your prescription I was watching a movie for a while and the "quick cmd window" (mentioned before) popped up and disappeared. I'm trying to observe if it appears again and what applications may trigger this thing.
 
One more thing i have to confess. I know I shouldn't do it, but while waiting for your response I used CCleaner and stopped/deleted zodiac-steam.info process in the startup (it was something like HKCU:Run and in the description was the name of the virus). The irritating pop up at the startup disappeared, yet the mentioned cmd window still was present so it didn't change anything except the startup.
 
Right now, after the fixlog and your steps, computer seems to run correctly.
 
 
MAXBATCH:
 
@echo off
rem ---------------------------------------------------------------------
rem --- Init ---
rem ---------------------------------------------------------------------
set var_Debug=0
set str_Title=      MaxPayne Conversion Tool by Darkje, v1.12 - 21-Feb-2010      
if not "%1"=="" cd "%*"
 
rem --- Adjust conversion delay here (var_ConversionDelay=seconds) ---
set var_ConversionDelay=1
set var_ExitDelay=2
set var_ActionFinishedDelay=3
set var_DbgL2Delay=1
call :sub_DetectUac
 
rem ---------------------------------------------------------------------
rem --- Game Conv Screen, Menu control structure ---
rem ---------------------------------------------------------------------
:lbl_GameMenu
call :msg_Welcome
call :msg_GameConvScreen
call :sub_DetectionPhase
if %flag_FreshGame%==1 (
if %var_TotModCount%==0 ( 
call :sub_GameMenu1
) else (
call :sub_GameMenu2
)
) else (
if exist backup\*.ras (
if %var_TotModCount%==0 (
call :sub_GameMenu3
) else (
call :sub_GameMenu4
)
) else (
if %var_TotModCount%==0 (
call :sub_GameMenu5
) else (
call :sub_GameMenu6
)
)
)
 
rem ---------------------------------------------------------------------
rem Game Conv Screen menus
rem ---------------------------------------------------------------------
:sub_GameMenu1
rem --- just fresh game, no mods ---
call :msg_YouWantTo 1
call :msg_GameConvOpt
call :msg_LaunchOpt
call :msg_OtherOpt
call :msg_SdeOpt
choice /c clsde
if errorlevel 5 goto :lbl_Exit
if errorlevel 4 goto :lbl_ToggleDebug
if errorlevel 3 goto :lbl_GameMenu
if errorlevel 2 goto :lbl_LaunchGame
call :sub_CvrtGame
goto :lbl_GameMenu
 
rem ---------------------------------------------------------------------
:sub_GameMenu2
rem --- fresh game and mods too ---
call :msg_YouWantTo 2
call :msg_GameConvOpt
call :msg_LaunchOpt
call :msg_OtherOpt
call :msg_ModOpt
call :msg_SdeOpt
choice /c clmsde
if errorlevel 6 goto :lbl_Exit
if errorlevel 5 goto :lbl_ToggleDebug
if errorlevel 4 goto :lbl_GameMenu
if errorlevel 3 goto :lbl_ModMenu
if errorlevel 2 goto :lbl_LaunchGame
call :sub_CvrtGame
goto :lbl_GameMenu
 
rem ---------------------------------------------------------------------
:sub_GameMenu3
rem --- just converted game, no mods --- 
call :msg_YouWantTo 3
call :msg_LaunchConvOpt
call :msg_RestoreGameOpt
call :msg_OtherOpt
call :msg_SdeOpt
choice /c lrsde
if errorlevel 5 goto :lbl_Exit
if errorlevel 4 goto :lbl_ToggleDebug
if errorlevel 3 goto :lbl_GameMenu
if errorlevel 2 (
call :sub_RestoreGame
goto :lbl_GameMenu
)
goto :lbl_LaunchGame
 
rem ---------------------------------------------------------------------
:sub_GameMenu4
rem --- converted game and mods too ---
call :msg_YouWantTo 4
call :msg_LaunchConvOpt
call :msg_RestoreGameOpt
call :msg_OtherOpt
call :msg_ModOpt
call :msg_SdeOpt
choice /c lrmsde
if errorlevel 6 goto :lbl_Exit
if errorlevel 5 goto :lbl_ToggleDebug
if errorlevel 4 goto :lbl_GameMenu
if errorlevel 3 goto :lbl_ModMenu
if errorlevel 2 (
call :sub_RestoreGame
goto :lbl_GameMenu
)
goto :lbl_LaunchGame
 
rem ---------------------------------------------------------------------
:sub_GameMenu5
rem --- no game, no mods ---
call :msg_YouWantTo 5
call :msg_NoMainOpt
call :msg_OtherOpt
call :msg_SdeOpt
choice /c sde
if errorlevel 3 goto :lbl_Exit
if errorlevel 2 goto :lbl_ToggleDebug
goto :lbl_GameMenu
 
rem ---------------------------------------------------------------------
:sub_GameMenu6
rem --- no game, only mods ---
call :msg_YouWantTo 6
call :msg_ModOpt
call :msg_OtherOpt
call :msg_SdeOpt
choice /c msde
if errorlevel 4 goto :lbl_Exit
if errorlevel 3 goto :lbl_ToggleDebug
if errorlevel 2 goto :lbl_GameMenu
goto :lbl_ModMenu
 
rem ---------------------------------------------------------------------
rem --- Mod Conv Screen, Menu control structure ---
rem ---------------------------------------------------------------------
:lbl_ModMenu
call :msg_Welcome
call :msg_ModConvScreen
call :sub_DetectionPhase
call :sub_ListMods
if %var_NewModCount% gtr 0 (
if %var_ConvModCount% == 0 (
if %var_ExcludedModCount% == 0 (
call :sub_ModMenu1
) else (
call :sub_ModMenu5
)
) else (
if %var_ExcludedModCount% == 0 (
call :sub_ModMenu3
) else (
call :sub_ModMenu7
)
)
) else ( 
if %var_ConvModCount% == 0 (
call :sub_ModMenu4
) else (
if %var_ExcludedModCount% == 0 (
call :sub_ModMenu2
) else (
call :sub_ModMenu6
)
)
)
call :sub_Waitasec %var_ActionFinishedDelay%
goto :lbl_GameMenu
 
rem ---------------------------------------------------------------------
rem Mod Conv Screen menus
rem ---------------------------------------------------------------------
:sub_ModMenu1
rem --- only unconverted mods ---
call :msg_ModYouWantTo 1
call :msg_ConvModOpt
call :msg_AddModExclOpt
call :msg_OtherOpt
call :msg_EndmodOpt
choice /c mase
if errorlevel 4 goto :lbl_GameMenu
if errorlevel 3 goto :lbl_ModMenu
if errorlevel 2 (
call :sub_AddExclusion
) else (
call :sub_AddNewMods
)
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_ModMenu2
rem --- only converted mods ---
call :msg_ModYouWantTo 2
call :msg_RestoreModOpt
call :msg_OtherOpt
call :msg_EndmodOpt
choice /c rse
if errorlevel 3 goto :lbl_GameMenu
if errorlevel 2 goto :lbl_ModMenu
call :sub_RestoreMods
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_ModMenu3
rem --- converted and unconverted mods ---
call :msg_ModYouWantTo 3
call :msg_ConvModOpt
call :msg_RestoreModOpt
call :msg_AddModExclOpt
call :msg_OtherOpt
call :msg_EndmodOpt
choice /c mrase
if errorlevel 5 goto :lbl_GameMenu
if errorlevel 4 goto :lbl_ModMenu
if errorlevel 3 (
call call :sub_AddExclusion
goto :EOF
)
if errorlevel 2 (
call :sub_RestoreMods
) else ( 
call :sub_AddNewMods
)
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_ModMenu4
rem --- only excluded mods ---
call :msg_ModYouWantTo 4
call :msg_RestoreModOpt
call :msg_ClrModExclOpt
call :msg_OtherOpt
call :msg_EndmodOpt
choice /c rhse
if errorlevel 4 goto :lbl_GameMenu
if errorlevel 3 goto :lbl_ModMenu
if errorlevel 2 (
call :sub_ClrModExcl
) else (
call :sub_RestoreMods
)
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_ModMenu5
rem --- unconverted and excluded mods ---
call :msg_ModYouWantTo 5
call :msg_ConvModOpt
call :msg_AddModExclOpt
call :msg_ClrModExclOpt
call :msg_OtherOpt
call :msg_EndmodOpt
choice /c mahse
if errorlevel 5 goto :lbl_GameMenu
if errorlevel 4 goto :lbl_ModMenu
if errorlevel 3 (
call :sub_ClrModExcl
goto :EOF
)
if errorlevel 2 (
call call :sub_AddExclusion
) else (
call :sub_AddNewMods
)
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_ModMenu6
rem --- converted and excluded mods ---
call :msg_ModYouWantTo 6
call :msg_RestoreModOpt
call :msg_ClrModExclOpt
call :msg_OtherOpt
call :msg_EndmodOpt
choice /c rhse
if errorlevel 4 goto :lbl_GameMenu
if errorlevel 3 goto :lbl_ModMenu
if errorlevel 2 (
call :sub_ClrModExcl
) else (
call :sub_RestoreMods
)
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_ModMenu7
rem --- unconverted, converted and excluded mods ---
call :msg_ModYouWantTo 7
call :msg_ConvModOpt
call :msg_AddModExclOpt
call :msg_RestoreModOpt
call :msg_ClrModExclOpt
call :msg_OtherOpt
call :msg_EndmodOpt
choice /c marhse
if errorlevel 6 goto :lbl_GameMenu
if errorlevel 5 goto :lbl_ModMenu
if errorlevel 4 (
call :sub_ClrModExcl
goto :EOF
)
if errorlevel 3 (
call :sub_RestoreMods
goto :EOF
)
if errorlevel 2 (
call call :sub_AddExclusion
) else (
call :sub_AddNewMods
)
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- conversion subs ---
rem ---------------------------------------------------------------------
:sub_Convert
set flag_Dont=0
if /i %1=="x_level1.ras" set flag_Dont=1
if /i %1=="x_level2.ras" set flag_Dont=1
if /i %1=="x_level3.ras" set flag_Dont=1
if %flag_Dont%==0 (
if %var_Debug% gtr 0 call :msg_StartConvfileDbg %1
if not exist backup md backup
copy %1 backup >nul
md tmp
if %var_Debug% gtr 0 call :msg_ExtractDbg %1
rasmaker -x %1 tmp >nul
if %var_Debug% gtr 0 call :msg_ConvertDbg
for /r tmp\data %%i in (*.wav ) do call :sub_SoxLoop "%%i"
if %var_Debug% gtr 0 call :msg_PackDbg %1
rasmaker -a -p tmp %1 >nul
call :sub_CheckConv %1 %2
call :sub_Waitasec %var_ConversionDelay%
if %var_Debug% gtr 0 call :msg_DeltmpDbg
call :sub_RemoveTmp
if %var_Debug% gtr 0 call :msg_FiledoneDbg %1
)
set flag_Dont=
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_SoxLoop
if %var_Debug%==0 SoX -q %1 -u -b "%~dp1outfile.wav" 2>nul
if %var_Debug%==1 SoX -q %1 -u -b "%~dp1outfile.wav" 2>nul
if %var_Debug%==2 (
call :msg_LineDbg
SoX -V %1 -u -b "%~dp1outfile.wav"
call :sub_Waitasec %var_DbgL2Delay%
)
del %1
ren "%~dp1outfile.wav" "%~nx1"
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_CheckConv
set flag_RasMsg=0
if %var_Debug% gtr 0 call :msg_CheckConvDbg
if %~z1==%~z2 (
call :sub_KeepExcl %1
if %var_Debug% gtr 0 call :msg_BadConvEqualDbg
call :sub_BadConv %1 %2
if %var_Debug% gtr 0 call :msg_BackupRestDbg %1
set flag_RasCheck=1
set flag_RasMsg=1
) else (
if %~z1==0 (
call :sub_KeepExcl %1
if %var_Debug% gtr 0 call :msg_BadConvZeroDbg
call :sub_BadConv %1 %2
if %var_Debug% gtr 0 call :msg_BackupRestDbg %1
set flag_RasCheck=1
set flag_RasMsg=1
)
)
if exist x_english.ras (
if "%~nx1"=="x_data.ras" (
if not "%~z1"=="151433969" (
call :msg_ConvFileSizeBad %1
set flag_RasCheck=1
set flag_RasMsg=1
)
)
if "%~nx1"=="x_english.ras" (
if not "%~z1"=="412658843" (
call :msg_ConvFileSizeBad %1
set flag_RasCheck=1
set flag_RasMsg=1
)
)
)
if "%~nx1"=="x_music.ras" (
if not "%~z1"=="286777161" (
call :msg_ConvFileSizeBad %1
set flag_RasCheck=1
set flag_RasMsg=1
)
)
if not %flag_RasMsg%==1 call :msg_ConvFileOk "%~nx1"
set flag_RasMsg=
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_KeepExcl
if not exist convexcl md convexcl
call :msg_ConvFileBad "%~nx1"
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_BadConv
del %1
copy %2 "%~dp1" >nul
del %2
call :sub_DelBakIfEmpty
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_CvrtGame
call :msg_working
call :msg_StartConvGame
set flag_RasCheck=0
for %%i in (*.ras) do call :sub_Convert "%%i" "backup\%%i"
if not %flag_RasCheck%==1 ( 
call :msg_FileSizeGood
) else (
call :msg_ConvFailed
call :sub_RestoreExt ras
call :sub_DelBakIfEmpty
pause
)
call :msg_GameConvDone
call :sub_Waitasec %var_ActionFinishedDelay%
if not %flag_RasCheck%==1 call :msg_finished
goto :EOF
rem ---------------------------------------------------------------------
:sub_AddNewMods
call :msg_StartConvMod
set var_File=
call :msg_TypeFileName
set /p var_File= -^> 
if not "%var_File%"=="" (
if not "%var_File%" == "*" (
if exist "%var_File%.mpm" (
if not exist "backup\%var_File%.mpm" (
if not exist "convexcl\%var_File%.log" (
set flag_RasCheck=0
call :msg_ConvFile "%var_File%"
call :sub_Convert "%var_File%.mpm" "backup\%var_File%.mpm" 
)
)
) else (
call :msg_FileNotFound "%var_File%"
goto :sub_AddNewMods
)
) else (
for %%i in (*.mpm) do (
if not exist "backup\%%i" (
if not exist "convexcl\%%~ni.log" (
set flag_RasCheck=0
call :sub_Convert "%%i" "backup\%%i" 
)
)
)
)
) else (
call :msg_NoAction
)
call :msg_ModConvDone
call :sub_Waitasec %var_ActionFinishedDelay%
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- restore subs ---
rem ---------------------------------------------------------------------
:sub_RestoreGame
call :msg_working
call :msg_StartRestore
call :sub_RestoreExt ras
call :sub_DelBakIfEmpty
call :msg_RestoreDone
call :sub_Waitasec %var_ActionFinishedDelay%
call :msg_finished
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_RestoreMods
call :msg_StartRestore
set var_File=
call :msg_TypeFileName
set /p var_File= -^> 
if not "%var_File%"=="" (
if not "%var_File%" == "*" (
if exist "backup\%var_File%.mpm" (
call :Sub_RestoreFile "backup\%var_File%.mpm"
) else (
call :msg_FileNotFound "%var_File%"
goto :sub_RestoreMods
)
) else (
call :sub_RestoreExt mpm
call :sub_DelBakIfEmpty
)
) else (
call :msg_NoAction
)
call :msg_RestoreDone
call :sub_Waitasec %var_ActionFinishedDelay%
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_RestoreFile
copy %1 . >nul
call :msg_FileRestored %~nx1
del %1 /q
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_RestoreExt
if %var_Debug% gtr 0 call :msg_RestoreDbg
for %%i in (backup\*.%1) do (
copy "%%i" . >nul
call :msg_FileRestored "%%~nxi"
)
del backup\*.%1 /q
if %var_Debug% gtr 0 call :msg_DelbakDbg
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_DelBakIfEmpty
if not exist backup\*.mpm (
if not exist backup\*.ras rd  backup /s /q
)
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- History subs ---
rem ---------------------------------------------------------------------
:sub_ClrModExcl
call :msg_StartDelExclusion
set var_File=
call :msg_TypeFileName
set /p var_File= -^> 
if not "%var_File%"=="" (
if not "%var_File%" == "*" (
if exist "convexcl\%var_File%.log" (
call :msg_ExcludeRemove "%var_File%"
del "convexcl\%var_File%.log"
if not exist convexcl\*.log rd convexcl /s /q
) else (
call :msg_FileNotFound "%var_File%"
goto :sub_ClrModExcl
)
) else (
call :msg_ExcludeListRemoved
rd convexcl /s /q
)
) else (
call :msg_NoAction
)
call :msg_ExclusionDone
call :sub_Waitasec %var_ActionFinishedDelay%
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_AddExclusion
call :msg_StartAddExclusion
set var_File=
call :msg_TypeFileName
set /p var_File= -^> 
if not "%var_File%"=="" (
if not "%var_File%" == "*" (
if exist "%var_File%.mpm" (
if not exist "backup\%var_File%.mpm" (
if not exist "convexcl\%var_File%.log" (
if not exist convexcl md convexcl
call :msg_LogExcludedFile "%var_File%.mpm"
call :msg_FileExclude "%var_File%"
)
)
) else (
call :msg_FileNotFound "%var_File%"
goto sub_AddExclusion
)
) else (
for %%i in (*.mpm) do (
if not exist "backup\%%i" (
if not exist "convexcl\%%~ni.log" (
if not exist convexcl md convexcl
call :msg_LogExcludedFile "%%~nxi"
call :msg_FileExclude "%%~nxi"
)
)
)
)
) else (
call :msg_NoAction
)
call :msg_ExclusionDone
call :sub_Waitasec %var_ActionFinishedDelay%
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- listing subs ---
rem ---------------------------------------------------------------------
:sub_ListNewMods
for %%i in (*.mpm) do if not exist "backup\%%i" if not exist "convexcl\%%~ni.log" echo    - %%i
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_ListConvMods
for %%i in (backup/*.mpm) do echo    - %%i
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_ListExcludedMods
for %%i in (*.mpm) do if not exist "backup\%%i" if exist "convexcl\%%~ni.log" echo    - %%i
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_ListMods
if %var_NewModCount% gtr 0 (
call :msg_NewModFnd 
call :sub_ListNewMods
)
if %var_ConvModCount% gtr 0 (
call :msg_ConvModsFnd
call :sub_ListConvMods
)
if %var_ExcludedModCount% gtr 0 (
call :msg_ExcludedModsFnd
call :sub_ListExcludedMods
)
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- detection phase control and report structure ---
rem ---------------------------------------------------------------------
:sub_DetectionPhase
call :msg_HorLine
call :msg_AnalyseCurrent
if %var_Debug% gtr 0 call :msg_DebugStat
call :msg_WorkDir
call :sub_DetectTmp 1
call :sub_DetectBackupProbs
call :sub_DetectFreshGame
if %var_Debug% gtr 0 call :msg_FilesdetectedDbg
call :sub_DetectScriptNeeds
if %flag_ScriptNeeds%==1 (
if %var_Debug% gtr 0 call :msg_ScriptNeedFndDbg
) else (
if %var_Debug% gtr 0 (
call :msg_ScriptNeedBadDbg
call :sub_DetectScriptNeeds 1
)
)
call :sub_DetectGame
call :sub_DetectLang
call :sub_DetectConvData
if %flag_ConvData%==1 (
if %var_Debug% gtr 0 call :msg_ConvDataFndDbg
) else (
if %var_Debug% gtr 0 (
call :msg_ConvDataBadDbg
call :sub_DetectConvData 1
)
)
call :sub_DetectRun
if %flag_GameExe%==1 (
if %var_Debug% gtr 0 call :msg_GameExeFndDbg
) else (
if %var_Debug% gtr 0 call :msg_GameExeBadDbg
)
if %flag_RunFiles%==1 (
if %var_Debug% gtr 0 call :msg_AdtlFndDbg
) else (
if %var_Debug% gtr 0 (
call :msg_AdtlBadDbg
call :sub_DetectRun 1
)
)
if %flag_LangFiles%==1 (
if %var_Debug% gtr 0 for %%i in (*.ras) do call :sub_CheckLang %%i,1
) else (
if %var_Debug% gtr 0 call :msg_LangBadDbg
)
if %var_Debug% gtr 0 if exist backup call :msg_BackupFndDbg
call :sub_DetectMods
set flag_AllFiles=0
if %flag_ScriptNeeds%==1 (
if %flag_GameExe%==1 (
if %flag_RunFiles%==1 (
set flag_AllFiles=1
)
)
)
if %flag_FreshGame%==1 (
if %flag_RunFiles%==1 call :msg_FreshGameFnd
) else (
if exist backup\*.ras if %flag_RunFiles%==1 call :msg_ConvGameFnd
)
set flag_OnlyMods=0
if %var_TotModCount% gtr 0 (
if %flag_ScriptNeeds% == 1 set flag_OnlyMods=1
)
if %flag_AllFiles%==1 (
color 2F
if %var_Debug% gtr 0 call :msg_NoProbsDbg
if %var_TotModCount% gtr 0 ( 
call :msg_TotMods
) else (
call :msg_NoModsFnd
)
) else (
if %var_Debug% == 0 call :msg_NoValidGame
if %var_TotModCount% gtr 0 ( 
call :msg_TotMods 
) else (
call :msg_NoModsFnd
)
if %flag_OnlyMods% == 1 (
color 2F
if %var_Debug% gtr 0 call :msg_NoProbsModsDbg
if %var_Debug% == 0 call :msg_NoProbsMods
) else (
color 4F
if %var_Debug% gtr 0 call :msg_ProbsDbg
if %var_Debug%==0 call :msg_PosProbs
)
)
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- detection subs ---
rem ---------------------------------------------------------------------
:sub_DetectMods
set /a var_NewModCount=0
set /a var_ConvModCount=0
set /a var_ExcludedModCount=0
for %%i in (*.mpm) do (
if not exist "backup\%%i" ( 
if not exist "convexcl\%%~ni.log" (
set /a var_NewModCount += 1
) else (
set /a var_ExcludedModCount += 1
)
) else (
set /a var_ConvModCount += 1
)
)
set /a var_TotModCount=%var_NewModCount%+%var_ConvModCount%+%var_ExcludedModCount%
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_DetectGame
set flag_GameExe=0
if /i exist maxpayne.exe set flag_GameExe=1
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_DetectScriptNeeds
set flag_ScriptNeeds=1
set flag_CanConvert=1
if /i not exist rasmaker.exe (
set flag_ScriptNeeds=0
set flag_CanConvert=0
if "%1"=="1" call :msg_Miss rasmaker.exe
)
if /i not exist rl.dll (
set flag_ScriptNeeds=0
if "%1"=="1" call :msg_Miss rl.dll
set flag_CanConvert=0
)
if /i not exist shortcut.exe (
set flag_ScriptNeeds=0
if "%1"=="1" call :msg_Miss shortcut.exe
)
if /i not exist sox.exe (
set flag_ScriptNeeds=0
if "%1"=="1" call :msg_Miss sox.exe
set flag_CanConvert=0
)
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_DetectConvData
set flag_ConvData=1
if /i not exist x_data.ras (
set flag_ConvData=0
if "%1"=="1" call :msg_Miss x_data.ras
)
if /i not exist x_music.ras (
set flag_ConvData=0
if "%1"=="1" call :msg_Miss x_music.ras
)
if %flag_LangFiles%==0 (
set flag_ConvData=0
if "%1"=="1" call :msg_Miss x_^(language^).ras
)
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_DetectLang
set flag_LangFiles=0
for %%i in (*.ras) do call :sub_CheckLang %%i
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_CheckLang
set flag_Dont=0
if /i %1==x_level1.ras set flag_Dont=1
if /i %1==x_level2.ras set flag_Dont=1
if /i %1==x_level3.ras set flag_Dont=1
if /i %1==x_data.ras set flag_Dont=1
if /i %1==x_music.ras set flag_Dont=1
if %flag_Dont%==0 (
if "%2"=="" (
set flag_LangFiles=1
) else (
call :msg_LangFndDbg %1
)
)
set flag_Dont=
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_DetectRun
set flag_RunFiles=1
if /i not exist e2driver\e2_d3d8_driver_mfc.dll (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss e2driver\e2_d3d8_driver_mfc.dll
)
if /i not exist movies\intro.mpg (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss movies\intro.mpg
)
if /i not exist e2mfc.dll (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss e2mfc.dll
)
if /i not exist grphmfc.dll (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss grphmfc.dll
)
if %flag_GameExe%==0 (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss maxpayne.exe
)
if /i not exist mfc42.dll ( 
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss mfc42.dll
)
if /i not exist msvcirt.dll (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss msvcirt.dll
)
if /i not exist msvcp60.dll (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss msvcp60.dll
)
if /i not exist msvcrt.dll (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss msvcrt.dll
)
if /i not exist rlmfc.dll (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss rlmfc.dll
)
if /i not exist sndmfc.dll (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss sndmfc.dll
)
if /i not exist x_data.ras (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss x_data.ras
)
if %flag_LangFiles%==0 (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss x_^(language^).ras
)
if /i not exist x_level1.ras (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss x_level1.ras
)
if /i not exist x_level2.ras (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss x_level2.ras
)
if /i not exist x_level3.ras (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss x_level3.ras
)
if /i not exist x_music.ras (
set flag_RunFiles=0
if "%1"=="1" call :msg_Miss x_music.ras
)
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_DetectFreshGame
set flag_FreshGame=0
if exist *.ras (
set flag_FreshGame=1
for %%i in (*.ras) do call :sub_FreshSize %%i
)
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_FreshSize
if exist x_english.ras if %1==x_data.ras if not "%~z1" == "134236027" set flag_FreshGame=0
if %1==x_music.ras if not "%~z1" == "144606272" set flag_FreshGame=0
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_DetectUac
set flag_Uac=0
mkdir uactest 2>nul
if errorlevel 1 (
set flag_Uac=1
) else (
rd uactest /s /q
echo.
)
if %flag_Uac%==1 goto :lbl_Handle_Uac
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_DetectTmp
if exist tmp (
:sub_RemoveTmp
rd tmp /s /q 2>nul
call :sub_Waitasec %var_ConversionDelay%
if exist tmp (
call :msg_TmpProb
pause >nul
goto :sub_RemoveTmp
)
if "%1"=="1" call :msg_TmpCleared
)
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- backup sync steam verify ---
rem ---------------------------------------------------------------------
:sub_DetectBackupProbs
set flag_BackupProbs=0
for %%i in (backup/*.ras) do call :sub_CompareGameFileSize %%i
call :sub_SyncBackupDir
if %flag_BackupProbs%==1 call :msg_BackupsSynced
set flag_BackupProbs=
set var_UsedFileSize=
set var_BakFileSize=
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_CompareGameFileSize
if exist %1 set var_UsedFileSize=%~z1
call :sub_CheckBakFileSize backup\%1
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_CheckBakFileSize
if exist %1 set var_BakFileSize=%~z1
if "%var_UsedFileSize%" == "%var_BakFileSize%" (
set flag_BackupProbs=1
del %1
)
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_SyncBackupDir
if exist backup (
if not exist backup\*.mpm (
if not exist backup\*.ras (
set flag_BackupProbs=1
rd backup /s /q
)
)
)
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- helper subs ---
rem ---------------------------------------------------------------------
:sub_Waitasec
timeout /t %1 >nul
goto :EOF
 
rem ---------------------------------------------------------------------
:sub_CreateShortcut
if not exist "%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxBatch.lnk" shortcut /f:"%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxBatch.lnk" /a:c /i:"%cd%\maxpayne.exe",1 /t:"%cd%\MaxBatch.bat" /w:"%cd%" >nul
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- goto routines ---
rem ---------------------------------------------------------------------
:lbl_ToggleDebug
if %var_Debug%==0 (
set var_Debug=1
goto :lbl_EndDebug
if %var_Debug%==1 (
set var_Debug=2
goto :lbl_EndDebug
)
if %var_Debug%==2 (
set var_Debug=0
goto :lbl_EndDebug
:lbl_EndDebug
goto :lbl_GameMenu
 
rem ---------------------------------------------------------------------
:lbl_LaunchGame
if %flag_GameExe% == 1 start /b maxpayne.exe
goto :lbl_Exit 
 
rem ---------------------------------------------------------------------
:lbl_Handle_Uac
call :msg_Welcome
color 4F
call :msg_AnalyseCurrent
call :msg_Elevate
set str_ElevName=%temp%\elevate.vbs
echo ' // Based on Elevation PowerToys for Windows Vista v1.1 (04/29/2008) > %str_ElevName%
echo ' // Adapted by Darkje for Max Payne Conversion Tool v0.3 >> %str_ElevName%
echo Set objShell = CreateObject("Shell.Application") >> %str_ElevName%
echo Set objWshShell = WScript.CreateObject("WScript.Shell") >> %str_ElevName%
echo Set objWshProcessEnv = objWshShell.Environment("PROCESS") >> %str_ElevName%
echo strDir = objWshProcessEnv("ELEVATE_DIR") >> %str_ElevName%
echo strApp = objWshProcessEnv("ELEVATE_APP") >> %str_ElevName%
echo objShell.ShellExecute "" ^& strApp, "" ^& strDir, "", "runas" >> %str_ElevName%
call :sub_Waitasec %var_ExitDelay%
set ELEVATE_APP=%~nx0
set ELEVATE_DIR=%cd%
start wscript //nologo "%str_ElevName%" %*
goto :lbl_Exit
 
rem ---------------------------------------------------------------------
:lbl_Exit
call :sub_CreateShortcut
echo.
call :msg_Done
call :sub_Waitasec %var_ExitDelay%
rem --- cleanup used vars ---
set var_File=
set var_ConvModCount=
set var_NewModCount=
set var_ExcludedModCount=
set var_TotModCount=
set var_Debug=
set var_ConversionDelay=
set var_ExitDelay=
set var_ActionFinishedDelay=
set var_DbgL2Delay=
set str_Title=
set flag_OnlyMods=
set flag_Uac=
set flag_AllFiles=
set flag_ConvData=
set flag_ScriptNeeds=
set flag_CanConvert=
set flag_GameExe=
set flag_LangFiles=
set flag_RunFiles=
set flag_FreshGame=
set flag_RasCheck=
exit 
 
rem ---------------------------------------------------------------------
rem --- dialog subs ---
rem ---------------------------------------------------------------------
:msg_Welcome
cls
Title %str_Title%
call :msg_HorLine
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_GameConvScreen
echo                             Game Conversion Screen
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ModConvScreen
echo                             Mod Conversion Screen
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_YouWantTo
call :msg_HorLine
if %var_Debug% == 0 (
echo Main options:
) else (
echo Main options ^(%1^):
)
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ModYouWantTo
call :msg_HorLine
if %var_Debug% == 0 (
echo Main options:
) else (
echo Main options ^(%1^):
)
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_OtherOpt
echo.
echo Other options:
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_HorLine
echo _______________________________________________________________________________
echo.
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- game menu option messages ---
rem ---------------------------------------------------------------------
:msg_ConvGameOptOk
echo  [C] - Convert game.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvGameOptBad
echo  [C] - Convert game.                     [!] Option affected by problem^(s^).
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_RestoreGameOpt
echo  [R] - Restore game to unconverted.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_LaunchOptOk
echo  [L] - Launch unconverted game.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_LaunchOptBad
echo  [L] - Launch unconverted game.             [!] Option affected by problem^(s^). 
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_LaunchConvOptOk
echo  [L] - Launch converted game.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_LaunchConvOptBad
echo  [L] - Launch converted game.            [!] Option affected by problem^(s^). 
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ModOpt
echo  [M] - Mod Conversion Screen.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_DebugOpt
echo  [D] - Debug Level 0/1/2.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_StartOpt
echo  [S] - Start analysis again.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_EndOpt
echo  [E] - End.
echo.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_NoMainOpt
echo  [!] - No main options, No game, No mods. Can't do much...
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_SdeOpt
rem --- option group sde ---
call :msg_StartOpt
call :msg_DebugOpt
call :msg_EndOpt
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_LaunchOpt
if %flag_GameExe%==1 (
call :msg_LaunchOptOk
) else (
call :msg_LaunchOptBad
)
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_LaunchConvOpt
if %flag_GameExe%==1 (
call :msg_LaunchConvOptOk
) else (
call :msg_LaunchConvOptBad
)
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_GameConvOpt
if %flag_ConvData%==1 (
if %flag_CanConvert%==1 call :msg_ConvGameOptOk
) else (
call :msg_ConvGameOptBad
)
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- mod menu option messages ---
rem ---------------------------------------------------------------------
:msg_ConvModsOptOk
echo  [M] - Convert new mod^(s^).
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvModsOptBad
echo  [M] - Convert new mod^(s^).                   [!] Option affected by problem^(s^).
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_RestoreModOpt
echo  [R] - Restore converted mod^(s^) to unconverted.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_AddModExclOpt
echo  [A] - Add new mod^(s^) to exclusion list.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ClrModExclOpt
echo  [H] - Remove mod^(s^) from exclusion list.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_EndModOpt
call :msg_StartOpt
echo  [E] - End, back to Game Conversion Screen.
echo.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvModOpt
if %flag_CanConvert%==1 (
call :msg_ConvModsOptOk
) else ( 
call :msg_ConvModsOptBad
)
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- Analisis status messages ---
rem ---------------------------------------------------------------------
:msg_AnalyseCurrent
echo Analysing current status:
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_WorkDir
echo  + Work directory: %cd%.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_FreshGameFnd
echo  + Original, unconverted game found.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvGameFnd
echo  + Converted game found.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_NoValidGame
echo  + No valid game detected.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_TotMods
echo  + Mod^(s^) found. %var_TotModCount% in total.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_NewModFnd
echo  + New, unconverted mod^(s^) [%var_NewModCount%]:
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvModsFnd
echo  + Converted mod^(s^) [%var_ConvModCount%]:
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ExcludedModsFnd
echo  + Excluded mod^(s^) [%var_ExcludedModCount%]:
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_NoProbsMods
echo  + Mod^(s^) and script needs detected, Mod conversion can proceed.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_NoModsFnd
echo  + No Mod^(s^) found.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_BackupsSynced
echo  + Patch backup synchronization issue repaired.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_TmpCleared
echo  + A temporary directory was found and cleared.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_PosProbs
echo  + File scan shows:
echo    - Possible problem(s) detected, use debug level 1 for more info.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_TmpProb
echo  + Problem Detected! Can't delete tmp dir, file in use. Any key to retry.
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- Work progress messages ---
rem ---------------------------------------------------------------------
:msg_StartConvGame
echo.
echo -^> Starting game conversion phase: converting three files ...
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_GameConvDone
echo -^> Game conversion phase finished.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_StartConvMod
echo.
echo -^> Starting new mod conversion phase ...
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ModConvDone
echo -^> Mod Conversion phase finished.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvFileSizeBad
echo -^> File %~1 converted but resulting size not as expected.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvFileOk
echo -^> File %~1 converted.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvFileBad
if %var_Debug% == 0 echo -^> File %~1 NOT converted, added to exclude list.
call :msg_LogExcludedFile %1
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_LogExcludedFile
echo MaxBatch: Excluded %~1 from conversion. > "convexcl\%~n1.log"
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ExcludeRemove
echo -^> Removing %~1 from exclusions.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ExcludeListRemoved
echo -^> Exclusion list removed.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_FileExclude
echo -^> Adding %~1 to exclusions.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvFile
echo echo -^> Converting file %~1.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_FileNotFound
echo -^> File %~1 not found!
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_NoAction
echo -^> No action taken.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_TypeFileName
echo -^> Type a file name (no extension, enter to skip, * for all)
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_StartRestore
echo.
echo -^> Starting restore phase ...
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_RestoreDone
echo -^> Restore phase finished.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_StartAddExclusion
echo.
echo -^> Starting add exclusions phase ...
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_StartDelExclusion
echo.
echo -^> Starting remove exclusions phase ...
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ExclusionDone
echo -^> Modify exclusions phase finished.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ExclRestored
echo -^> Exclusion^(s^) removed.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_FileRestored
echo -^> File %~1 restored.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_Done
echo -^> Max Payne Conversion Script is done!
echo -^> Run it again for other options.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_Elevate
echo -^> UAC restrictions detected, restarting at administrator level.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_FileSizeGood
echo -^> Size of converted files okay! 
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvFailed
echo -^> Conversion of one or more files failed, restoring backups!
goto :EOF
 
rem ---------------------------------------------------------------------
rem --- Debug messages ---
rem ---------------------------------------------------------------------
:msg_CheckConvDbg
echo -^> Checking result of conversion.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_BadConvEqualDbg
echo -^> Converted file same size as unconverted file, conversion not needed.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_BadConvZeroDbg
echo -^> Converted file zero bytes size, that can't be right.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_BackupRestDbg
echo -^> Conversion of %1 failed, restoring original. 
echo -^> %1 logged in exclusion list.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_DebugStat
echo  + Debug Level=%var_Debug%.
call :sub_Waitasec %var_ExitDelay%
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_LangFndDbg
echo    - Language file found: %1.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_RestoreDbg
echo -^> Restoring backup files.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_LangBadDbg
echo    + Language file missing.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_StartConvfileDbg
echo -^> Starting conversion of file %1
echo -^> Creating backup of %1
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ExtractDbg
echo -^> Extracting %1 to tmp.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvertDbg
echo -^> Converting tmp files with SoX.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_PackDbg
echo -^> Repacking tmp files to %1.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_DeltmpDbg
echo -^> Deleting tmp files.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_FiledoneDbg
echo -^> File %1 done.
echo.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_FilesdetectedDbg
echo  + File scan shows:
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ScriptNeedFndDbg
echo    - Files needed by script found.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ScriptNeedBadDbg
echo    + File(s) needed by script missing:
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvDataFndDbg
echo    - Target files for game conversion found.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ConvDataBadDbg
echo    + Target file(s) for game conversion missing:
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_GameExeFndDbg
echo    - MaxPayne.exe found, Launch option will attempt launch.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_GameExeBadDbg
echo    + MaxPayne.exe missing.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_AdtlFndDbg
echo    - All files required to run the game found.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_AdtlBadDbg
echo    + Some file(s) required to run the standard game missing:
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_BackupFndDbg
echo    - Backup detected.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_NoProbsDbg
echo  + No missing file problems detected, OK!.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_NoProbsModsDbg
echo  + Crucial game files missing, but mod conversion can proceed.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_ProbsDbg
echo  + This looks Bad! Possible problem(s) detected.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_DelbakDbg
echo -^> Deleting old backup files.
goto :EOF
 
rem ---------------------------------------------------------------------
:msg_LineDbg
echo --------------------------------------------------------------------
goto :EOF
 
rem --------------------- missing file messages -------------------------
:msg_Miss
echo      - %1
goto :EOF
 
rem --------------------- large status messages -------------------------
:msg_working
rem cls
echo.
echo  Ű     Ű  ŰŰŰŰŰ  ŰŰŰŰŰŰ  Ű     Ű ŰŰŰŰŰ Ű     Ű  ŰŰŰŰŰ
echo  Ű     Ű Ű     Ű Ű     Ű Ű    Ű    Ű   ŰŰ    Ű Ű     Ű
echo  Ű     Ű Ű     Ű Ű     Ű Ű   Ű     Ű   Ű Ű   Ű Ű
echo  Ű     Ű Ű     Ű ŰŰŰŰŰŰ  ŰŰŰŰ      Ű   Ű  Ű  Ű Ű
echo  Ű  Ű  Ű Ű     Ű Ű   Ű   Ű   Ű     Ű   Ű   Ű Ű Ű    ŰŰ
echo  Ű Ű Ű Ű Ű     Ű Ű    Ű  Ű    Ű    Ű   Ű    ŰŰ Ű     Ű  ŰŰ  ŰŰ  ŰŰ
echo   Ű   Ű   ŰŰŰŰŰ  Ű     Ű Ű     Ű ŰŰŰŰŰ Ű     Ű  ŰŰŰŰŰ   ŰŰ  ŰŰ  ŰŰ
echo.
echo                      *** PLEASE WAIT ***
goto :EOF
 
:msg_finished
rem cls
echo.
echo  ŰŰŰŰŰŰŰ ŰŰŰŰŰ Ű     Ű ŰŰŰŰŰ  ŰŰŰŰŰ  Ű     Ű ŰŰŰŰŰŰŰ ŰŰŰŰŰ     Ű
echo  Ű         Ű   ŰŰ    Ű   Ű   Ű     Ű Ű     Ű Ű       Ű    Ű   ŰŰŰ
echo  Ű         Ű   Ű Ű   Ű   Ű   Ű       Ű     Ű Ű       Ű     Ű  ŰŰŰ
echo  ŰŰŰŰ      Ű   Ű  Ű  Ű   Ű    ŰŰŰŰŰ  ŰŰŰŰŰŰŰ ŰŰŰŰ    Ű     Ű   Ű
echo  Ű         Ű   Ű   Ű Ű   Ű         Ű Ű     Ű Ű       Ű     Ű   Ű
echo  Ű         Ű   Ű    ŰŰ   Ű   Ű     Ű Ű     Ű Ű       Ű    Ű 
echo  Ű       ŰŰŰŰŰ Ű     Ű ŰŰŰŰŰ  ŰŰŰŰŰ  Ű     Ű ŰŰŰŰŰŰŰ ŰŰŰŰŰ     Ű
echo.
echo                    *** ANY KEY TO CONTINUE ***
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo.
echo.
pause >nul
goto :EOF


#8 MetalowaGlowa

MetalowaGlowa
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:12:09 PM

Posted 23 August 2016 - 04:48 PM

OPTIONS:
@echo off
 
:inicio
if exist "%commonprogramfiles(x86)%" (
FOR /F "tokens=2* delims=  " %%A IN ('REG QUERY "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen" /v Language') DO SET DO_LANG=%%B
) else (FOR /F "tokens=2* delims=  " %%A IN ('REG QUERY "HKLM\SOFTWARE\Electronic Arts\Dark Omen" /v Language') DO SET DO_LANG=%%B
)
if exist esn.jim goto spanish
 
:english
if exist esn.jim move esn.jim enu.jim
if not exist enu.jim echo > enu.jim
cls
SET option=0
echo.
echo DARK OMEN for Windows XP-Vista-7
echo.
if %DO_LANG%==eng (
echo Language selected: english.
)
if %DO_LANG%==deu (
echo Language selected: german.
)
if %DO_LANG%==fra (
echo Language selected: french.
)
if exist .\GameData\1pbat\B1_01\TEXTURE.M3D (
echo Textures selected: new ones.
) else (
echo Textures selected: old ones.
)
echo.
echo.
echo Options:
echo.
echo    1  =  Ver estas opciones en espa¤ol.
echo    2  =  Uninstall the game.
echo    3  =  Change the shortcuts language to english.
echo    4  =  Install the game (registry values, etc.) for this user.
if exist .\GameData\1pbat\B1_01\TEXTURE.M3D (
echo    5  =  Revert to old textures.
) else (
echo    5  =  Change to new textures.
)
if %DO_LANG%==eng (
if exist Sound\SP_DEU (
echo    6  =  Change in-game language to german.
if exist Sound\SP_FRA (
echo    7  =  Change in-game language to french.
)
) else (
if exist Sound\SP_FRA echo    6  =  Change in-game language to french.
)
)
if %DO_LANG%==deu (
if exist Sound\SP_ENG (
echo    6  =  Change in-game language to english.
if exist Sound\SP_FRA (
echo    7  =  Change in-game language to french.
)
) else (
if exist Sound\SP_FRA echo    6  =  Change in-game language to french.
)
)
if %DO_LANG%==fra (
if exist Sound\SP_DEU (
echo    6  =  Change in-game language to german.
if exist Sound\SP_ENG (
echo    7  =  Change in-game language to english.
)
) else (
if exist Sound\SP_ENG echo    6  =  Change in-game language to english.
)
)
echo.
echo    Another key  =  Close this window.
echo.
echo.
SET /P option=Choose, among the options given above, the desired one: 
if %option%==1 goto spanish
if %option%==2 goto uninstall_enu
if %option%==3 goto shortcuts_enu
if %option%==4 goto user_install
if %option%==5 goto textureswitch
if %option%==6 (
if %DO_LANG%==eng (
if exist Sound\SP_DEU (
SET cambiar_a=aleman
goto language
) else (
if exist Sound\SP_FRA (
SET cambiar_a=frances
goto language
)
)
if %DO_LANG%==fra (
if exist Sound\SP_DEU (
SET cambiar_a=aleman
goto language
) else (
if exist Sound\SP_ENG (
SET cambiar_a=ingles
goto language
)
)
if %DO_LANG%==deu (
if exist Sound\SP_eng (
SET cambiar_a=ingles
goto language
) else (
if exist Sound\SP_fra (
SET cambiar_a=frances
goto language
)
)
)
if %option%==7 (
if %DO_LANG%==eng (
if exist Sound\SP_FRA (
SET cambiar_a=frances
goto language
)
)
if %DO_LANG%==fra (
if exist Sound\SP_ENG (
SET cambiar_a=ingles
goto language
)
)
if %DO_LANG%==deu (
if exist Sound\SP_FRA (
SET cambiar_a=frances
goto language
)
)
)
exit
 
:spanish
if exist enu.jim move enu.jim esn.jim
if not exist esn.jim echo > esn.jim
cls
SET option=0
echo.
echo DARK OMEN para Windows XP-Vista-7
echo.
if %DO_LANG%==eng (
echo Idioma seleccionado: ingl‚s.
)
if %DO_LANG%==deu (
echo Idioma seleccionado: alem n.
)
if %DO_LANG%==fra (
echo Idioma seleccionado: franc‚s.
)
if exist .\GameData\1pbat\B1_01\TEXTURE.M3D (
echo Texturas elegidas: las nuevas.
) else (
echo Texturas elegidas: las antiguas.
)
echo.
echo.
echo Opciones:
echo.
echo    1  =  Show me these options in english!
echo    2  =  Desinstalar el juego.
echo    3  =  Poner los accesos directos en espa¤ol.
echo    4  =  Instalar el juego (valores del registro, etc.) para este usuario.
if exist .\GameData\1pbat\B1_01\TEXTURE.M3D (
echo    5  =  Cambiar a texturas antiguas.
) else (
echo    5  =  Cambiar a texturas nuevas.
)
if %DO_LANG%==eng (
if exist Sound\SP_DEU (
echo    6  =  Cambiar el idioma del juego al alem n.
if exist Sound\SP_FRA (
echo    7  =  Cambiar el idioma del juego al franc‚s.
)
) else (
if exist Sound\SP_FRA echo    6  =  Cambiar el idioma del juego al franc‚s.
)
)
if %DO_LANG%==deu (
if exist Sound\SP_ENG (
echo    6  =  Cambiar el idioma del juego al ingl‚s.
if exist Sound\SP_FRA (
echo    7  =  Cambiar el idioma del juego al franc‚s.
)
) else (
if exist Sound\SP_FRA echo    6  =  Cambiar el idioma del juego al franc‚s.
)
)
if %DO_LANG%==fra (
if exist Sound\SP_DEU (
echo    6  =  Cambiar el idioma del juego al alem n.
if exist Sound\SP_ENG (
echo    7  =  Cambiar el idioma del juego al ingl‚s.
)
) else (
if exist Sound\SP_ENG echo    6  =  Cambiar el idioma del juego al ingl‚s.
)
)
echo.
echo    Cualquier otra tecla  =  Cerrar esta ventana.
echo.
echo.
SET /P option=Elija, de entre las citadas posibilidades, lo que desee hacer: 
if %option%==1 goto english
if %option%==2 goto uninstall_esn
if %option%==3 goto shortcuts_esn
if %option%==4 goto user_install
if %option%==5 goto textureswitch
if %option%==6 (
if %DO_LANG%==eng (
if exist Sound\SP_DEU (
SET cambiar_a=aleman
goto language
) else (
if exist Sound\SP_FRA (
SET cambiar_a=frances
goto language
)
)
if %DO_LANG%==fra (
if exist Sound\SP_DEU (
SET cambiar_a=aleman
goto language
) else (
if exist Sound\SP_ENG (
SET cambiar_a=ingles
goto language
)
)
if %DO_LANG%==deu (
if exist Sound\SP_eng (
SET cambiar_a=ingles
goto language
) else (
if exist Sound\SP_fra (
SET cambiar_a=frances
goto language
)
)
)
if %option%==7 (
if %DO_LANG%==eng (
if exist Sound\SP_FRA (
SET cambiar_a=frances
goto language
)
)
if %DO_LANG%==fra (
if exist Sound\SP_ENG (
SET cambiar_a=ingles
goto language
)
)
if %DO_LANG%==deu (
if exist Sound\SP_FRA (
SET cambiar_a=frances
goto language
)
)
)
exit
 
:language
if %cambiar_a%==ingles (
copy /y GameData\1pbat\backup_BATTLES.ENG GameData\1pbat\BATTLES.ENG >nul
copy /y movies\backup_INFO_ENG.TGQ movies\INFO_ENG.TGQ >nul
copy /y movies\backup_ENG.TGQ movies\ENG.TGQ >nul
copy /y GRAPHICS\books\backup_L1_E.BMP GRAPHICS\books\L1_E.BMP >nul
copy /y GRAPHICS\books\backup_L2_E.BMP GRAPHICS\books\L2_E.BMP >nul
copy /y GRAPHICS\books\backup_L3_E.BMP GRAPHICS\books\L3_E.BMP >nul
copy /y GRAPHICS\books\backup_L4_E.BMP GRAPHICS\books\L4_E.BMP >nul
copy /y GRAPHICS\books\backup_SOLD_E.BMP GRAPHICS\books\SOLD_E.BMP >nul
copy /y GRAPHICS\maps\backup_M1_ENG.BMP GRAPHICS\maps\M1_ENG.BMP >nul
copy /y GRAPHICS\maps\backup_M2_ENG.BMP GRAPHICS\maps\M2_ENG.BMP >nul
copy /y GRAPHICS\maps\backup_M3_ENG.BMP GRAPHICS\maps\M3_ENG.BMP >nul
copy /y GRAPHICS\maps\backup_M4_ENG.BMP GRAPHICS\maps\M4_ENG.BMP >nul
copy /y GRAPHICS\maps\backup_TOWNS.SPR GRAPHICS\maps\TOWNS.SPR >nul
copy /y GRAPHICS\Pictures\backup_LOCATE_E.BMP GRAPHICS\Pictures\LOCATE_E.BMP >nul
copy /y GRAPHICS\Pictures\backup_LOADINGE.BMP GRAPHICS\Pictures\LOADINGE.BMP >nul
copy /y GRAPHICS\sprites\backup_MSG_ENG.SPR GRAPHICS\sprites\MSG_ENG.SPR >nul
if exist "%commonprogramfiles(x86)%" (
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SPEECH /d "%cd%"\sound\sp_eng >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen" /f /t REG_SZ /v Language /d eng >nul
) else (
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SPEECH /d "%cd%"\sound\sp_eng >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen" /f /t REG_SZ /v Language /d eng >nul
)
)
if %cambiar_a%==aleman (
copy /y GameData\1pbat\BATTLES.DEU GameData\1pbat\BATTLES.ENG >nul
copy /y movies\INFO_GER.TGQ movies\INFO_ENG.TGQ >nul
copy /y movies\GER.TGQ movies\ENG.TGQ >nul
copy /y GRAPHICS\books\L1_G.BMP GRAPHICS\books\L1_E.BMP >nul
copy /y GRAPHICS\books\L2_G.BMP GRAPHICS\books\L2_E.BMP >nul
copy /y GRAPHICS\books\L3_G.BMP GRAPHICS\books\L3_E.BMP >nul
copy /y GRAPHICS\books\L4_G.BMP GRAPHICS\books\L4_E.BMP >nul
copy /y GRAPHICS\books\SOLD_G.BMP GRAPHICS\books\SOLD_E.BMP >nul
copy /y GRAPHICS\maps\M1_GER.BMP GRAPHICS\maps\M1_ENG.BMP >nul
copy /y GRAPHICS\maps\M2_GER.BMP GRAPHICS\maps\M2_ENG.BMP >nul
copy /y GRAPHICS\maps\M3_GER.BMP GRAPHICS\maps\M3_ENG.BMP >nul
copy /y GRAPHICS\maps\M4_GER.BMP GRAPHICS\maps\M4_ENG.BMP >nul
copy /y GRAPHICS\maps\TOWNS_GE.SPR GRAPHICS\maps\TOWNS.SPR >nul
copy /y GRAPHICS\Pictures\LOCATE_G.BMP GRAPHICS\Pictures\LOCATE_E.BMP >nul
copy /y GRAPHICS\Pictures\LOADINGG.BMP GRAPHICS\Pictures\LOADINGE.BMP >nul
copy /y GRAPHICS\sprites\MSG_GER.SPR GRAPHICS\sprites\MSG_ENG.SPR >nul
if exist "%commonprogramfiles(x86)%" (
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SPEECH /d "%cd%"\sound\sp_deu >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen" /f /t REG_SZ /v Language /d deu >nul
) else (
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SPEECH /d "%cd%"\sound\sp_deu >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen" /f /t REG_SZ /v Language /d deu >nul
)
)
if %cambiar_a%==frances (
copy /y GameData\1pbat\BATTLES.FRA GameData\1pbat\BATTLES.ENG >nul
copy /y movies\INFO_FRE.TGQ movies\INFO_ENG.TGQ >nul
copy /y movies\FRE.TGQ movies\ENG.TGQ >nul
copy /y GRAPHICS\books\L1_F.BMP GRAPHICS\books\L1_E.BMP >nul
copy /y GRAPHICS\books\L2_F.BMP GRAPHICS\books\L2_E.BMP >nul
copy /y GRAPHICS\books\L3_F.BMP GRAPHICS\books\L3_E.BMP >nul
copy /y GRAPHICS\books\L4_F.BMP GRAPHICS\books\L4_E.BMP >nul
copy /y GRAPHICS\books\SOLD_F.BMP GRAPHICS\books\SOLD_E.BMP >nul
copy /y GRAPHICS\maps\M1_FRE.BMP GRAPHICS\maps\M1_ENG.BMP >nul
copy /y GRAPHICS\maps\M2_FRE.BMP GRAPHICS\maps\M2_ENG.BMP >nul
copy /y GRAPHICS\maps\M3_FRE.BMP GRAPHICS\maps\M3_ENG.BMP >nul
copy /y GRAPHICS\maps\M4_FRE.BMP GRAPHICS\maps\M4_ENG.BMP >nul
copy /y GRAPHICS\maps\TOWNS_FR.SPR GRAPHICS\maps\TOWNS.SPR >nul
copy /y GRAPHICS\Pictures\LOCATE_F.BMP GRAPHICS\Pictures\LOCATE_E.BMP >nul
copy /y GRAPHICS\Pictures\LOADINGF.BMP GRAPHICS\Pictures\LOADINGE.BMP >nul
copy /y GRAPHICS\sprites\MSG_FRE.SPR GRAPHICS\sprites\MSG_ENG.SPR >nul
if exist "%commonprogramfiles(x86)%" (
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SPEECH /d "%cd%"\sound\sp_fra >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen" /f /t REG_SZ /v Language /d fra >nul
) else (
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SPEECH /d "%cd%"\sound\sp_fra >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen" /f /t REG_SZ /v Language /d fra >nul
)
)
goto inicio
 
:textureswitch
cls
if exist .\GameData\1pbat\B1_01\TEXTURE.M3D (
del /q .\GameData\1pbat\B1_01\TEXTURE.M3D
) else (
echo > .\GameData\1pbat\B1_01\TEXTURE.M3D
)
ren .\GameData\1pbat\B1_01\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B1_02\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B1_03\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B1_04\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B1_05\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B1_06\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B1_07\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B2_01\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B2_02\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B2_04\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B2_05\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B2_07\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B2_08\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B3_01\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B3_02\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B3_06\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B3_07\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B3_08\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B3_09\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B4_01\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B4_02\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B4_03\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B4_05\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B4_06\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B4_08\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B4_09\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B4_10\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B5_01\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B5_01B\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\SPARE9\TEXTURE TEXTURE_TMP
ren .\GameData\1pbat\B1_01\LTEXTURE TEXTURE
ren .\GameData\1pbat\B1_02\LTEXTURE TEXTURE
ren .\GameData\1pbat\B1_03\LTEXTURE TEXTURE
ren .\GameData\1pbat\B1_04\LTEXTURE TEXTURE
ren .\GameData\1pbat\B1_05\LTEXTURE TEXTURE
ren .\GameData\1pbat\B1_06\LTEXTURE TEXTURE
ren .\GameData\1pbat\B1_07\LTEXTURE TEXTURE
ren .\GameData\1pbat\B2_01\LTEXTURE TEXTURE
ren .\GameData\1pbat\B2_02\LTEXTURE TEXTURE
ren .\GameData\1pbat\B2_04\LTEXTURE TEXTURE
ren .\GameData\1pbat\B2_05\LTEXTURE TEXTURE
ren .\GameData\1pbat\B2_07\LTEXTURE TEXTURE
ren .\GameData\1pbat\B2_08\LTEXTURE TEXTURE
ren .\GameData\1pbat\B3_01\LTEXTURE TEXTURE
ren .\GameData\1pbat\B3_02\LTEXTURE TEXTURE
ren .\GameData\1pbat\B3_06\LTEXTURE TEXTURE
ren .\GameData\1pbat\B3_07\LTEXTURE TEXTURE
ren .\GameData\1pbat\B3_08\LTEXTURE TEXTURE
ren .\GameData\1pbat\B3_09\LTEXTURE TEXTURE
ren .\GameData\1pbat\B4_01\LTEXTURE TEXTURE
ren .\GameData\1pbat\B4_02\LTEXTURE TEXTURE
ren .\GameData\1pbat\B4_03\LTEXTURE TEXTURE
ren .\GameData\1pbat\B4_05\LTEXTURE TEXTURE
ren .\GameData\1pbat\B4_06\LTEXTURE TEXTURE
ren .\GameData\1pbat\B4_08\LTEXTURE TEXTURE
ren .\GameData\1pbat\B4_09\LTEXTURE TEXTURE
ren .\GameData\1pbat\B4_10\LTEXTURE TEXTURE
ren .\GameData\1pbat\B5_01\LTEXTURE TEXTURE
ren .\GameData\1pbat\B5_01B\LTEXTURE TEXTURE
ren .\GameData\1pbat\SPARE9\LTEXTURE TEXTURE
ren .\GameData\1pbat\B1_01\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B1_02\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B1_03\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B1_04\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B1_05\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B1_06\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B1_07\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B2_01\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B2_02\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B2_04\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B2_05\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B2_07\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B2_08\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B3_01\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B3_02\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B3_06\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B3_07\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B3_08\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B3_09\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B4_01\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B4_02\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B4_03\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B4_05\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B4_06\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B4_08\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B4_09\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B4_10\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B5_01\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\B5_01B\TEXTURE_TMP LTEXTURE
ren .\GameData\1pbat\SPARE9\TEXTURE_TMP LTEXTURE
goto inicio
 
:uninstall_esn
cls
set confirmo=j
echo.
echo.
echo Desinstalaci˘n del DARK OMEN. Este proceso comprende lo siguiente:
echo.
echo   1. Borrado de las oportunas claves del registro.
echo.
echo   2. Borrado de los accesos directos del juego.
echo.
echo   3. Borrado del directorio en que el juego fue instalado
echo      ("%cd%") y de sus subdirectorios.
echo. 
echo.
echo Introduzca "s" (sin comillas) para continuar con la desinstalaci˘n,
SET /P confirmo=o cualquier otra tecla para regresar al menŁ: 
if %confirmo%==s (
goto quitar) else goto inicio
 
:uninstall_enu
cls
set confirmo=j
echo.
echo.
echo DARK OMEN uninstall. This will:
echo.
echo   1. Delete registry entries created by the game.
echo.
echo   2. Delete shortcuts created by the game.
echo.
echo   3. Delete the folder where the game is installed
echo      ("%cd%") and its subfolders.
echo. 
echo.
echo Introduce "y" (without inverted commas) to uninstall the game,
SET /P confirmo=or another key to return to the menu: 
if not %confirmo%==y goto inicio
 
:quitar
if exist "%userprofile%\Start Menu\Programs\Dark Omen" rd /s /q "%userprofile%\Start Menu\Programs\Dark Omen"
if exist "%userprofile%\Start Menu\Programs\Games\Dark Omen" rd /s /q "%userprofile%\Start Menu\Programs\Games\Dark Omen"
if exist "%userprofile%\MenŁ Inicio\Programas\Juegos\Dark Omen" rd /s /q "%userprofile%\MenŁ Inicio\Programas\Juegos\Dark Omen"
if exist "%userprofile%\MenŁ Inicio\Programas\Dark Omen" rd /s /q "%userprofile%\MenŁ Inicio\Programas\Dark Omen"
if exist "%commonprogramfiles(x86)%" (REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen" /f >nul
) else (REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Electronic Arts\Dark Omen" /f >nul
)
set borrar_dir="%cd%"
cd ..
rd /s /q %borrar_dir% >nul
exit
 
:shortcuts_enu
if exist "%userprofile%\Start Menu\Programs\Dark Omen" rd /s /q "%userprofile%\Start Menu\Programs\Dark Omen" >nul
if exist "%userprofile%\Start Menu\Programs\Games\Dark Omen" rd /s /q "%userprofile%\Start Menu\Programs\Games\Dark Omen" >nul
if exist "%userprofile%\MenŁ Inicio\Programas\Juegos\Dark Omen" rd /s /q "%userprofile%\MenŁ Inicio\Programas\Juegos\Dark Omen" >nul
if exist "%userprofile%\MenŁ Inicio\Programas\Dark Omen" rd /s /q "%userprofile%\MenŁ Inicio\Programas\Dark Omen" >nul
shortcuts_enu.exe
if exist esn.jim del /q esn.jim >nul
goto inicio
 
:shortcuts_esn
if exist "%userprofile%\Start Menu\Programs\Dark Omen" rd /s /q "%userprofile%\Start Menu\Programs\Dark Omen" >nul
if exist "%userprofile%\Start Menu\Programs\Games\Dark Omen" rd /s /q "%userprofile%\Start Menu\Programs\Games\Dark Omen" >nul
if exist "%userprofile%\MenŁ Inicio\Programas\Juegos\Dark Omen" rd /s /q "%userprofile%\MenŁ Inicio\Programas\Juegos\Dark Omen" >nul
if exist "%userprofile%\MenŁ Inicio\Programas\Dark Omen" rd /s /q "%userprofile%\MenŁ Inicio\Programas\Dark Omen" >nul
shortcuts_esn.exe
if exist enu.jim del /q enu.jim >nul
goto inicio
 
:user_install
if exist "%commonprogramfiles(x86)%" (
rem Sistema de 64 bits
regedit /s DOregX64.reg
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen" /f /t REG_SZ /v InstallDir /d "%cd%" >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v MOVIES /d "%cd%"\movies >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v 1PBATTLE /d "%cd%"\gamedata\1pbat >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v 2PBATTLE /d "%cd%"\gamedata\1pbat >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v MAPS /d "%cd%"\graphics\maps >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v PICTURES /d "%cd%"\graphics\pictures >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v PORTRAIT /d "%cd%"\graphics\portrait >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v MUSIC /d "%cd%"\sound\music >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v BOOKS /d "%cd%"\graphics\books >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SPEECH /d "%cd%"\sound\sp_eng >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v 1PARMY /d "%cd%"\gamedata\1parm >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v 2PARMY /d "%cd%"\gamedata\2parm >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v FURNITURE /d "%cd%"\gamedata\furnture >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v GAMEFLOW /d "%cd%"\gamedata\gameflow >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v PARTICLES /d "%cd%"\gamedata\particle >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v BANNERS /d "%cd%"\graphics\banners >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v CURSORS /d "%cd%"\graphics\cursors >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v FONTS /d "%cd%"\graphics\fonts >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SPRITES /d "%cd%"\graphics\sprites >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v PROGRAM /d "%cd%"\prg_eng >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SOUND /d "%cd%"\sound\h >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SSCRIPT /d "%cd%"\sound\script >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SFX /d "%cd%"\sound\sound >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SAVE /d "%cd%"\savegame >nul
REG ADD "HKLM\SOFTWARE\Wow6432Node\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v ARMYTMP /d "%windir%"\temp >nul
) else (
rem Sistema de 32 bits
regedit /s DOregX32.reg
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen" /f /t REG_SZ /v InstallDir /d "%cd%" >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v MOVIES /d "%cd%"\movies >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v 1PBATTLE /d "%cd%"\gamedata\1pbat >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v 2PBATTLE /d "%cd%"\gamedata\1pbat >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v MAPS /d "%cd%"\graphics\maps >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v PICTURES /d "%cd%"\graphics\pictures >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v PORTRAIT /d "%cd%"\graphics\portrait >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v MUSIC /d "%cd%"\sound\music >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v BOOKS /d "%cd%"\graphics\books >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SPEECH /d "%cd%"\sound\sp_eng >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v 1PARMY /d "%cd%"\gamedata\1parm >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v 2PARMY /d "%cd%"\gamedata\2parm >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v FURNITURE /d "%cd%"\gamedata\furnture >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v GAMEFLOW /d "%cd%"\gamedata\gameflow >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v PARTICLES /d "%cd%"\gamedata\particle >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v BANNERS /d "%cd%"\graphics\banners >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v CURSORS /d "%cd%"\graphics\cursors >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v FONTS /d "%cd%"\graphics\fonts >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SPRITES /d "%cd%"\graphics\sprites >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v PROGRAM /d "%cd%"\prg_eng >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SOUND /d "%cd%"\sound\h >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SSCRIPT /d "%cd%"\sound\script >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SFX /d "%cd%"\sound\sound >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v SAVE /d "%cd%"\savegame >nul
REG ADD "HKLM\SOFTWARE\Electronic Arts\Dark Omen\1.0\paths" /f /t REG_SZ /v ARMYTMP /d "%windir%"\temp >nul
)
 
if exist esn.jim (
shortcuts_esn.exe
) else (
shortcuts_enu.exe
)
 
cls
echo.
echo.
echo ESPAĄOL:
ECHO.
echo Proceso terminado exitosamente. Utilice los accesos
echo directos creados en "Inicio\Programas\Dark Omen".
echo.
echo Recuerde presionar Alt+Tab para volver al escritorio
echo y, nuevamente, Alt+Tab para volver al Dark Omen, si
echo el juego parpadea o no se muestra adecuadamente.
echo.
echo.
echo ---------------------------------------------------
echo.
echo.
echo ENGLISH:
ECHO.
echo Installation successfully completed! Run the game
echo from the shortcuts at "Start\Programs\Dark Omen".
echo.
echo Remember to press Alt+Tab to go back to the Desktop
echo and, again, Alt+Tab to go back to Dark Omen, if the
echo game flickers or is not correctly shown.
echo.
echo.
echo by JIMBO
echo.
echo.
pause
goto inicio

FIXLOG:
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 17-08-2016
Ran by metalowa_glowa (23-08-2016 22:24:51) Run:1
Running from C:\Users\metalowa_glowa\Downloads
Loaded Profiles: metalowa_glowa (Available Profiles: metalowa_glowa & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
Task: {1D8F00F2-83A4-4447-A584-6FE57C9D0D1C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {24D0E25A-FDEC-427A-A95D-6F8A6B332640} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2A06755B-5246-4556-9B08-D5EFE7EBC7EC} - \avast! Emergency Update -> No File <==== ATTENTION
Task: {33FCFF72-8F16-4414-BB07-D9482C615111} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3A9F3E84-B970-4084-A869-B5D562D3FFDE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {42B51337-0C61-45C9-8A08-C894AC9B3295} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {44F29258-32F6-4111-A888-F5A00F688FF1} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {4C584371-4C86-4B22-A5D4-F662D320A6EC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D04120-7CFE-40FF-A463-0FBA3C2BA842} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {69E5810D-4136-4E95-84C9-5F9F18E40509} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8F6D6D85-CC53-4573-8380-33918C0B1A19} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A3FC3478-10B9-425B-BAD5-5DE6C25FC073} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CFFCD985-3EB1-4B30-8504-90FD3F4F28B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D0ABE2A0-B8DA-4356-B9B8-4DF97A4886C0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {DEB09810-1DDD-44AE-950E-967F59FDC216} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} =>  No File
ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} =>  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF Plugin HKU\S-1-5-21-1362770674-4107001041-3769634335-1000: ubisoft.com/uplaypc -> D:\Gry\trials evol\datapack\orbit\npuplaypc.dll [No File]
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => No File
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\...\Run: [metalowa_glowa] => explorer.exe hxxp://sd-steam.info <===== ATTENTION
Task: {550D9F58-0AB5-45D5-8425-FD08F17D58FB} - System32\Tasks\metalowa_glowa => /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v metalowa_glowa /t REG_SZ /d "explorer.exe hxxp://sd-steam.info" <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9 [180]
AlternateDataStreams: C:\ProgramData\TEMP:F0D7EE30 [340]
CMD: notepad "D:\Gry\max payne\MaxBatch.bat"
CMD: notepad "C:\Program Files (x86)\Dark Omen\options.bat"
Folder: C:\gry
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D8F00F2-83A4-4447-A584-6FE57C9D0D1C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D8F00F2-83A4-4447-A584-6FE57C9D0D1C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24D0E25A-FDEC-427A-A95D-6F8A6B332640}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24D0E25A-FDEC-427A-A95D-6F8A6B332640}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A06755B-5246-4556-9B08-D5EFE7EBC7EC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A06755B-5246-4556-9B08-D5EFE7EBC7EC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Emergency Update" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{33FCFF72-8F16-4414-BB07-D9482C615111}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33FCFF72-8F16-4414-BB07-D9482C615111}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A9F3E84-B970-4084-A869-B5D562D3FFDE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A9F3E84-B970-4084-A869-B5D562D3FFDE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42B51337-0C61-45C9-8A08-C894AC9B3295}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42B51337-0C61-45C9-8A08-C894AC9B3295}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44F29258-32F6-4111-A888-F5A00F688FF1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44F29258-32F6-4111-A888-F5A00F688FF1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C584371-4C86-4B22-A5D4-F662D320A6EC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C584371-4C86-4B22-A5D4-F662D320A6EC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69D04120-7CFE-40FF-A463-0FBA3C2BA842}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69D04120-7CFE-40FF-A463-0FBA3C2BA842}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69E5810D-4136-4E95-84C9-5F9F18E40509}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69E5810D-4136-4E95-84C9-5F9F18E40509}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F6D6D85-CC53-4573-8380-33918C0B1A19}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F6D6D85-CC53-4573-8380-33918C0B1A19}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3FC3478-10B9-425B-BAD5-5DE6C25FC073}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3FC3478-10B9-425B-BAD5-5DE6C25FC073}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFFCD985-3EB1-4B30-8504-90FD3F4F28B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFFCD985-3EB1-4B30-8504-90FD3F4F28B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0ABE2A0-B8DA-4356-B9B8-4DF97A4886C0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0ABE2A0-B8DA-4356-B9B8-4DF97A4886C0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEB09810-1DDD-44AE-950E-967F59FDC216}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEB09810-1DDD-44AE-950E-967F59FDC216}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay1" => key removed successfully
HKCR\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay2" => key removed successfully
HKCR\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay3" => key removed successfully
HKCR\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534} => key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GGDriveOverlay4" => key removed successfully
HKCR\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found. 
"HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\Software\MozillaPlugins\ubisoft.com/uplaypc" => key removed successfully
D:\Gry\trials evol\datapack\orbit\npuplaypc.dll => not found.
C:\Users\metalowa_glowa\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => not found.
HKU\S-1-5-21-1362770674-4107001041-3769634335-1000\Software\Microsoft\Windows\CurrentVersion\Run\\metalowa_glowa => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{550D9F58-0AB5-45D5-8425-FD08F17D58FB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{550D9F58-0AB5-45D5-8425-FD08F17D58FB}" => key removed successfully
C:\WINDOWS\System32\Tasks\metalowa_glowa => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\metalowa_glowa" => key removed successfully
C:\ProgramData\TEMP => ":D5FBE8F9" ADS removed successfully.
C:\ProgramData\TEMP => ":F0D7EE30" ADS removed successfully.
 
========= notepad "D:\Gry\max payne\MaxBatch.bat" =========
 
 
========= End of CMD: =========
 
 
========= notepad "C:\Program Files (x86)\Dark Omen\options.bat" =========
 
 
========= End of CMD: =========
 
 
========================= Folder: C:\gry ========================
 
2016-07-15 21:19 - 2016-07-15 21:26 - 986876534 _____ () C:\gry\Def Jam - Fight for NY (USA).7z
2016-08-14 17:28 - 2016-08-14 17:36 - 178062547 _____ () C:\gry\Dexters_Laboratory_-_Science_Aint_Fair-THEiSOZONE.7z
2016-08-14 18:27 - 2016-08-14 18:50 - 576755101 _____ () C:\gry\Disneys_Hercules_Action_Game-THEiSOZONE.7z
2016-08-14 19:06 - 2016-08-14 19:31 - 624341225 _____ () C:\gry\Disneys_Tarzan_Action_Game-THEiSOZONE.7z
2016-07-23 10:06 - 2016-07-23 10:20 - 337290857 _____ () C:\gry\ESPNExtremeGames.7z
2016-08-13 16:49 - 2016-08-13 16:51 - 178352818 _____ () C:\gry\GOG The Marvellous Miss Take.tar.gz
2016-07-06 19:16 - 2016-07-06 19:16 - 3263549 _____ () C:\gry\lion-king.zip
2016-07-15 21:12 - 2016-07-15 22:04 - 1258433275 _____ () C:\gry\Mario Party Five.rar
2016-08-07 22:00 - 2016-08-07 22:03 - 3788441 _____ () C:\gry\SC1_PS3_Textures.zip
2016-08-14 20:48 - 2016-08-14 20:48 - 0594606 _____ () C:\gry\SecondSight.WidescreenFix.zip
2016-07-22 19:42 - 2016-07-22 19:43 - 172861247 _____ () C:\gry\tfd-103-rev4.exe
2016-07-06 23:57 - 2016-07-08 08:49 - 5740848 _____ (Gaijin Entertainment                                        ) C:\gry\wt_launcher_1.0.1.655.exe
2016-06-28 23:27 - 2016-06-28 23:49 - 0000000 ____D () C:\gry\LEGO Batman
2016-06-28 23:46 - 2014-12-17 12:32 - 0167936 _____ (RAD Game Tools, Inc.) C:\gry\LEGO Batman\binkw32.dll
2016-06-28 23:35 - 2014-12-17 12:42 - 0044188 _____ () C:\gry\LEGO Batman\EULA.rtf
2016-06-28 23:49 - 2016-06-28 23:49 - 0027653 _____ () C:\gry\LEGO Batman\EULA.txt
2016-06-28 23:45 - 2014-12-17 12:42 - 775574896 _____ () C:\gry\LEGO Batman\GAME.DAT
2016-06-28 23:27 - 2012-09-14 12:56 - 0096264 _____ (Microsoft Corporation) C:\gry\LEGO Batman\GameuxInstallHelper.dll
2016-06-28 23:27 - 2016-08-16 16:19 - 0069248 _____ () C:\gry\LEGO Batman\gog.ico
2016-06-28 23:47 - 2015-02-12 09:34 - 0272192 _____ () C:\gry\LEGO Batman\goggame-1423058542.dll
2016-06-28 23:46 - 2015-02-12 09:37 - 0008034 _____ () C:\gry\LEGO Batman\goggame-1423058542.hashdb
2016-06-28 23:43 - 2015-02-03 13:03 - 0123884 _____ () C:\gry\LEGO Batman\goggame-1423058542.ico
2016-06-28 23:46 - 2015-02-12 09:34 - 0000767 _____ () C:\gry\LEGO Batman\goggame-1423058542.info
2016-06-28 23:27 - 2016-06-28 23:49 - 0010687 _____ () C:\gry\LEGO Batman\goglog.ini
2016-06-28 23:29 - 2014-12-17 12:42 - 543078916 _____ () C:\gry\LEGO Batman\HERO1.DAT
2016-06-28 23:46 - 2014-12-17 12:41 - 528909760 _____ () C:\gry\LEGO Batman\HERO2.DAT
2016-06-28 23:37 - 2014-12-17 12:40 - 487337720 _____ () C:\gry\LEGO Batman\HERO3.DAT
2016-06-28 23:47 - 2016-06-28 23:47 - 0001596 _____ () C:\gry\LEGO Batman\Launch LEGO Batman.lnk
2016-06-28 23:46 - 2014-12-17 10:22 - 7557120 _____ (Warner Bros. Interactive Entertainment) C:\gry\LEGO Batman\LEGOBatman.exe
2016-06-28 23:46 - 2014-12-17 12:42 - 0105028 _____ () C:\gry\LEGO Batman\readme.rtf
2016-06-28 23:27 - 2012-09-14 12:56 - 0062895 _____ () C:\gry\LEGO Batman\Support.ico
2016-06-28 23:47 - 2016-06-28 23:47 - 0319003 _____ () C:\gry\LEGO Batman\unins000.dat
2016-06-28 23:47 - 2016-06-28 23:27 - 1246016 _____ () C:\gry\LEGO Batman\unins000.exe
2016-06-28 23:47 - 2016-06-28 23:47 - 0023077 _____ () C:\gry\LEGO Batman\unins000.msg
2016-06-28 23:32 - 2014-12-17 12:41 - 511500376 _____ () C:\gry\LEGO Batman\VILLAIN1.DAT
2016-06-28 23:27 - 2014-12-17 12:42 - 475933972 _____ () C:\gry\LEGO Batman\VILLAIN2.DAT
2016-06-28 23:41 - 2014-12-17 12:42 - 457220532 _____ () C:\gry\LEGO Batman\VILLAIN3.DAT
2016-06-28 23:41 - 2015-02-12 09:37 - 0388994 _____ () C:\gry\LEGO Batman\webcache.zip
2016-06-28 23:35 - 2014-12-17 15:47 - 0000000 ____D () C:\gry\LEGO Batman\Audio
2016-06-28 23:37 - 2014-12-17 12:31 - 0246089 _____ () C:\gry\LEGO Batman\Audio\AUDIO.CFG
2016-06-28 23:37 - 2014-12-17 12:31 - 0025309 _____ () C:\gry\LEGO Batman\Audio\MUSIC.CFG
2016-06-28 23:35 - 2014-12-17 15:47 - 0000000 ____D () C:\gry\LEGO Batman\Audio\_CUTSCENES
2016-06-28 23:35 - 2014-12-17 12:31 - 0242910 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ARCTIC_D_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0429953 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ARCTIC_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0590060 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ARCTIC_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0058839 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\BATBOAT.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0060475 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\BATMOBILE.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0068754 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\BATWING.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0667815 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\BOTANICGARDENS_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0416943 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\BOTANICGARDENS_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0703328 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\BOTANICGARDENS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0367404 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\BOTANICVILLAIN_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0357396 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\BOTANICVILLAIN_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0237805 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CATHEDRAL_A_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0145925 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CATHEDRAL_C_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0466000 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CATHEDRAL_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0470558 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CATHEDRAL_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0849286 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CATHEDRAL_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0910481 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CHAPTER1_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0462188 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CHAPTER1_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 1203185 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CHAPTER2_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0501915 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CHAPTER2_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0933645 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CHAPTER3_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0631943 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CHAPTER3_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0192691 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CHEMICALWORKS_C_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 1126055 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CHEMICALWORKS_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0280382 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\CHEMICALWORKS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0639870 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVIL_DOCKS_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 1013558 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVIL_DOCKS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0478419 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILARCTIC_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0526459 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILARCTIC_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0433768 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILCATHEDRAL_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0773867 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILCATHEDRAL_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0637590 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILHARBOUR_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0099278 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILHARBOUR_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0794025 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILHARBOUR_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0584367 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILICECREAM_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0411246 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILICECREAM_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0474515 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EvilSlums_Intro.ogg
2016-06-28 23:35 - 2014-12-17 12:31 - 0175490 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILSLUMS_MIDTROD.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0243193 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILSLUMS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0507652 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILSTREETS_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0585741 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\EVILSTREETS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0652090 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FACTORY_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0230894 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FACTORY_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0723659 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FACTORY_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0727934 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FAIRGROUND_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0255040 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FAIRGROUND_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0953514 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FAIRGROUND_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0691326 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FAIRGROUNDBAD_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0195802 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FairgroundBad_Midtro.ogg
2016-06-28 23:35 - 2014-12-17 12:31 - 0488236 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FairgroundBad_Outro.ogg
2016-06-28 23:35 - 2014-12-17 12:31 - 0083446 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FLIGHT_C_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0197004 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FLIGHT_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0701586 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FLIGHT_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0174094 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FORTBLOX_C_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0625104 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FORTBLOX_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0472089 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FORTBLOX_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0264854 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FORTBLOX_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 1230400 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FORTBLOXVILLAIN_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0292203 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\FORTBLOXVILLAIN_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0476323 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\GALLERY_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0397239 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\GALLERY_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0512649 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\GAMEOUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0132052 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\GOTHAMSTREETS_B_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0559267 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\GOTHAMSTREETS_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0719689 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\GOTHAMSTREETS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0605879 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\IDENT_WB_BATMAN.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0083070 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\JOKERCOPTER.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 1608022 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\MAIN_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0557154 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\NASTYSEWERS_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0442365 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\NASTYSEWERS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0082877 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\PENGUINSUB.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0098014 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ROOFBOTTOMS_A_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0426041 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ROOFBOTTOMS_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0694107 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ROOFBOTTOMS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0558121 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ROOFTOPFLIGHT_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0065401 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ROOFTOPFLIGHT_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0341506 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ROOFTOPFLIGHT_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0150765 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ROOFTOPS_C_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0617402 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ROOFTOPS_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0621210 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ROOFTOPS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0415261 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\SEWERS_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0277659 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\SEWERS_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0326062 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\SEWERS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0449755 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\SLUMS_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0260701 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\SLUMS_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0336142 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\SLUMS_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0123342 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\STREETSCHASE_D_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0775721 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\STREETSCHASE_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0661323 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\STREETSCHASE_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0803664 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\TheHarbour_Intro.ogg
2016-06-28 23:35 - 2014-12-17 12:31 - 0425811 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\THEHARBOUR_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0405491 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\THEHARBOUR_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0081414 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\TWOFACEVAN.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0567271 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\WAYNEVILLAIN_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0485842 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\WayneVillain_Outro.ogg
2016-06-28 23:35 - 2014-12-17 12:31 - 0574588 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ZOO_INTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0324965 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ZOO_MIDTRO.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 0386761 _____ () C:\gry\LEGO Batman\Audio\_CUTSCENES\ZOO_OUTRO.OGG
2016-06-28 23:35 - 2014-12-17 15:47 - 0000000 ____D () C:\gry\LEGO Batman\Audio\_MUSIC
2016-06-28 23:36 - 2014-12-17 12:31 - 4681824 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\ACT_LEVEL3.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 0005235 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\AMB_PLACEHOLDER.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 1220583 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\CREDITS.OGG
2016-06-28 23:35 - 2014-12-17 12:32 - 2095675 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_BOTANICGARDENS_A_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 2069002 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_BOTANICGARDENS_A_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:31 - 1717133 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_BOTANICGARDENS_A_QUI.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 2084185 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_BOTANICGARDENS_B_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 2035933 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_BOTANICGARDENS_B_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:31 - 1736554 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_BOTANICGARDENS_B_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 2089938 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_BOTANICGARDENS_C_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 2078105 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_BOTANICGARDENS_C_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 1741843 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_BOTANICGARDENS_C_QUI.OGG
2016-06-28 23:35 - 2014-12-17 12:32 - 1966778 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_FORTBLOX_A_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:31 - 1991718 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_FORTBLOX_A_AMB.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 1391629 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_FORTBLOX_A_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 1971168 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_FORTBLOX_B_ACT.OGG
2016-06-28 23:35 - 2014-12-17 12:32 - 1972789 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_FORTBLOX_B_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 1388260 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_FORTBLOX_B_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 3713740 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_GOTHAMSTREETS_A_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 3692112 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_GOTHAMSTREETS_A_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 1076996 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_GOTHAMSTREETS_A_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 3240061 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_STREETSCHASE_A_ACT.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 3245380 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_STREETSCHASE_A_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 2054743 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH1_STREETSCHASE_A_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 2850252 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ARCTIC_A_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1390350 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ARCTIC_A_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 1402397 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ARCTIC_A_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2852256 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ARCTIC_D_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 1373806 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ARCTIC_D_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 1406046 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ARCTIC_D_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2162364 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ROOFTOPS_A_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2165179 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ROOFTOPS_A_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 0795726 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ROOFTOPS_A_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:31 - 2162002 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ROOFTOPS_B_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 2160176 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ROOFTOPS_B_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 0796312 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ROOFTOPS_B_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 3066648 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_SEWERS_A_ACT.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 3106003 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_SEWERS_A_AMB.OGG
2016-06-28 23:35 - 2014-12-17 12:32 - 1666517 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_SEWERS_A_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 3066479 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_SEWERS_D_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2983160 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_SEWERS_D_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 2065374 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_SEWERS_D_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 3107830 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_THEHARBOUR_A_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 3095630 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_THEHARBOUR_A_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2081872 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ZOO_A_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2095931 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ZOO_A_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1725383 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ZOO_A_QUI.OGG
2016-06-28 23:35 - 2014-12-17 12:31 - 2079380 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ZOO_C_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 2115447 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ZOO_C_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 1729589 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ZOO_C_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 2088155 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ZOO_D_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2080398 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ZOO_D_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:31 - 1740382 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH2_ZOO_D_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 3164369 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CATHEDRAL_A_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1243784 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CATHEDRAL_A_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:31 - 1253173 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CATHEDRAL_A_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 3159316 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CATHEDRAL_B_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 1265878 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CATHEDRAL_B_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 1254394 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CATHEDRAL_B_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 2670060 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CHEMICALWORKS_A_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1343901 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CHEMICALWORKS_A_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1320361 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CHEMICALWORKS_A_QUI.OGG
2016-06-28 23:35 - 2014-12-17 12:33 - 2664934 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CHEMICALWORKS_B_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 1307534 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CHEMICALWORKS_B_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 1317630 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CHEMICALWORKS_B_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 2673041 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CHEMICALWORKS_C_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 1318962 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CHEMICALWORKS_C_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 1324358 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_CHEMICALWORKS_C_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 2080834 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_ROOFTOPFLIGHT_A_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 2115992 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_ROOFTOPFLIGHT_A_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 4292797 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_SLUMS_A_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 4290006 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_SLUMS_A_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2446125 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_SLUMS_A_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2343653 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_SLUMS_B_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2498860 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_SLUMS_B_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 0690407 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_SLUMS_B_DISCO.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 2443479 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_SLUMS_B_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2395855 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_SLUMS_C_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2403888 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_SLUMS_C_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 2451934 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\H_CH3_SLUMS_C_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 1084067 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\HUB_ARKHAM.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 1081953 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\HUB_ARKHAM_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:31 - 1826413 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\HUB_BATCAVE.OGG
2016-06-28 23:37 - 2014-12-17 12:31 - 1820944 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\HUB_BATCAVE_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 0584122 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\Level_Complete.ogg
2016-06-28 23:36 - 2014-12-17 12:33 - 2445984 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\QUI_LEVEL3.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2022456 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\Title_Seq.ogg
2016-06-28 23:37 - 2014-12-17 12:33 - 1743002 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\TITLES_FILM.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1782800 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_EVILICECREAM_A_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1800579 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_EVILICECREAM_A_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 0840307 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_EVILICECREAM_A_QUI.OGG
2016-06-28 23:35 - 2014-12-17 12:32 - 1781604 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_EVILICECREAM_B_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 1782297 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_EVILICECREAM_B_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 0837684 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_EVILICECREAM_B_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 3708716 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_EVILSTREETS_A_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 0945049 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_EVILSTREETS_A_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 1081749 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_EVILSTREETS_A_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2930680 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_WAYNEVILLAIN_A_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2921348 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_WAYNEVILLAIN_A_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1661159 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_WAYNEVILLAIN_A_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2925706 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_WAYNEVILLAIN_B_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2929922 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_WAYNEVILLAIN_B_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 1661502 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_WAYNEVILLAIN_B_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 0691517 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH1_WAYNEVILLAIN_E_DISCO.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2511727 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH2_EVIL_DOCKS_A_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2504913 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH2_EVIL_DOCKS_A_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2195449 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH2_EVIL_DOCKS_A_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 2864616 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH2_EVILARCTIC_B_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 1360124 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH2_EVILARCTIC_B_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 1402499 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH2_EVILARCTIC_B_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 1933770 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH2_ROOFBOTTOMS_B_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1890039 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH2_ROOFBOTTOMS_B_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 0791225 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH2_ROOFBOTTOMS_B_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 2396949 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_EVILSLUMS_D_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2408080 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_EVILSLUMS_D_AMB.OGG
2016-06-28 23:35 - 2014-12-17 12:32 - 2438899 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_EVILSLUMS_D_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1513883 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_FAIRGROUNDBAD_A_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 1514230 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_FAIRGROUNDBAD_A_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 1255275 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_FAIRGROUNDBAD_A_QUI.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 1510621 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_FAIRGROUNDBAD_B_ACT.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 1516601 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_FAIRGROUNDBAD_B_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 1260425 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_FAIRGROUNDBAD_B_QUI.OGG
2016-06-28 23:36 - 2014-12-17 12:32 - 2148401 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_FLIGHT_A_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:32 - 2179101 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_FLIGHT_A_AMB.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 2897128 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_GALLERY_A_ACT.OGG
2016-06-28 23:37 - 2014-12-17 12:33 - 1711117 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_GALLERY_A_AMB.OGG
2016-06-28 23:36 - 2014-12-17 12:33 - 1668723 _____ () C:\gry\LEGO Batman\Audio\_MUSIC\V_CH3_GALLERY_A_QUI.OGG
2016-06-28 23:43 - 2014-12-17 15:47 - 0000000 ____D () C:\gry\LEGO Batman\Movies
2016-06-28 23:43 - 2014-12-17 12:40 - 88409684 _____ () C:\gry\LEGO Batman\Movies\DEMOINTRO.BIK
2016-06-28 23:43 - 2014-12-17 12:40 - 88401972 _____ () C:\gry\LEGO Batman\Movies\DEMOINTRO_PAL.BIK
2016-06-28 23:44 - 2014-12-17 12:41 - 147921344 _____ () C:\gry\LEGO Batman\Movies\MAININTRO.BIK
2016-06-28 23:44 - 2014-12-17 12:41 - 26922344 _____ () C:\gry\LEGO Batman\Movies\tt.bik
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium
2016-06-27 23:44 - 2015-09-26 07:00 - 0142528 _____ (Valve Corporation) C:\gry\Penarium\doge.w0w
2016-06-27 23:43 - 2015-09-26 07:00 - 1777152 _____ (Firelight Technologies) C:\gry\Penarium\fmod.dll
2016-06-27 23:43 - 2015-09-26 07:00 - 2125312 _____ (Firelight Technologies) C:\gry\Penarium\fmodstudio.dll
2016-06-27 23:43 - 2015-09-26 07:00 - 0331776 _____ () C:\gry\Penarium\glew32.dll
2016-06-27 23:43 - 2015-09-26 07:00 - 0888832 _____ (Free Software Foundation) C:\gry\Penarium\iconv.dll
2016-06-27 23:43 - 2015-09-26 07:00 - 1185792 _____ (The cURL library, http://curl.haxx.se/) C:\gry\Penarium\libcurl.dll
2016-06-27 23:43 - 2015-09-26 07:00 - 0451072 _____ () C:\gry\Penarium\libtiff.dll
2016-06-27 23:43 - 2015-09-26 07:00 - 4468736 _____ () C:\gry\Penarium\Penarium.exe
2016-06-27 23:43 - 2015-09-26 07:00 - 1380868 _____ () C:\gry\Penarium\steam_api.dll
2016-06-27 23:43 - 2015-09-26 07:00 - 0002421 _____ () C:\gry\Penarium\steam_api.ini
2016-06-27 23:43 - 2016-06-27 23:43 - 0033439 _____ () C:\gry\Penarium\unins000.dat
2016-06-27 23:43 - 2016-06-27 23:43 - 1559753 _____ () C:\gry\Penarium\unins000.exe
2016-06-27 23:43 - 2015-09-26 07:00 - 0075776 _____ () C:\gry\Penarium\websockets.dll
2016-06-27 23:43 - 2015-09-26 07:00 - 0077824 _____ () C:\gry\Penarium\zlib1.dll
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 ____D () C:\gry\Penarium\_CommonRedist
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 ____D () C:\gry\Penarium\_CommonRedist\vcredist
2016-06-27 23:43 - 2015-09-26 18:38 - 0000000 ____D () C:\gry\Penarium\_CommonRedist\vcredist\2012
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources
2016-06-27 23:43 - 2015-09-26 07:00 - 0003839 _____ () C:\gry\Penarium\Resources\PNR_card_glow.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001051 _____ () C:\gry\Penarium\Resources\PNR_lightshade.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0040347 _____ () C:\gry\Penarium\Resources\PNR_menu_arena_1.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0067676 _____ () C:\gry\Penarium\Resources\PNR_menu_arena_2.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0045270 _____ () C:\gry\Penarium\Resources\PNR_menu_arena_3.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0044555 _____ () C:\gry\Penarium\Resources\PNR_menu_arena_entrance.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0035508 _____ () C:\gry\Penarium\Resources\PNR_menu_arena_shop.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0004670 _____ () C:\gry\Penarium\Resources\PNR_menu_board_arcade_shuffle.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0051783 _____ () C:\gry\Penarium\Resources\PNR_menu_sampler.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000925 _____ () C:\gry\Penarium\Resources\PNR_one_px.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0003109 _____ () C:\gry\Penarium\Resources\PNR_shredder_blade.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001095 _____ () C:\gry\Penarium\Resources\PNR_spotlight_lightray.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0059211 _____ () C:\gry\Penarium\Resources\PNR_title_screen.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0029558 _____ () C:\gry\Penarium\Resources\PNR_titlescreen.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0059081 _____ () C:\gry\Penarium\Resources\PNR_trial_background.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0011228 _____ () C:\gry\Penarium\Resources\PNR_waterfiller_death_glow.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0112640 _____ () C:\gry\Penarium\Resources\Thumbs.db
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources\balancing
2016-06-27 23:43 - 2015-09-26 07:00 - 0005103 _____ () C:\gry\Penarium\Resources\balancing\PNR_cards.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0019142 _____ () C:\gry\Penarium\Resources\balancing\PNR_carts.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0010220 _____ () C:\gry\Penarium\Resources\balancing\PNR_challenges.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000992 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_balloons_12.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000876 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_balloons_16.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001242 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_balloons_17.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000876 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_balloons_18.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001083 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_balloons_42.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000095 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_15.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000093 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_23.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_24.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_25.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_26.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_27.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_29.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_30.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_33.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_35.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_36.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000095 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_39.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000055 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_48.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000095 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_54.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000095 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_57.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000095 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_58.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_59.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_barrels_60.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000382 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_bombs_21.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000257 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_cauldrons_13.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000331 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_cauldrons_19.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000333 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_cauldrons_44.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000333 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_cauldrons_53.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000205 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_followup_14.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000204 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_followup_20.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000203 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_followup_28.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000203 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_followup_34.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000204 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_followup_52.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000400 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_spotlight_11.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000409 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_spotlight_50.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000409 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_spotlight_51.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000406 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_challenge_spotlight_56.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000261 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_coin_6.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000242 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_coin_7.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000236 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_coin_8.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000117 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_coop_buttons_2.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000116 _____ () C:\gry\Penarium\Resources\balancing\PNR_config_versus_buttons_3.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0013535 _____ () C:\gry\Penarium\Resources\balancing\PNR_connections.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0018677 _____ () C:\gry\Penarium\Resources\balancing\PNR_exclusions.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0002567 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_1.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001331 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_24.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0003041 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_26.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0002566 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_27.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0002563 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_28.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0002567 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_29.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0002571 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_30.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0002567 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_31.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001329 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_32.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001327 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_34.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001331 _____ () C:\gry\Penarium\Resources\balancing\PNR_level_8.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001419 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_1.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000472 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_101.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000980 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_102.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0004436 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_104.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000449 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_105.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001018 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_106.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000212 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_25.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000231 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_29.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0009250 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_58.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0012385 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_59.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000436 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_60.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000514 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_61.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000590 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_62.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001160 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_65.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000346 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_66.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000162 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_67.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0013727 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_68.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0017742 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_69.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000229 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_70.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0015326 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_71.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0011790 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_72.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000086 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_73.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000403 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_74.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000815 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_75.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000796 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_76.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000768 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_77.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000792 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_78.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0002009 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_80.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000983 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_81.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000640 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_82.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001170 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_83.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000734 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_84.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0002562 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_85.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000667 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_86.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000705 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_88.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000721 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_89.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000873 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_90.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000530 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_91.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000407 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_92.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000653 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_93.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0001042 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_94.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000518 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_95.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000610 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_96.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000539 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_98.dat
2016-06-27 23:43 - 2015-09-26 07:00 - 0000781 _____ () C:\gry\Penarium\Resources\balancing\PNR_progression_99.dat
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\cutscenes
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.events
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.fonts
2016-06-27 23:43 - 2015-09-26 07:00 - 0004249 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.fragments
2016-06-27 23:43 - 2015-09-26 07:00 - 0000007 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.instances
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.labels
2016-06-27 23:43 - 2015-09-26 07:00 - 0000023 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.linkages
2016-06-27 23:43 - 2015-09-26 07:00 - 4367120 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.lwf
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.particles
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.progs
2016-06-27 23:44 - 2015-09-26 07:00 - 0000592 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.stats
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.texts
2016-06-27 23:44 - 2015-09-26 07:00 - 0001231 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.textures
2016-06-27 23:44 - 2015-09-26 07:00 - 0000026 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7.txt
2016-06-27 23:43 - 2015-09-26 07:00 - 0026010 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_0.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0002459 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_1.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000251 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_10.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000882 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_11.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000175 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_12.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000116 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_13.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000110 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_14.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000111 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_15.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000094 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_16.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000159 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_17.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000618 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_18.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000275 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_19.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000917 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_2.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000600 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_20.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000448 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_21.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000475 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_22.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001908 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_23.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000420 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_24.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000363 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_25.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000310 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_26.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000339 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_27.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000356 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_28.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000390 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_29.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000438 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_3.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000473 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_30.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000446 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_31.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000417 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_32.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000423 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_33.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000309 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_34.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000378 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_35.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000419 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_36.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000449 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_37.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000568 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_38.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000451 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_39.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000249 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_4.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000432 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_40.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000428 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_41.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0052965 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_42.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001387 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_43.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0062866 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_44.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000642 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_45.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000596 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_46.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000486 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_47.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000424 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_48.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000642 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_49.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000194 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_5.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000200 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_50.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001898 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_51.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0002068 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_52.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001850 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_53.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001381 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_54.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0002169 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_55.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001283 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_56.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000866 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_57.png
2016-06-27 23:43 - 2015-09-26 07:00 - 1211240 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_58.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000528 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_59.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000235 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_6.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001013 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_60.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001202 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_61.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001208 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_62.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000256 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_63.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0033985 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_64.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000484 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_65.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000162 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_66.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000235 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_67.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001276 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_68.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000977 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_69.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000299 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_7.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0063159 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_70.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001219 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_71.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0031523 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_72.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000167 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_8.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000245 _____ () C:\gry\Penarium\Resources\cutscenes\act 1 v7_9.png
2016-06-27 23:44 - 2015-09-26 07:00 - 0000383 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_subtitles_act_four.srt
2016-06-27 23:44 - 2015-09-26 07:00 - 0000723 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_subtitles_act_one.srt
2016-06-27 23:44 - 2015-09-26 07:00 - 0000436 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_subtitles_act_three.srt
2016-06-27 23:44 - 2015-09-26 07:00 - 0000325 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_subtitles_act_two.srt
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.events
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.fonts
2016-06-27 23:43 - 2015-09-26 07:00 - 0001628 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.fragments
2016-06-27 23:43 - 2015-09-26 07:00 - 0000007 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.instances
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.labels
2016-06-27 23:43 - 2015-09-26 07:00 - 0000021 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.linkages
2016-06-27 23:43 - 2015-09-26 07:00 - 0205980 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.lwf
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.particles
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.progs
2016-06-27 23:44 - 2015-09-26 07:00 - 0000576 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.stats
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.texts
2016-06-27 23:44 - 2015-09-26 07:00 - 0000036 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.textures
2016-06-27 23:44 - 2015-09-26 07:00 - 0000026 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four.txt
2016-06-27 23:43 - 2015-09-26 07:00 - 0004194 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four_texture.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0290928 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_four.lwfdata\PNR_cutscenes_act_four_texture.png
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.events
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.fonts
2016-06-27 23:43 - 2015-09-26 07:00 - 0013821 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.fragments
2016-06-27 23:43 - 2015-09-26 07:00 - 0000007 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.instances
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.labels
2016-06-27 23:43 - 2015-09-26 07:00 - 0000021 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.linkages
2016-06-27 23:43 - 2015-09-26 07:00 - 1553348 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.lwf
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.particles
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.progs
2016-06-27 23:44 - 2015-09-26 07:00 - 0000592 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.stats
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.texts
2016-06-27 23:44 - 2015-09-26 07:00 - 0000035 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.textures
2016-06-27 23:44 - 2015-09-26 07:00 - 0000026 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one.txt
2016-06-27 23:43 - 2015-09-26 07:00 - 0032494 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one_texture.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0400219 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_one.lwfdata\PNR_cutscenes_act_one_texture.png
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.events
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.fonts
2016-06-27 23:43 - 2015-09-26 07:00 - 0002919 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.fragments
2016-06-27 23:43 - 2015-09-26 07:00 - 0000007 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.instances
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.labels
2016-06-27 23:43 - 2015-09-26 07:00 - 0000021 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.linkages
2016-06-27 23:43 - 2015-09-26 07:00 - 0105752 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.lwf
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.particles
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.progs
2016-06-27 23:44 - 2015-09-26 07:00 - 0000576 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.stats
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.texts
2016-06-27 23:44 - 2015-09-26 07:00 - 0000037 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.textures
2016-06-27 23:44 - 2015-09-26 07:00 - 0000026 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three.txt
2016-06-27 23:43 - 2015-09-26 07:00 - 0007088 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three_texture.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0070134 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_three.lwfdata\PNR_cutscenes_act_three_texture.png
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.events
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.fonts
2016-06-27 23:43 - 2015-09-26 07:00 - 0004293 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.fragments
2016-06-27 23:43 - 2015-09-26 07:00 - 0000007 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.instances
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.labels
2016-06-27 23:43 - 2015-09-26 07:00 - 0000021 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.linkages
2016-06-27 23:43 - 2015-09-26 07:00 - 0768416 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.lwf
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.particles
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.progs
2016-06-27 23:44 - 2015-09-26 07:00 - 0000581 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.stats
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.texts
2016-06-27 23:44 - 2015-09-26 07:00 - 0000035 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.textures
2016-06-27 23:44 - 2015-09-26 07:00 - 0000026 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two.txt
2016-06-27 23:43 - 2015-09-26 07:00 - 0010557 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two_texture.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0092549 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_cutscenes_act_two.lwfdata\PNR_cutscenes_act_two_texture.png
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.events
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.fonts
2016-06-27 23:43 - 2015-09-26 07:00 - 0031050 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.fragments
2016-06-27 23:43 - 2015-09-26 07:00 - 0000007 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.instances
2016-06-27 23:43 - 2015-09-26 07:00 - 0000007 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.labels
2016-06-27 23:43 - 2015-09-26 07:00 - 0000023 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.linkages
2016-06-27 23:43 - 2015-09-26 07:00 - 0439260 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.lwf
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.particles
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.progs
2016-06-27 23:44 - 2015-09-26 07:00 - 0000586 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.stats
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.texts
2016-06-27 23:44 - 2015-09-26 07:00 - 0000027 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.textures
2016-06-27 23:44 - 2015-09-26 07:00 - 0000026 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main.txt
2016-06-27 23:43 - 2015-09-26 07:00 - 0082969 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main_texture.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0329269 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_menu_main.lwfdata\PNR_menu_main_texture.png
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.events
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.fonts
2016-06-27 23:43 - 2015-09-26 07:00 - 0001175 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.fragments
2016-06-27 23:43 - 2015-09-26 07:00 - 0000007 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.instances
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.labels
2016-06-27 23:43 - 2015-09-26 07:00 - 0000023 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.linkages
2016-06-27 23:43 - 2015-09-26 07:00 - 0013044 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.lwf
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.particles
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.progs
2016-06-27 23:44 - 2015-09-26 07:00 - 0000571 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.stats
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.texts
2016-06-27 23:44 - 2015-09-26 07:00 - 0000030 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.textures
2016-06-27 23:44 - 2015-09-26 07:00 - 0000026 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen.txt
2016-06-27 23:43 - 2015-09-26 07:00 - 0002958 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen_texture.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0165058 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_splashscreen.lwfdata\PNR_splashscreen_texture.png
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources\cutscenes\PNR_titlescreen.lwfdata
2016-06-27 23:43 - 2015-09-26 07:00 - 0128120 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_titlescreen.lwfdata\PNR_titlescreen.lwf
2016-06-27 23:43 - 2015-09-26 07:00 - 0001977 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_titlescreen.lwfdata\PNR_titlescreen_texture.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0095245 _____ () C:\gry\Penarium\Resources\cutscenes\PNR_titlescreen.lwfdata\PNR_titlescreen_texture.png
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources\fonts
2016-06-27 23:43 - 2015-09-26 07:00 - 0024211 _____ () C:\gry\Penarium\Resources\fonts\PNR_eccentric_big.fnt
2016-06-27 23:43 - 2015-09-26 07:00 - 0008505 _____ () C:\gry\Penarium\Resources\fonts\PNR_eccentric_big.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0021530 _____ () C:\gry\Penarium\Resources\fonts\PNR_eccentric_medium.fnt
2016-06-27 23:43 - 2015-09-26 07:00 - 0005667 _____ () C:\gry\Penarium\Resources\fonts\PNR_eccentric_medium.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0021716 _____ () C:\gry\Penarium\Resources\fonts\PNR_eccentric_small.fnt
2016-06-27 23:43 - 2015-09-26 07:00 - 0005385 _____ () C:\gry\Penarium\Resources\fonts\PNR_eccentric_small.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0026599 _____ () C:\gry\Penarium\Resources\fonts\PNR_teun.fnt
2016-06-27 23:43 - 2015-09-26 07:00 - 0005434 _____ () C:\gry\Penarium\Resources\fonts\PNR_teun.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0026544 _____ () C:\gry\Penarium\Resources\fonts\PNR_thomas.fnt
2016-06-27 23:43 - 2015-09-26 07:00 - 0003877 _____ () C:\gry\Penarium\Resources\fonts\PNR_thomas.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0026543 _____ () C:\gry\Penarium\Resources\fonts\PNR_thomas_small.fnt
2016-06-27 23:43 - 2015-09-26 07:00 - 0040448 _____ () C:\gry\Penarium\Resources\fonts\Thumbs.db
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources\languages
2016-06-27 23:43 - 2015-09-26 07:00 - 0039882 _____ () C:\gry\Penarium\Resources\languages\language_de.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0036570 _____ () C:\gry\Penarium\Resources\languages\language_en.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0039474 _____ () C:\gry\Penarium\Resources\languages\language_es.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0039986 _____ () C:\gry\Penarium\Resources\languages\language_fr.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0053569 _____ () C:\gry\Penarium\Resources\languages\language_ru.json
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources\logo
2016-06-27 23:43 - 2015-09-26 07:00 - 0009055 _____ () C:\gry\Penarium\Resources\logo\PNR_smmLogo.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0013023 _____ () C:\gry\Penarium\Resources\logo\PNR_smmLogo-hd.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0021504 _____ () C:\gry\Penarium\Resources\logo\Thumbs.db
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources\media
2016-06-27 23:43 - 2015-09-26 07:00 - 36397696 _____ () C:\gry\Penarium\Resources\media\Audience.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 1555968 _____ () C:\gry\Penarium\Resources\media\Cards.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 4218624 _____ () C:\gry\Penarium\Resources\media\Character.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 6122880 _____ () C:\gry\Penarium\Resources\media\Cutscenes.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 3105280 _____ () C:\gry\Penarium\Resources\media\interface.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 0012432 _____ () C:\gry\Penarium\Resources\media\Master Bank.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 0007626 _____ () C:\gry\Penarium\Resources\media\Master Bank.strings.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 2633216 _____ () C:\gry\Penarium\Resources\media\Menu.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 0531744 _____ () C:\gry\Penarium\Resources\media\MiniGames.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 10159456 _____ () C:\gry\Penarium\Resources\media\Music.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 0611744 _____ () C:\gry\Penarium\Resources\media\Other.bank
2016-06-27 23:43 - 2015-09-26 07:00 - 5934112 _____ () C:\gry\Penarium\Resources\media\Traps.bank
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources\misc
2016-06-27 23:43 - 2015-09-26 07:00 - 0003396 _____ () C:\gry\Penarium\Resources\misc\credits.json
2016-06-27 23:43 - 2015-09-26 07:00 - 0000925 _____ () C:\gry\Penarium\Resources\misc\PNR_whitePixel.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0003072 _____ () C:\gry\Penarium\Resources\misc\Thumbs.db
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources\particles
2016-06-27 23:43 - 2015-09-26 07:00 - 0007176 _____ () C:\gry\Penarium\Resources\particles\PNR_stickysmoke_particle.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0000956 _____ () C:\gry\Penarium\Resources\particles\PNR_waterfiller_bubbels.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0006715 _____ () C:\gry\Penarium\Resources\particles\PNR_waterfiller_bubbles.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0006767 _____ () C:\gry\Penarium\Resources\particles\PNR_willy_blood_spatter.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0001170 _____ () C:\gry\Penarium\Resources\particles\PNR_willy_blood_spatter.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0002963 _____ () C:\gry\Penarium\Resources\particles\RocketSmoke.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0003072 _____ () C:\gry\Penarium\Resources\particles\Thumbs.db
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\shaders
2016-06-27 23:43 - 2015-09-26 07:00 - 0001714 _____ () C:\gry\Penarium\Resources\shaders\Mask.fsh
2016-06-27 23:44 - 2015-09-26 07:00 - 0000385 _____ () C:\gry\Penarium\Resources\shaders\Mask.vsh
2016-06-27 23:43 - 2015-09-26 07:00 - 0000551 _____ () C:\gry\Penarium\Resources\shaders\Threshold.fsh
2016-06-27 23:44 - 2015-09-26 07:00 - 0000488 _____ () C:\gry\Penarium\Resources\shaders\Threshold.vsh
2016-06-27 23:43 - 2015-09-26 07:00 - 0000760 _____ () C:\gry\Penarium\Resources\shaders\WaterShaderHighDetail.fsh
2016-06-27 23:44 - 2015-09-26 07:00 - 0000370 _____ () C:\gry\Penarium\Resources\shaders\WaterShaderHighDetail.vsh
2016-06-27 23:43 - 2015-09-26 07:00 - 0000180 _____ () C:\gry\Penarium\Resources\shaders\WaterShaderLowDetail.fsh
2016-06-27 23:44 - 2015-09-26 07:00 - 0000370 _____ () C:\gry\Penarium\Resources\shaders\WaterShaderLowDetail.vsh
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources\splash
2016-06-27 23:43 - 2015-09-26 07:00 - 0003213 _____ () C:\gry\Penarium\Resources\splash\PNR_splash_smm_logo.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0000000 ____D () C:\gry\Penarium\Resources\spritesheets
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\spritesheets\backgrounds
2016-06-27 23:43 - 2015-09-26 07:00 - 0065597 _____ () C:\gry\Penarium\Resources\spritesheets\backgrounds\PNR_background_arena_1.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0246441 _____ () C:\gry\Penarium\Resources\spritesheets\backgrounds\PNR_background_arena_1.png
2016-06-27 23:43 - 2015-09-26 07:00 - 4788612 _____ () C:\gry\Penarium\Resources\spritesheets\backgrounds\PNR_background_arena_1.pvr
2016-06-27 23:43 - 2015-09-26 07:00 - 0056788 _____ () C:\gry\Penarium\Resources\spritesheets\backgrounds\PNR_background_arena_2.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0280415 _____ () C:\gry\Penarium\Resources\spritesheets\backgrounds\PNR_background_arena_2.png
2016-06-27 23:44 - 2015-09-26 07:00 - 6788556 _____ () C:\gry\Penarium\Resources\spritesheets\backgrounds\PNR_background_arena_2.pvr
2016-06-27 23:43 - 2015-09-26 07:00 - 0108289 _____ () C:\gry\Penarium\Resources\spritesheets\backgrounds\PNR_background_arena_3.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0391888 _____ () C:\gry\Penarium\Resources\spritesheets\backgrounds\PNR_background_arena_3.png
2016-06-27 23:44 - 2015-09-26 07:00 - 6725684 _____ () C:\gry\Penarium\Resources\spritesheets\backgrounds\PNR_background_arena_3.pvr
2016-06-27 23:43 - 2016-06-27 23:43 - 0000000 ____D () C:\gry\Penarium\Resources\spritesheets\director
2016-06-27 23:43 - 2015-09-26 07:00 - 0038136 _____ () C:\gry\Penarium\Resources\spritesheets\director\PNR_gonzo.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0005849 _____ () C:\gry\Penarium\Resources\spritesheets\director\PNR_gonzo.png
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\spritesheets\ingame
2016-06-27 23:43 - 2015-09-26 07:00 - 0679933 _____ () C:\gry\Penarium\Resources\spritesheets\ingame\ElementsPlatformsPlayersCoins.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0466679 _____ () C:\gry\Penarium\Resources\spritesheets\ingame\ElementsPlatformsPlayersCoins.png
2016-06-27 23:44 - 2015-09-26 07:00 - 4194356 _____ () C:\gry\Penarium\Resources\spritesheets\ingame\ElementsPlatformsPlayersCoins.pvr
2016-06-27 23:43 - 2015-09-26 07:00 - 0009218 _____ () C:\gry\Penarium\Resources\spritesheets\ingame\PNR_fireworks.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0043298 _____ () C:\gry\Penarium\Resources\spritesheets\ingame\PNR_fireworks.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0768212 _____ () C:\gry\Penarium\Resources\spritesheets\ingame\PNR_ingame.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0335442 _____ () C:\gry\Penarium\Resources\spritesheets\ingame\PNR_ingame.png
2016-06-27 23:44 - 2015-09-26 07:00 - 8388660 _____ () C:\gry\Penarium\Resources\spritesheets\ingame\PNR_ingame.pvr
2016-06-27 23:43 - 2016-06-27 23:44 - 0000000 ____D () C:\gry\Penarium\Resources\spritesheets\menu
2016-06-27 23:43 - 2015-09-26 07:00 - 0134889 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0461045 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0117492 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu_arena_select.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0661943 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu_arena_select.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0001366 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu_board_pool_mask.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0032534 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu_card_shuffle.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0128685 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu_card_shuffle.png
2016-06-27 23:44 - 2015-09-26 07:00 - 0849204 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu_card_shuffle.pvr
2016-06-27 23:43 - 2015-09-26 07:00 - 0002336 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu_mainMenu.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0062136 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu_mainMenu.png
2016-06-27 23:43 - 2015-09-26 07:00 - 0004844 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu_titlescreen.plist
2016-06-27 23:43 - 2015-09-26 07:00 - 0059401 _____ () C:\gry\Penarium\Resources\spritesheets\menu\PNR_menu_titlescreen.png
 
====== End of Folder: ======
 
 
 
The system needed a reboot.
 
==== End of Fixlog 22:50:34 ====
 
 
SEARCHREG:
 
Farbar Recovery Scan Tool (x64) Version: 17-08-2016
Ran by metalowa_glowa (23-08-2016 23:07:30)
Running from C:\Users\metalowa_glowa\Downloads
Boot Mode: Normal
 
================== Search Registry: "sd-steam.info" ===========
 
 
====== End of Search ======


#9 polskamachina

polskamachina

  • Malware Response Team
  • 4,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 AM

Posted 23 August 2016 - 09:18 PM

Hi MetalowaGlowa :)

One more thing i have to confess. I know I shouldn't do it, but while waiting for your response I used CCleaner and stopped/deleted zodiac-steam.info process in the startup (it was something like HKCU:Run and in the description was the name of the virus).

Yes, it just makes things easier for everyone if you can fight the temptation to tinker with your computer while the malware removal staff figures out the best way to help you. If you're making additional changes, it can interfere with our well thought-out plans. :)
 
Your last comment was:

Right now, after the fixlog and your steps, computer seems to run correctly.

Does that mean your quick cmd window issue has been resolved?
 
Please do the following:
 
ESET Online Scanner:

Note: You will need to disable your currently installed Anti-Virus, how to do so can be read here.

  • Please go here, download the ESET Smart Installer, and save it to your desktop.
  • Double-click on the esetimage.png you just downloaded.
  • Place a checkmark next to "YES, I accept the Terms of Use" and click the shieldstart.png button.
  • Click "Yes" to the UAC (User Account Control) warning, then ESET will download its components, register itself, and start itself.
  • In the new window that opens, tick the radio button next to Enable detection of potentially unwanted applications.
  • Then click "Advanced settings", and make sure there is a checkmark next to only the following items (uncheck everything else):
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Now click on: start.png
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. ...The scan may appear to be finished sometimes...if there is a progress bar visible, it is still scanning!
  • When the scan completes, click List Found Threats (only if anything is found).
  • Then click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click back.png, then click finish.png to exit ESET Online Scanner.

Don't forget to re-enable your antivirus when finished!
 
In summary I will need from you:

  • Eset log of found threats (if anything was found)
  • How is your computer running now?

Let me know if you have any questions.
 
polskamachina



#10 MetalowaGlowa

MetalowaGlowa
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:12:09 PM

Posted 24 August 2016 - 03:52 PM

Houston we have a problem! One could say.

Followed abovementioned steps. Ran ESET 2 times.

 

1st time - 12 threats on drive C, ran about 4 h and when I came back home - it looked like it was running although all the information (scanned localisation, amount of files scaned and other things except amount of threats) was covered with black strip. Something like when you switch multiple windows and something goes wrong with refresh rate. After some time it just switched of (progress bar about in half) and information about error was displayed (not specific one, just that there were some difficulties). 

Also Windows Defender engaged in action trying to remove some threat. Report shows: Trojan:Win32/Dynamer!ac in quarantine, method of detection: standard.

 

2nd time - tried to watch from time to time what is going on. No threats on drive C. Drive D had 3 threats after 3,5 h of scanning when it suddenly went dark like before (black strips on informations).

 

Not sure if I should start another scan tomorrow?



#11 polskamachina

polskamachina

  • Malware Response Team
  • 4,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 AM

Posted 25 August 2016 - 04:15 PM

Hi MetalowaGlowa :)
 
Sorry you had a problem with the ESET scan. Let's try a different scanning software.
 
===================================================

Emsisoft Emergency Kit Scan

--------------------

  • Download Emsisoft Emergency Kit and save it to your desktop.
  • Double-click icon then click Install
  • A Window should open highlighting Start Emergency Kit Scanner
  • Double click that icon and allow the program to load
  • Click Yes to run an online update
  • Once the update is completed select Settings under Scan
  • Uncheck Join the Emsisoft Anti-Malware Network
  • Click Scan at the top
  • Click Yes to detect Potentially Unwanted Programs
  • Click Malware Scan
  • Once completed click View Report
  • Save the file to your Desktop using the default file name
  • Click Quarantine selected (all should be selected by default)
  • Copy and paste the report in your next reply to me

it looked like it was running although all the information (scanned localisation, amount of files scaned and other things except amount of threats) was covered with black strip.

Do you ever get those black strips when running any other programs?
 
In summary I will need from you:

  • Emsisoft log
  • Whether or not you've seen the black strips when running other programs
  • How is your computer performing now?

Let me know if you have any questions.
 
polskamachina



#12 MetalowaGlowa

MetalowaGlowa
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:12:09 PM

Posted 26 August 2016 - 10:58 AM

Not sure why it displayed in polish although I selected english as the preferred language.
3 infections (2 were displayed - both quarantined)
 
The black strips appeared for the first time. Sometimes when running multiple tabs in browsers and running a game, switching to desktop (alt+tab) gives some "label like" problems but it is a matter of refresh delay I guess. The ones concerning ESET displayed for the first time.
 
 
Emsisoft Emergency Kit -Wersja 11.9
Ostatnia aktualizacja: 2016-08-26 17:06:35
Nazwa użytkownika: MetalowaGlowa\metalowa_glowa
Computer name: METALOWAGLOWA
OS version: Windows 10x64 
 
Ustawienia skanera:
 
Typ skanu: Malware skan
Obiekty: Rootkity, Pamięć, Ślady, Pliki
 
Wykrywanie PNP: Włączone
Skanowanie plików skompresowanych: Wyłączone
Skanowanie ADS: Włączone
Filtr rozszerzeń plików: Wyłączone
Zaawansowana pamięć podręczna: Włączone
Bezpośredni dostęp do dysku: Wyłączone
 
Skanowanie uruchomiono: 2016-08-26 17:08:42
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Wykryto: Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Wykryto: Setting.DisableRegistryTools (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\FREE YOUTUBE DOWNLOADER Wykryto: Application.InstallAd (A)
 
Przeskanowano: 94371
Wykryto: 3
 
Koniec skanu: 2016-08-26 17:18:39
Skan trwał: 0:09:57


#13 polskamachina

polskamachina

  • Malware Response Team
  • 4,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 AM

Posted 26 August 2016 - 04:18 PM

Hi MetalowaGlowa :)
 
The fact that your display is acting up when multiple programs are running may indicate you have hardware issues. I'm wondering if your system is showing signs of overheating. You may also try substituting a different monitor in your system to see if you get the same results. Above all, please give me as many details as you can as to how your computer is performing now.
 
Please do the following:
 

How To Publish a Snapshot using Speccy


Guide Overview

The purpose of this guide is to teach you how to post your computer's specifications to the forum with minimal effort on your part. This is often helpful when troubleshooting problems, and the person helping you needs to see the details of your computer's hardware.

Tools Needed

  • Speccy - First, you will need a program called Speccy. From Piriform's website: "Speccy is an advanced system information tool for your PC." This is a very useful utility that every PC user should have in their arsenal.

Instructions

  • Go to Piriform's website, and click the big download.png button.

    Next, click Download from Piriform (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version.

    You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.
  • After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy. You may want to set the options under View to Imperial if you prefer degrees Fahrenheit to Celsius. For me, it will save me one step of conversion. In any case, I would like you pay particular attention the temperatures displayed when your first boot up your computer and then after it's been on a while and the frame rate starts to slow down.
  • Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
    JmYsp.png

    Now, in the menu bar at the top left, click File > Publish Snapshot

    Click Yes > then Copy to Clipboard

    Now, once you are back in the forum topic you are posting in, click the Reply button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

In summary I will need from you:

  • Your link to your Speecy Snapshot.
  • Does your system cooling fan seem unusually loud?
  • How is your computer performing now?

Let me know if you have any questions.
 
polskamachina



#14 MetalowaGlowa

MetalowaGlowa
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:12:09 PM

Posted 27 August 2016 - 10:23 AM

http://speccy.piriform.com/results/GjI82Vlwbsn6nFf1hSQsbA7

 

Normal balanced power setting: After booting up; CPU - 141 F; GPU- 126 F and Storage 97 F. After letting it run for some time (about 5 minutes of doing nothing) values differ maybe 1-2 F. 

 

When I switch to saving energy setting - CPU - 128F; GPU 123F and Storage 103 F. 

 

I've been using TechPowerUp GPU-Z and CPUID HWMonitor for some time to monitor the temperatures. Especially after I've dismantled the laptop, cleaned it and put on new, better thermal paste - both CPU and GPU. That was some 2,5 years ago since than I had no problems with cooling and temperatures.

Also checked forums and XPS l702x users agree that heat distribution isn't the best side of this machine. It's rather loud and heats pretty quickly. When running heavy usually goes around 80-90 C and stays this way.

The cooling fan is noisy but that is something that was present from the beginning, reviews confirm that it is normal.

 

What I've noticed is that running in power saving mode keeps it quiet but the back side is that can't have too many processes running at the same time. And it seems a little slower at the time.

 

Also depending on the version of drivers (Intel and Nvidia) sometimes they don't cooperate. For example when i use global settings in Nvidia Control Panel to use Intel Graphics and only selected games I manually configure to use Geforce 555m - it looks like it keeps running on nvidia (loud fan - that means it needs cooling) and then even switching to power saving mode doesn't change this. But that is quite dependent on the drivers version.

 

Right now, in general computer seems to run correctly.



#15 polskamachina

polskamachina

  • Malware Response Team
  • 4,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 AM

Posted 28 August 2016 - 10:15 AM

Hi MetalowaGlowa :)
 
Thanks for your detailed hardware report and additional comments. There are just a couple of more things that need attention.
 
Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

Please follow these steps to update Java and remove any existing older versions:

  • Click here to evaluate your current version of Java
  • Click Verify Java Version
  • Click Run
  • Click the Agree and Start Free Download
  • Save jxpiinstall.exe to your desktop
  • Double click the icon then click Run
  • Click Install
  • Uncheck any Ask Toolbar offers
  • Click Next
  • You should be notified You have successfully installed Java
  • If Java notifies you older versions of the program need to be removed allow the program to complete that
  • Reboot your computer once all Java components are removed.

Next:
 
Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:

  • Download the latest version of Adobe Reader and save it to your desktop.
  • Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offered
  • Click the download button at the bottom.
  • If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.
  • Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat.
    If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your Computer
  • Then from your desktop double-click on Adobe Reader to install the newest version.
    If the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the "Adobe Setup - Welcome" window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.

Your Adobe Reader is now up to date!
 
In summary I will need from you:

  • Verification that your Java and Adobe updates were successful
  • How is your computer performing now?

Let me know if you have any questions.
 
polskamachina






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users