Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Very good Desktop, 2 min boot, lagging while 50% DDR and Processor Usage, hijack


  • This topic is locked This topic is locked
17 replies to this topic

#1 gmiliq

gmiliq

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 20 September 2016 - 06:25 AM

Hello,

 

My Computer is a mess for last 3-4 days, it's extremelly slow, it's lagging and I have:

 

http://prntscr.com/ck6feu

 

so it's quite good computer. I would love is someone can help me about malwares, here is my hijackthis log

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 13:17:45, on 20/09/2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
CHROME: 53.0.2785.116
FIREFOX: 45.0.1 (x86 pl)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe
C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe
C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\RescueTime\RescueTime.exe
C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Poker\Poker Rooms\Intertops Poker\INTERTOPSNotifier.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-unity-helper.exe
C:\Program Files (x86)\VMware\VMware Workstation\vprintproxy.exe
C:\Program Files (x86)\VMware\VMware Workstation\vprintproxy.exe
C:\Program Files (x86)\VMware\VMware Workstation\vprintproxy.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pawel\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Sound Blaster Recon3Di SBX Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" /r
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pawel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_00E8CA7B03C5025475575AAD96F18677] "C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [f.lux] "C:\Users\Pawel\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Todoist] "C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe" --startup
O4 - HKCU\..\Run: [CPN Notifier] C:\Poker\Poker Rooms\Intertops Poker\PokerNotifier.exe
O4 - HKCU\..\Run: [EDO-Soft Sticky Notes] C:\Program Files (x86)\Evernote Sticky Notes\StickyNotes.Wpf.exe
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: Killer Network Manager.lnk = C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
O4 - Global Startup: RescueTime.lnk = C:\Program Files (x86)\RescueTime\RescueTime.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Poker\Poker Rooms\PokerStars.EU\PokerStarsUpdate.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: Betvictorpoker - {2860D3C3-5658-4DCF-8245-89C91A307FB6} - C:\Microgaming\Poker\BetVictorPokerMPP\MPPoker.exe (file missing) (HKCU)
O9 - Extra button: Betsson Poker by Microgaming - {58D4FA3C-0020-46E8-B448-FE71FFE6C438} - C:\Microgaming\Poker\BetssonMPP\MPPoker.exe (file missing) (HKCU)
O9 - Extra button: Red Star Poker - {B54DE635-3773-4658-9425-6203369F43FD} - C:\Microgaming\Poker\redstarpoker\MPPoker.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Usluga Kaspersky Anti-Virus 16.0.1 (AVP16.0.1) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_core.dll,-101 (chromoting) - Unknown owner - C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @oem47.inf,%Creative.CTHdaSvcDesc%;SB Recon3D Service (CtHdaSvc) - Creative Technology Ltd - C:\Windows\sysWow64\CtHdaSvc.exe
O23 - Service: CTService - Felix Logic - C:\Program Files (x86)\Cold Turkey\\CTService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ExpressVpn Service (ExpressVpnService) - Unknown owner - C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® Wireless Bluetooth® 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Killer Service V2 - Rivet Networks - C:\Program Files\Killer Networking\Network Manager\KillerService.exe
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: postgresql-x64-9.3 - PostgreSQL Server 9.3 (postgresql-x64-9.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWOW64\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
 
--
End of file - 18361 bytes
 


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:09 AM

Posted 20 September 2016 - 01:46 PM

Greetings gmiliq and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your Desktop. <<< Important
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 gmiliq

gmiliq
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 21 September 2016 - 01:26 AM

 
 
Hello OH My!
Thank you very much for help!!!
 
I subscribed Topic
 
 

FRST:
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 20-09-2016
Uruchomiony przez Pawel (administrator)  ILIDEKDESKTOP (21-09-2016 08:19:26)
Uruchomiony z C:\Users\Pawel\Downloads
Załadowane profile: Pawel (Dostępne profile: Pawel)
Platform: Windows 8.1 (Update) (X64) Język: Polish (Poland)
Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
 
==================== Procesy (filtrowane) =================
 
(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Felix Logic) C:\Program Files (x86)\Cold Turkey\CTService.exe
(Windows ® Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Syncplicity LLC) C:\Program Files\Syncplicity\Syncplicity.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Flux Software LLC) C:\Users\Pawel\AppData\Local\FluxSoftware\Flux\flux.exe
(Doist Ltd.) C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe
(Doist Ltd.) C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe
(Doist Ltd.) C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(RescueTime, Inc.) C:\Program Files (x86)\RescueTime\RescueTime.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Rejestr (filtrowane) ===========================
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7830328 2013-05-21] (Motorola Solutions, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-29] (Logitech Inc.)
HKLM\...\Run: [Syncplicity] => C:\Program Files\Syncplicity\Syncplicity.exe [128512 2016-04-26] (Syncplicity LLC)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-05-24] (Razer Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3Di SBX Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [1129984 2014-03-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25382344 2016-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [121416 2016-05-05] (VMware, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Run: [Google Update] => C:\Users\Pawel\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-03-27] (Google Inc.)
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Run: [GoogleChromeAutoLaunch_00E8CA7B03C5025475575AAD96F18677] => C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe [967496 2016-09-14] (Google Inc.)
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Run: [f.lux] => C:\Users\Pawel\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Run: [Todoist] => C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe [171080 2015-09-29] (Doist Ltd.)
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Run: [CPN Notifier] => C:\Poker\Poker Rooms\Intertops Poker\PokerNotifier.exe
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Run: [EDO-Soft Sticky Notes] => C:\Program Files (x86)\Evernote Sticky Notes\StickyNotes.Wpf.exe
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [  Syncplicity Icon Overlay (Folder)] -> {02FCECC2-84DC-4FAA-A718-C41FFCA5B8D1} => C:\Program Files\Syncplicity\SyncplicityShellExt.dll [2016-04-26] (Syncplicity LLC.)
ShellIconOverlayIdentifiers: [  Syncplicity Icon Overlay (Fully Synced)] -> {CA4FCCBF-F4B7-4DD1-861E-1F42AAD396D1} => C:\Program Files\Syncplicity\SyncplicityShellExt.dll [2016-04-26] (Syncplicity LLC.)
ShellIconOverlayIdentifiers: [  Syncplicity Icon Overlay (Not Latest Version)] -> {284C090F-EB1D-4A6E-872E-6DB72E417E24} => C:\Program Files\Syncplicity\SyncplicityShellExt.dll [2016-04-26] (Syncplicity LLC.)
ShellIconOverlayIdentifiers: [  Syncplicity Icon Overlay (Shared Folder)] -> {3DFC86AD-F2CC-4AdA-98DD-AC5DC84119CC} => C:\Program Files\Syncplicity\SyncplicityShellExt.dll [2016-04-26] (Syncplicity LLC.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-03-28]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk [2016-05-13]
ShortcutTarget: RescueTime.lnk -> C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.)
Startup: C:\Users\Pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-03-28]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (filtrowane) ====================
 
(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{41FF246E-4B7A-4477-9243-3FFE431D8296}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{7DC2D6B0-B48E-4007-A269-5C661167F7BB}: [DhcpNameServer] 78.138.97.85 78.109.24.96
Tcpip\..\Interfaces\{C6532AB6-78FB-49C0-9D47-58F1FC7173FE}: [DhcpNameServer] 192.168.0.1 192.168.0.2
 
Internet Explorer:
==================
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-11] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-08-11] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-11] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
 
FireFox:
========
FF ProfilePath: C:\Users\Pawel\AppData\Roaming\Mozilla\Firefox\Profiles\bo27264i.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-52599317-89711426-283389858-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Pawel\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-52599317-89711426-283389858-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Pawel\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-10] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF9B7A4C7-4BA4-46C4-B6D4-77F7E9A9F731&SSPV=
CHR Session Restore: Default -> [funkcja włączona]
CHR Profile: C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default [2016-09-21]
CHR Extension: (Google Slides) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-27]
CHR Extension: (RPG Dice Roller) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\agojmlolbbkibamlplilfmopagendgij [2016-09-18]
CHR Extension: (Google Docs) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-27]
CHR Extension: (Google Drive) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-27]
CHR Extension: (RescueTime for Chrome™ & ChromeOS™) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdakmnplckeopfghnlpocafcepegjeap [2016-03-27]
CHR Extension: (YouTube) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-27]
CHR Extension: (FVD Suggestions) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\caoielngcdpgeldnckhponffkiajaobo [2016-08-11]
CHR Extension: (Adblock Plus) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
CHR Extension: (Todoist for Gmail) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\clgenfnodoocmhnlnpknojdbjjnmecff [2016-09-01]
CHR Extension: (Video Downloader professional) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-07-18]
CHR Extension: (Google Sheets) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-27]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-08-25]
CHR Extension: (Google Docs Offline) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-28]
CHR Extension: (AdBlock) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-21]
CHR Extension: (The Email Game Button for Gmail™) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gphpmmbijedbdbdnmfffbncfagjapakc [2016-04-06]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2016-03-27]
CHR Extension: (Speed Dial 2) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-05-30]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2016-06-03]
CHR Extension: (StayFocusd) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2016-03-27]
CHR Extension: (Kaspersky Protection) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2016-07-18]
CHR Extension: (Boomerang for Gmail) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2016-05-17]
CHR Extension: (Tiësto) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh [2016-03-27]
CHR Extension: (Save to Pocket) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Evernote Web Clipper) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2016-08-23]
CHR Extension: (Gmail) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-17]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
 
==================== Usługi (filtrowane) ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe [76616 2016-06-20] (Google Inc.)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [Brak podpisu cyfrowego]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [113160 2015-07-02] (Creative Technology Ltd)
R2 CTService; C:\Program Files (x86)\Cold Turkey\\CTService.exe [329728 2016-03-19] (Felix Logic) [Brak podpisu cyfrowego]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-29] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-29] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42792 2016-09-20] (Windows ® Win 7 DDK provider)
R2 ExpressVpnService; C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe [331264 2016-03-09] () [Brak podpisu cyfrowego]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-02-12] (Rivet Networks)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-29] (Logitech Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [92672 2016-02-09] (PostgreSQL Global Development Group) [Brak podpisu cyfrowego]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-11-21] (Microsoft Corporation)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12736584 2016-05-05] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
 
===================== Sterowniki (filtrowane) ==========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [148040 2016-02-12] (Rivet Networks, LLC.)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1067304 2015-07-02] (Creative Technology Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118216 2013-09-10] (Intel Corporation)
R3 KillerEth; C:\Windows\system32\DRIVERS\e2xw8x64.sys [162456 2016-02-12] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [237400 2016-08-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-09-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-05-05] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3776792 2015-06-21] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [44760 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [51400 2016-05-27] (SteelSeries ApS)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
 
==================== NetSvcs (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
 
==================== Jeden miesiąc - utworzone pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2016-09-21 08:19 - 2016-09-21 08:19 - 00036207 _____ C:\Users\Pawel\Downloads\FRST.txt
2016-09-21 08:19 - 2016-09-21 08:19 - 00000000 ____D C:\FRST
2016-09-21 08:18 - 2016-09-21 08:18 - 02402816 _____ (Farbar) C:\Users\Pawel\Downloads\FRST64.exe
2016-09-21 08:02 - 2016-09-21 08:04 - 00001828 _____ C:\Users\Public\Desktop\Betvictorpoker.lnk
2016-09-21 08:02 - 2016-09-21 08:02 - 00665912 _____ () C:\Users\Pawel\Downloads\BetVictorPoker.exe
2016-09-21 07:44 - 2016-09-21 07:46 - 00001785 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Betsson Poker by Microgaming.lnk
2016-09-21 07:44 - 2016-09-21 07:46 - 00001779 _____ C:\Users\Public\Desktop\Betsson Poker by Microgaming.lnk
2016-09-21 07:44 - 2016-09-21 07:44 - 00678072 _____ () C:\Users\Pawel\Downloads\mgpoker.betssonpoker (1).exe
2016-09-21 07:44 - 2016-09-21 07:44 - 00000000 ____D C:\ProgramData\MGS
2016-09-21 07:20 - 2016-09-21 07:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-09-20 18:36 - 2016-09-20 18:36 - 297184668 ____N C:\Users\Pawel\Desktop\2016-09-20_18-36-43 - Work On Game 15min.mp4
2016-09-20 13:17 - 2016-09-20 13:17 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pawel\Downloads\HijackThis.exe
2016-09-20 13:15 - 2016-09-20 13:15 - 00582416 _____ (Plumbytes Software) C:\Users\Pawel\Downloads\antimalwaresetup (2).exe
2016-09-20 13:14 - 2016-09-20 13:14 - 00582416 _____ (Plumbytes Software) C:\Users\Pawel\Downloads\antimalwaresetup (1).exe
2016-09-20 13:08 - 2016-09-20 13:14 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-09-20 13:08 - 2016-09-20 13:12 - 00000000 ____D C:\Users\Pawel\AppData\Local\{698D0BA5-6E4B-44BD-9F9A-AA32F2E98D9A}
2016-09-20 13:04 - 2016-09-20 13:04 - 00000469 _____ C:\Windows\wininit.ini
2016-09-20 12:42 - 2016-09-20 12:42 - 00582416 _____ (Plumbytes Software) C:\Users\Pawel\Downloads\antimalwaresetup.exe
2016-09-20 12:36 - 2016-09-20 12:36 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-20 12:36 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-09-20 12:35 - 2016-09-20 12:35 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-09-20 12:34 - 2016-09-20 13:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-20 12:34 - 2016-09-20 12:37 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-09-20 12:34 - 2016-09-20 12:34 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Pawel\Downloads\spybot-2.4.exe
2016-09-20 12:34 - 2016-09-20 12:34 - 00001355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-09-20 12:34 - 2016-09-20 12:34 - 00001343 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-09-20 12:34 - 2016-09-20 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-09-20 12:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-09-20 11:07 - 2016-09-20 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2016-09-20 11:06 - 2016-09-20 11:07 - 00000000 ____D C:\Program Files (x86)\HD Tune
2016-09-20 11:06 - 2016-09-20 11:06 - 00642632 _____ (EFD Software ) C:\Users\Pawel\Downloads\hdtune_255.exe
2016-09-20 11:05 - 2016-09-20 11:05 - 00981832 _____ ( ) C:\Users\Pawel\Downloads\HD-Tune-12177-dp.exe
2016-09-20 09:08 - 2016-09-20 09:09 - 317136097 ____N C:\Users\Pawel\Desktop\2016-09-20_09-08-26 - Rovar Sweet.mp4
2016-09-20 08:29 - 2016-09-20 08:29 - 98188048 ____N C:\Users\Pawel\Desktop\2016-09-20_08-29-36 - Rovar.mp4
2016-09-20 08:29 - 2016-09-20 08:29 - 00000000 _____ C:\Users\Pawel\Desktop\sum.txt
2016-09-20 07:55 - 2016-09-21 07:50 - 00000000 ____D C:\Users\Pawel\Desktop\New folder (4)
2016-09-20 07:38 - 2016-09-20 07:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-20 03:15 - 2016-09-20 03:15 - 00042792 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\DbxSvc.exe
2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-stable.sys
2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-dev.sys
2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-canary.sys
2016-09-19 17:17 - 2016-09-19 17:17 - 08215958 _____ C:\Users\Pawel\Downloads\PokerPlaner_160814-794.zip
2016-09-19 14:10 - 2016-09-19 14:10 - 00380520 _____ C:\Users\Pawel\Downloads\Potwierdzenie_3303.pdf
2016-09-19 10:37 - 2016-09-20 16:35 - 00007105 _____ C:\Users\Pawel\Desktop\Lama COaching Questions.txt
2016-09-16 14:41 - 2016-09-19 16:24 - 00000000 ____D C:\Users\Pawel\AppData\Roaming\BSplayer
2016-09-16 14:41 - 2016-09-16 14:41 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2016-09-16 14:41 - 2016-09-16 14:41 - 00000000 ____D C:\Users\Pawel\AppData\Roaming\BSplayer Pro
2016-09-16 14:41 - 2016-09-16 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2016-09-16 14:41 - 2016-09-16 14:41 - 00000000 ____D C:\Program Files (x86)\Webteh
2016-09-16 08:45 - 2016-09-17 16:36 - 00000000 ____D C:\Users\Pawel\Downloads\New folder (2)
2016-09-15 17:02 - 2016-09-15 17:02 - 10550048 _____ C:\Users\Pawel\Downloads\bsplayer270.setup.exe
2016-09-15 17:02 - 2016-09-15 17:02 - 10550048 _____ C:\Users\Pawel\Downloads\bsplayer270.setup (2).exe
2016-09-15 17:02 - 2016-09-15 17:02 - 10550048 _____ C:\Users\Pawel\Downloads\bsplayer270.setup (1).exe
2016-09-14 07:54 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-09-14 07:54 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-14 07:54 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-09-14 07:54 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-14 07:54 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-09-14 07:54 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-09-14 07:54 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-14 07:54 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-14 07:54 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-14 07:54 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-14 07:54 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-14 07:53 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-14 07:53 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-14 07:53 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-14 07:53 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-14 07:53 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-14 07:53 - 2016-09-01 03:39 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-09-14 07:53 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-14 07:53 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-14 07:53 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-14 07:53 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-14 07:53 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-14 07:53 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-14 07:53 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-14 07:53 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-14 07:53 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-14 07:53 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-14 07:53 - 2016-09-01 01:38 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-09-14 07:53 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-14 07:53 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-14 07:53 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-14 07:53 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-14 07:53 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-14 07:53 - 2016-08-26 07:51 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-14 07:53 - 2016-08-26 06:44 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-14 07:53 - 2016-08-26 06:41 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-09-14 07:53 - 2016-08-26 06:00 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-09-14 07:53 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-14 07:53 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-14 07:53 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-14 07:53 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-14 07:53 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-14 07:53 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-14 07:53 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-14 07:53 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-14 07:53 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-14 07:53 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-14 07:53 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-14 07:53 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-14 07:53 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-14 07:53 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-14 07:53 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-14 07:53 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-09-14 07:53 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-14 07:53 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-09-14 07:53 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-14 07:53 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-09-14 07:53 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-09-14 07:53 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-09-13 09:46 - 2016-09-13 09:46 - 00351677 _____ C:\Users\Pawel\Downloads\POLW00936416PA901106.pdf
2016-09-10 07:02 - 2016-09-10 07:02 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\ActionInvoker.lnk
2016-09-09 09:57 - 2016-09-09 09:57 - 00001206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PIO SOLVER WORK.lnk
2016-09-08 16:02 - 2016-09-08 16:02 - 01429344 _____ (Microsoft Corporation) C:\Users\Pawel\Downloads\NDP462-KB3151802-Web (1).exe
2016-09-08 15:44 - 2016-09-08 15:45 - 41623168 _____ (Skype Technologies S.A.) C:\Users\Pawel\Downloads\SkypeSetupFull.exe
2016-09-08 15:43 - 2016-09-08 15:43 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-09-08 15:43 - 2016-09-08 15:43 - 00987848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-09-08 15:43 - 2016-09-08 15:43 - 00690016 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-09-08 15:43 - 2016-09-08 15:43 - 00484552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-09-08 15:43 - 2016-09-08 15:43 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-09-08 15:43 - 2016-09-08 15:43 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-09-08 15:43 - 2016-09-08 15:43 - 00018600 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-09-08 15:43 - 2016-09-08 15:43 - 00018592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-09-08 15:42 - 2016-09-08 15:42 - 01429344 _____ (Microsoft Corporation) C:\Users\Pawel\Downloads\NDP462-KB3151802-Web.exe
2016-09-06 05:53 - 2016-09-06 05:53 - 00000000 _____ C:\Users\Pawel\Desktop\pairing river 3b pot oop bluff low draws.txt
2016-09-05 08:09 - 2016-09-17 18:46 - 1526106889 _____ C:\Windows\MEMORY.DMP
2016-09-05 08:09 - 2016-09-17 18:46 - 00000000 ____D C:\Windows\Minidump
2016-09-05 08:01 - 2016-09-05 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2016-09-01 15:41 - 2016-09-01 15:41 - 00161755 _____ C:\Users\Pawel\Downloads\Statement_072016_54314938.pdf
2016-09-01 15:40 - 2016-09-01 15:40 - 00173879 _____ C:\Users\Pawel\Downloads\Statement_062016_54314938.pdf
2016-09-01 15:39 - 2016-09-01 15:39 - 00159453 _____ C:\Users\Pawel\Downloads\Statement_052016_54314938.pdf
2016-09-01 15:38 - 2016-09-01 15:38 - 00160557 _____ C:\Users\Pawel\Downloads\Statement_042016_54314938.pdf
2016-09-01 15:37 - 2016-09-01 15:37 - 00178794 _____ C:\Users\Pawel\Downloads\Statement_022016_54314938 (1).pdf
2016-09-01 15:37 - 2016-09-01 15:37 - 00178131 _____ C:\Users\Pawel\Downloads\Statement_032016_54314938.pdf
2016-09-01 15:32 - 2016-09-01 15:32 - 00182332 _____ C:\Users\Pawel\Downloads\Statement_092015_54314938.pdf
2016-09-01 15:32 - 2016-09-01 15:32 - 00178298 _____ C:\Users\Pawel\Downloads\Statement_102015_54314938.pdf
2016-09-01 15:32 - 2016-09-01 15:32 - 00173408 _____ C:\Users\Pawel\Downloads\Statement_082015_54314938.pdf
2016-09-01 09:33 - 2016-09-01 09:33 - 00055495 _____ C:\Users\Pawel\Downloads\historia_transakcji_20160901_093323.pdf
2016-09-01 06:35 - 2016-08-25 22:50 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-09-01 06:33 - 2016-08-26 01:28 - 40070200 _____ C:\Windows\system32\nvcompiler.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 35182648 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 34801088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 28207672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 14093368 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-09-01 06:33 - 2016-08-26 01:28 - 10865704 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 10737632 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 10278080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 09086856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 08875408 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 08680696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 03594808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 03160512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 01920960 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437270.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437270.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 01019960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00956352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00941504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00893712 _____ C:\Windows\system32\nvmcumd.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00892864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00686896 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00575984 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00520912 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00493608 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00437696 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00436088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00408784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00181488 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00159352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00124352 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2016-09-01 06:33 - 2016-08-26 01:28 - 00047672 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2016-08-30 14:32 - 2016-08-30 14:32 - 00178794 _____ C:\Users\Pawel\Downloads\Statement_022016_54314938.pdf
2016-08-30 14:31 - 2016-08-30 14:31 - 00157703 _____ C:\Users\Pawel\Downloads\Statement_012015_54314938.pdf
2016-08-30 14:31 - 2016-08-30 14:31 - 00148368 _____ C:\Users\Pawel\Downloads\Statement_032015_54314938.pdf
2016-08-30 14:31 - 2016-08-30 14:31 - 00146314 _____ C:\Users\Pawel\Downloads\Statement_042015_54314938.pdf
2016-08-30 14:31 - 2016-08-30 14:31 - 00146246 _____ C:\Users\Pawel\Downloads\Statement_022015_54314938.pdf
2016-08-30 14:26 - 2016-08-30 14:26 - 00006063 _____ C:\Users\Pawel\Downloads\1472559971222.csv
2016-08-30 07:58 - 2016-08-30 07:58 - 00001790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\9-12 Push Push, Nash.lnk
2016-08-30 07:58 - 2016-08-30 07:58 - 00001790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\9-12 CALL CALL, NASH.lnk
2016-08-29 13:55 - 2016-08-29 14:02 - 00000000 ____D C:\Program Files\FlopInspector
2016-08-29 13:54 - 2016-08-29 13:54 - 46319576 _____ (Tiller Applications ) C:\Users\Pawel\Downloads\FlopInspectorSetup-64-bit-bundle.exe
2016-08-25 12:47 - 2016-08-25 12:47 - 00000000 ____D C:\Users\Pawel\Downloads\PioCloud_Samples
2016-08-25 10:09 - 2016-08-25 10:09 - 12427264 _____ C:\Users\Pawel\Downloads\chromeremotedesktophost.msi
2016-08-25 10:09 - 2016-08-25 10:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-25 10:02 - 2016-08-25 10:02 - 00000000 ____D C:\Users\Pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-08-25 05:39 - 2016-08-25 05:39 - 00091648 _____ C:\Users\Pawel\Downloads\PioUpdater161 (1).exe
2016-08-23 16:30 - 2016-08-23 16:30 - 24592606 _____ C:\Users\Pawel\Downloads\Windows8.1-KB2901549-x64.msu
2016-08-23 16:16 - 2016-08-23 16:35 - 00000000 ____D C:\Users\Pawel\AppData\Local\FSDART
2016-08-23 16:16 - 2016-08-23 16:17 - 00000000 ____D C:\ProgramData\F-Secure
2016-08-23 16:16 - 2016-08-23 16:16 - 02870984 _____ (ESET) C:\Users\Pawel\Downloads\esetsmartinstaller_plk.exe
2016-08-23 16:16 - 2016-08-23 16:16 - 00524248 _____ (F-Secure Corporation) C:\Users\Pawel\Downloads\F-SecureOnlineScanner.exe
2016-08-23 16:16 - 2016-08-23 16:16 - 00000000 ____D C:\Users\Pawel\AppData\Local\F-Secure
2016-08-23 15:52 - 2016-07-09 18:10 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2016-08-23 15:52 - 2016-07-09 00:35 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-08-23 15:52 - 2016-07-08 16:17 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2016-08-23 15:52 - 2016-07-08 16:17 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2016-08-23 15:52 - 2016-07-08 00:32 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2016-08-23 15:52 - 2016-07-08 00:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2016-08-23 15:52 - 2016-07-08 00:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2016-08-23 15:52 - 2016-07-08 00:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2016-08-23 15:52 - 2016-07-07 23:04 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2016-08-23 15:52 - 2016-07-07 22:59 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-08-23 15:52 - 2016-07-07 22:44 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-08-23 15:52 - 2016-07-07 22:41 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2016-08-23 15:52 - 2016-07-07 22:34 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-08-23 15:52 - 2016-07-07 22:29 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-08-23 15:52 - 2016-07-07 22:29 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-08-23 15:52 - 2016-07-07 22:23 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2016-08-23 15:52 - 2016-07-07 22:18 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2016-08-23 15:52 - 2016-07-07 22:11 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-23 15:52 - 2016-07-07 22:11 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-08-23 15:52 - 2016-07-07 22:11 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2016-08-23 15:52 - 2016-07-07 21:35 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2016-08-23 15:52 - 2016-07-07 21:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2016-08-23 15:52 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-08-23 15:52 - 2016-07-04 05:45 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2016-08-23 15:52 - 2016-07-04 05:37 - 02897920 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-08-23 15:52 - 2016-07-04 05:33 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-08-23 15:52 - 2016-07-04 05:04 - 02539008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-08-23 15:52 - 2016-07-04 05:02 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-08-23 15:52 - 2016-07-04 04:19 - 03547136 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-08-23 15:52 - 2016-07-01 22:39 - 00197352 _____ (Microsoft Corporation) C:\Windows\system32\dssenh.dll
2016-08-23 15:52 - 2016-07-01 22:39 - 00157016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dssenh.dll
2016-08-23 15:52 - 2016-01-10 19:08 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-08-23 07:03 - 2016-05-05 02:42 - 00074824 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2016-08-23 07:03 - 2015-05-21 17:36 - 00076480 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2016-08-23 07:03 - 2015-05-21 17:35 - 00068288 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2016-08-23 07:03 - 2015-05-21 17:35 - 00064192 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2016-08-23 07:02 - 2016-08-23 07:02 - 00000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2016-08-23 07:02 - 2016-08-23 07:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2016-08-23 07:02 - 2016-08-23 07:02 - 00000000 ____D C:\Program Files\Common Files\VMware
2016-08-23 07:02 - 2016-08-23 07:02 - 00000000 ____D C:\Program Files (x86)\VMware
2016-08-23 07:02 - 2016-05-05 02:43 - 00446536 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2016-08-23 07:02 - 2016-05-05 02:42 - 00939592 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2016-08-23 07:02 - 2016-05-05 02:42 - 00367176 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2016-08-23 07:02 - 2016-05-05 02:42 - 00041544 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2016-08-23 07:02 - 2016-05-05 02:42 - 00034888 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2016-08-23 07:02 - 2015-10-21 12:41 - 00055488 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2016-08-22 18:18 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-08-22 14:26 - 2016-08-22 14:27 - 00000000 ____D C:\Users\Pawel\Evernote
2016-08-22 14:25 - 2016-08-22 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-08-22 14:03 - 2016-08-22 14:03 - 01216992 _____ C:\Users\Pawel\Downloads\bluff_setup (1).exe
2016-08-22 13:59 - 2016-08-22 13:59 - 01216992 _____ C:\Users\Pawel\Downloads\bluff_setup.exe
2016-08-22 06:31 - 2016-06-25 22:05 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-22 06:31 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-22 06:31 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-22 06:31 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-22 06:31 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-22 06:31 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-08-22 06:31 - 2016-06-22 15:48 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-22 06:31 - 2016-06-21 15:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-22 06:31 - 2016-06-21 15:48 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-22 06:31 - 2016-06-21 15:48 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-22 06:31 - 2016-06-21 15:48 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-22 06:31 - 2016-06-21 15:48 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-22 06:31 - 2016-06-21 15:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-22 06:31 - 2016-06-21 15:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-22 06:31 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-08-22 06:31 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2016-08-22 06:31 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-08-22 06:31 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2016-08-22 06:31 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2016-08-22 06:31 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
 
==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========
 
(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)
 
2016-09-21 08:18 - 2016-03-28 16:10 - 00000000 ____D C:\Users\Pawel\AppData\Roaming\Skype
2016-09-21 08:17 - 2016-04-29 12:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-21 08:16 - 2016-05-27 07:30 - 00000000 ____D C:\Users\Pawel\AppData\Local\Syncplicity
2016-09-21 08:15 - 2016-03-28 12:48 - 00000000 ____D C:\Users\Pawel\AppData\Roaming\VMware
2016-09-21 08:15 - 2016-03-28 12:48 - 00000000 ____D C:\Users\Pawel\AppData\Local\VMware
2016-09-21 08:10 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-09-21 08:07 - 2016-03-27 23:54 - 00003588 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-52599317-89711426-283389858-1001
2016-09-21 08:04 - 2016-04-21 13:00 - 00001834 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Betvictorpoker.lnk
2016-09-21 08:04 - 2016-03-29 08:41 - 00000000 ____D C:\Users\Pawel\AppData\Roaming\Microgaming
2016-09-21 08:03 - 2016-03-28 16:28 - 00000416 _____ C:\Windows\Tasks\update-S-1-5-21-52599317-89711426-283389858-1001.job
2016-09-21 07:37 - 2016-03-29 05:32 - 00000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-21 07:33 - 2016-03-28 10:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-09-21 07:32 - 2016-03-27 23:51 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-52599317-89711426-283389858-1001UA.job
2016-09-21 07:26 - 2016-03-29 05:33 - 00000000 ___RD C:\Users\Pawel\Dropbox
2016-09-21 07:25 - 2016-03-29 05:32 - 00000930 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-21 07:25 - 2016-03-27 23:49 - 00000000 ____D C:\Users\Pawel\OneDrive
2016-09-21 07:25 - 2014-11-21 06:46 - 01835936 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-21 07:25 - 2014-11-21 06:07 - 00809474 _____ C:\Windows\system32\perfh015.dat
2016-09-21 07:25 - 2014-11-21 06:07 - 00164820 _____ C:\Windows\system32\perfc015.dat
2016-09-21 07:25 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-09-21 07:22 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-09-21 07:18 - 2016-03-28 12:39 - 00000000 ____D C:\ProgramData\VMware
2016-09-21 07:18 - 2016-03-27 23:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-21 07:18 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-20 20:22 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-09-20 20:18 - 2016-03-27 23:50 - 00004004 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8E210B90-2004-46BC-AA03-94C4F8DBB54F}
2016-09-20 18:11 - 2016-03-28 11:08 - 00000000 ____D C:\Users\Pawel\AppData\Local\PokerTracker 4
2016-09-20 16:14 - 2016-03-28 12:04 - 00000000 ____D C:\Users\Pawel\AppData\Local\CrashDumps
2016-09-20 13:17 - 2016-03-28 16:28 - 00000416 _____ C:\Windows\Tasks\update-sys.job
2016-09-20 13:17 - 2016-03-27 23:46 - 00000000 ____D C:\Users\Pawel\AppData\Local\VirtualStore
2016-09-20 13:08 - 2016-06-24 11:26 - 00000000 ____D C:\Users\Pawel\Documents\888poker
2016-09-20 12:19 - 2016-03-28 17:25 - 00000000 ____D C:\Users\Pawel\AppData\Roaming\PlanetWin365 Pro
2016-09-20 10:32 - 2016-03-27 23:51 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-52599317-89711426-283389858-1001Core.job
2016-09-20 09:16 - 2016-07-19 07:07 - 00000000 ____D C:\Program Files (x86)\TigerGaming
2016-09-20 09:16 - 2016-03-28 17:16 - 00000000 ____D C:\Users\Pawel\AppData\Local\PokerStars.FR
2016-09-20 07:38 - 2016-03-29 05:32 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-09-19 09:53 - 2016-05-02 15:43 - 00000000 ____D C:\Users\Pawel\Documents\Camtasia Studio
2016-09-17 06:40 - 2016-03-27 23:51 - 00002386 _____ C:\Users\Pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-16 09:45 - 2016-04-03 18:23 - 00000000 ____D C:\Users\Pawel\AppData\Local\PokerStars.EU
2016-09-15 08:29 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-09-15 07:50 - 2013-08-22 16:44 - 00368896 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-15 07:31 - 2016-03-28 00:45 - 00000000 ____D C:\Windows\system32\MRT
2016-09-15 07:28 - 2016-03-28 00:45 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-14 08:17 - 2016-04-29 12:31 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 08:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-14 08:17 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-14 08:00 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-14 08:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-09-10 07:52 - 2016-03-28 11:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-08 16:15 - 2016-05-16 10:15 - 00000000 ____D C:\Users\Pawel\AppData\Local\P5
2016-09-07 03:11 - 2014-11-21 11:07 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:11 - 2014-11-21 11:07 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-06 05:53 - 2016-03-31 07:38 - 00000000 ____D C:\Users\Pawel\Winamax
2016-09-05 19:05 - 2016-03-27 23:45 - 00000000 ____D C:\Users\Pawel
2016-09-05 08:01 - 2016-03-28 17:31 - 00001691 _____ C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk
2016-09-05 08:01 - 2016-03-28 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-01 10:23 - 2016-03-28 11:15 - 00001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-01 10:23 - 2016-03-28 11:15 - 00000000 ____D C:\Users\Pawel\AppData\Roaming\TeamViewer
2016-09-01 07:24 - 2016-04-29 12:29 - 00000000 ____D C:\Users\Pawel\AppData\Local\Winner Poker
2016-09-01 06:35 - 2016-07-14 12:54 - 00000000 ____D C:\Temp
2016-09-01 06:35 - 2016-03-28 10:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-09-01 06:35 - 2016-03-27 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-09-01 06:35 - 2016-03-27 23:53 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-30 09:54 - 2016-03-31 17:36 - 00000000 ____D C:\Users\Pawel\AppData\Local\Equilab
2016-08-26 01:28 - 2016-03-28 10:46 - 17463088 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-08-26 01:28 - 2016-03-28 10:46 - 03456888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-08-26 01:28 - 2016-03-27 23:57 - 19848080 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-08-26 01:28 - 2016-03-27 23:57 - 17263792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-08-26 01:28 - 2016-03-27 23:57 - 14352816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-08-26 01:28 - 2016-03-27 23:57 - 03917512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-08-26 01:28 - 2015-11-10 02:49 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2016-08-26 01:28 - 2015-11-10 01:13 - 00039731 _____ C:\Windows\system32\nvinfo.pb
2016-08-25 23:10 - 2016-03-28 10:48 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-08-25 23:10 - 2016-03-28 10:48 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-08-25 23:10 - 2016-03-27 23:53 - 06385720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-08-25 23:10 - 2016-03-27 23:53 - 02475064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-08-25 23:10 - 2016-03-27 23:53 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-08-25 23:10 - 2016-03-27 23:53 - 01362368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-08-25 23:10 - 2016-03-27 23:53 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-08-25 23:10 - 2016-03-27 23:53 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-08-25 17:55 - 2016-05-28 16:48 - 00000000 ____D C:\PioSOLVER
2016-08-23 16:35 - 2016-03-28 01:20 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-23 16:35 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-08-23 16:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2016-08-23 16:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\setup
2016-08-23 15:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-23 15:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\en-GB
2016-08-23 07:02 - 2016-03-28 12:39 - 01858392 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-08-22 17:18 - 2016-03-27 23:53 - 07320235 _____ C:\Windows\system32\nvcoproc.bin
2016-08-22 06:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
 
==================== Pliki w katalogu głównym wybranych folderów =======
 
2016-03-28 00:26 - 2016-03-28 00:26 - 0000000 _____ () C:\Users\Pawel\AppData\Local\Driver_LOM_8161Present.flag
2016-03-28 16:28 - 2016-03-28 16:28 - 0000003 _____ () C:\Users\Pawel\AppData\Local\updater.log
2016-03-28 16:28 - 2016-08-10 16:17 - 0000424 _____ () C:\Users\Pawel\AppData\Local\UserProducts.xml
2016-03-28 11:08 - 2016-03-28 11:08 - 0004986 _____ () C:\ProgramData\flwjycbm.bab
2016-04-04 00:49 - 2016-04-04 00:49 - 0004099 _____ () C:\ProgramData\kmytnfun.aqy
2016-03-28 11:08 - 2016-03-28 11:08 - 0000016 _____ () C:\ProgramData\mntemp
 
==================== Bamital & volsnap =================
 
(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)
 
C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo
 
 
LastRegBack: 2016-09-21 07:55
 
==================== Koniec  FRST.txt ============================
 
 
Addition:
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 20-09-2016
Uruchomiony przez Pawel (21-09-2016 08:19:42)
Uruchomiony z C:\Users\Pawel\Downloads
Windows 8.1 (Update) (X64) (2016-03-27 21:46:11)
Tryb startu: Normal
==========================================================
 
 
==================== Konta użytkowników: =============================
 
Administrator (S-1-5-21-52599317-89711426-283389858-500 - Administrator - Disabled)
Gość (S-1-5-21-52599317-89711426-283389858-501 - Limited - Disabled)
Pawel (S-1-5-21-52599317-89711426-283389858-1001 - Administrator - Enabled) => C:\Users\Pawel
 
==================== Centrum zabezpieczeń ========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 
==================== Zainstalowane programy ======================
 
(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)
 
7 Sticky Notes (HKLM-x32\...\{2DB7DD8E-F17B-408A-B93B-92867EF7974D}_is1) (Version:  - Fabio Martin)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
888poker (HKLM-x32\...\888poker) (Version:  - )
Adjarabet Poker3D (HKLM-x32\...\ge.singular.adjarabet.mgspoker) (Version: 3.26 - UNKNOWN)
Adjarabet Poker3D (x32 Version: 3.26 - UNKNOWN) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
ÆË¿ËÊÀ½ç (HKLM-x32\...\ÆË¿ËÊÀ½ç) (Version:  - ±±¾©ÁªÖÚµçÄÔ¼¼ÊõÓÐÏÞ¹«Ë¾)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Argen Live Poker (HKLM-x32\...\Argen Live Poker 0) (Version:  - )
Bestpoker Avatar 1.0.0 (HKLM-x32\...\Bestpoker Avatar_is1) (Version: 1.0.0 - bestpoker_avatar)
Betsson Poker by Microgaming (HKLM-x32\...\betssonpoker (Poker)) (Version: 16.6.2.11243 - )
Betvictorpoker (HKLM-x32\...\betvictorpoker (Poker)) (Version: 16.6.2.11243 - )
Bitcoin Armory (HKLM-x32\...\Bitcoin Armory) (Version: 0.93.3.0 - Armory Technologies Inc.)
Bitcoin Core (64-bit) (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Bitcoin Core (64-bit)) (Version: 0.12.1 - Bitcoin Core project)
BlackChipPoker (HKLM-x32\...\FE4D6F94-B3D5-484b-94F7-8BC45DEB7A82) (Version: 16.6 - IGSoft)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
CardRunnersEV3 (HKLM\...\{5DA0E4D1-1F20-44FA-B74C-4FDF16F37DCC}) (Version: 3.2.5 - CardRunnersEV)
Chrome Remote Desktop Host (HKLM-x32\...\{159AA592-31AA-4EAC-A6CB-B47AB2CB1476}) (Version: 52.0.2743.48 - Google Inc.)
Cold Turkey (HKLM-x32\...\{6498E673-B9C2-4544-A722-1E854B5B573E}_is1) (Version: 2.1 - Felix Logic)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crucial Storage Executive (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Crucial Storage Executive 3.24.082015.05) (Version: 3.24.082015.05 - Crucial)
DragonRoomGrandPoker (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\DragonRoomGrandPoker) (Version: 1.0 - DragonRoomGrandPoker)
Dropbox (HKLM-x32\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.35.1 - Dropbox, Inc.) Hidden
dupeGuru (HKLM\...\{C11DACBD-8863-4AA4-94AD-708602F6F7EF}) (Version: 3.9.1 - Hardcoded Software)
Europe-bet.com (HKLM-x32\...\Europe-bet.com 0) (Version:  - )
Evernote v. 6.2.4 (HKLM-x32\...\{1F000A98-5FF1-11E6-8BF2-0050569584E9}) (Version: 6.2.4.3244 - Evernote Corp.)
ExpressVPN (HKLM-x32\...\{7e9357d8-8bdd-4e72-88ac-1b3acedd2b32}) (Version: 5.0.1.551 - ExpressVPN)
ExpressVPN (x32 Version: 5.0.1.551 - ExpressVPN) Hidden
ExpressVPN Compatibility Checks (x32 Version: 1.0.0.0 - ExpressVPN) Hidden
f.lux (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Flux) (Version:  - )
Flopzilla (HKLM-x32\...\{4CF44586-B790-48FB-987D-F18081771E90}) (Version: 1.8.2 - Flopzilla)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
FulPot_Poker (HKLM-x32\...\Fulpot_game_FulPot_Poker) (Version: 1.0 - FulPot Game)
Git version 2.8.2 (HKLM\...\Git_is1) (Version: 2.8.2 - The Git Development Community)
Google Chrome (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Image Eye v9.1 x64 (HKLM\...\Image Eye_is1) (Version:  - FMJ-Software)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1337.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intertops Poker (HKLM-x32\...\Intertops Poker) (Version: 2.0.1.8605 - Intertops Poker)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Killer Bandwidth Control Filter Driver (Version: 1.1.57.1346 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.57.1346 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.57.1346 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{009DF489-4590-4579-BAB2-0136BB829E4A}) (Version: 1.1.57.1346 - Rivet Networks)
Kingshands Client 2.0.7 (HKLM\...\{6C5A0307-2A93-448D-A3F2-BCEA2EFF560D}_is1) (Version:  - Kingshands)
KingsHandsCGConverter (HKLM-x32\...\{16CF1104-71E5-40E7-8FB4-7E31E4E8A187}) (Version: 0.0.1.16 - GrandIT)
KingsHandsChicoEquityConverter (HKLM-x32\...\{FDA1CB41-113E-4365-B162-D59011A34D78}) (Version: 0.0.1.5 - GrandIT)
KingsHandsKlasPokerConverter (HKLM-x32\...\{943C5581-71D5-4147-A11B-92245328438D}) (Version: 0.0.0.5 - GrandIT)
KingsHandsStarliveConverter (HKLM-x32\...\{C41BEB50-F1A3-444A-9E35-6C7968A0DFAB}) (Version: 1.0.3.39 - GrandIT)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Logitech Gaming Software 8.83 (HKLM\...\Logitech Gaming Software) (Version: 8.83.85 - Logitech Inc.)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 pl)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
Node.js (HKLM\...\{ACD27C2D-12B6-40A1-B91E-1EB45456EBF9}) (Version: 6.1.0 - Node.js Foundation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 372.70 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Oprogramowanie mikroukładu Intel® (x32 Version: 10.1.2.10 - Intel® Corporation) Hidden
Ourgame Poker (HKLM-x32\...\Ourgame Poker) (Version: 31.03.2016_11.47.35 - Ourgame Poker)
partypoker (HKLM-x32\...\PartyPoker) (Version:  - PartyGaming)
PlanetWin365 Pro 2.42 build 733 (HKLM-x32\...\PlanetWin365 Pro) (Version: 2.42 build 733 - PlanetWin365 Pro)
PokerKing (HKLM-x32\...\496A04E7-2038-427a-AA40-B32DDB67EC74) (Version: 16.6 - IGSoft)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PokerStars.fr (HKLM-x32\...\PokerStars.fr) (Version:  - PokerStars.fr)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version:  - )
PostgreSQL 9.3  (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version:  - Kakao Corp.)
Power-Equilab (HKLM-x32\...\Power-Equilab) (Version:  - )
Python 2.7.11 (HKLM-x32\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
RAY Pokeri (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\raypoker) (Version:  - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.20.15.29263 - Razer Inc.)
Red Star Poker (HKLM-x32\...\redstarpoker (Poker)) (Version: 16.6.2.11243 - )
RescueTime 2.12.4.1457 (HKLM-x32\...\{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version:  - RescueTime.com)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Snagit 11 (HKLM-x32\...\{90D0FC4B-D653-4F49-BB97-A48C74A52E71}) (Version: 11.4.3 - TechSmith Corporation)
Sound Blaster Recon3Di (HKLM-x32\...\{35F6AC62-F1A7-4BE2-A8AF-C909AC0B824D}) (Version: 1.03.11 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{536BDBFC-CA1A-4AC0-A8EB-BB2D0F1F522E}) (Version: 1.0 - Creative Technology Limited)
SourceTree (HKLM-x32\...\SourceTree 1.8.3) (Version: 1.8.3 - Atlassian)
SourceTree (x32 Version: 1.8.3 - Atlassian) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
Syncplicity (HKLM\...\{69D16DAD-5ABD-4662-926E-D7F51906E156}) (Version: 4.0.0.5593 - Syncplicity, Inc.)
TableScan Turbo v1.0.13 (HKLM-x32\...\{0B82D6C6-9ECC-4710-97AB-5CE482E72852}_is1) (Version:  - Zandry, LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
TigerGaming (HKLM-x32\...\TigerGaming 0) (Version:  - )
Todoist (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\{B1B3C79A-FFD9-4B28-A456-62B6E55E2A5C}_is1) (Version: 2.7.6.0 - Doist Ltd.)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 11.1.4 - VMware, Inc)
VMware Workstation (Version: 11.1.4 - VMware, Inc.) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Winamax (HKLM-x32\...\Winamax 4.10.0) (Version: 4.10.0 - Winamax)
Winamax (HKLM-x32\...\Winamax 4.10.1) (Version: 4.10.1 - Winamax)
Winamax (HKLM-x32\...\Winamax 4.10.2) (Version: 4.10.2 - Winamax)
Winamax (HKLM-x32\...\Winamax 4.7.1) (Version: 4.7.1 - Winamax)
Winamax (HKLM-x32\...\Winamax 4.9.1) (Version: 4.9.1 - Winamax)
Winamax (HKLM-x32\...\Winamax 4.9.2) (Version: 4.9.2 - Winamax)
Winamax (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Winamax 4.7.0) (Version: 4.7.0 - Winamax)
Winamax (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Winamax 4.7.3) (Version: 4.7.3 - Winamax)
Winamax (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\Winamax 4.8.1) (Version: 4.8.1 - Winamax)
Wind Poker version 1.0 (HKLM-x32\...\Wind Poker_is1) (Version: 1.0 - )
WinDirStat 1.1.2 (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\WinDirStat) (Version:  - )
Winner Poker (HKU\S-1-5-21-52599317-89711426-283389858-1001\...\winnerpoker) (Version:  - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
 
==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
CustomCLSID: HKU\S-1-5-21-52599317-89711426-283389858-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Pawel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-52599317-89711426-283389858-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Pawel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-52599317-89711426-283389858-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Pawel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-52599317-89711426-283389858-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Pawel\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
 
==================== Zaplanowane zadania (filtrowane) =============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
Task: {0567155B-DC9B-4BE2-83AE-4DE7C9F40370} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D023259-A5DA-4496-A140-381F9F97E733} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-29] (Dropbox, Inc.)
Task: {28590CC0-491B-49AC-8D5F-0113232D461B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-52599317-89711426-283389858-1001Core => C:\Users\Pawel\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {3060CC48-460E-4CC0-8F6B-13CEE8FEEDA1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-52599317-89711426-283389858-1001UA => C:\Users\Pawel\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {34BFC68A-4B35-428B-8599-160696DDE69F} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {3FBF0643-535E-4356-AD1F-84A3E8211F13} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-03-29] (Dropbox, Inc.)
Task: {8B119ACC-5628-45A6-82F0-D821CFDD1136} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {9C4325F5-297C-4C04-9CED-839BBED5EFEC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {A46ED9CF-A965-42B7-9294-8EF489756503} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {AA20AAC3-A786-41A8-B5AB-4EDABD659D19} - System32\Tasks\CTServiceInstaller => C:\Program Files (x86)\Cold Turkey\\CTServiceInstaller.exe [2016-03-18] (Felix Belzile)
Task: {BDEB804B-8325-469B-AC1D-1E51C911CCE9} - System32\Tasks\update-S-1-5-21-52599317-89711426-283389858-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {C9D1EE40-D07C-41F6-9AD4-5CB8ECDC6877} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {F4A66A6E-0B9A-4154-80F6-6273926B311D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)
 
(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-52599317-89711426-283389858-1001Core.job => C:\Users\Pawel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-52599317-89711426-283389858-1001UA.job => C:\Users\Pawel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-52599317-89711426-283389858-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Skróty =============================
 
(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)
 
ShortcutWithArgument: C:\Users\Pawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Users\Pawel\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
 
==================== Załadowane moduły (filtrowane) ==============
 
2016-03-27 23:53 - 2016-08-25 23:10 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-09 15:56 - 2016-03-09 15:56 - 00331264 _____ () C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
2016-03-10 16:56 - 2016-03-10 16:56 - 09641976 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
2016-03-28 10:48 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-28 10:48 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-12 08:13 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-28 10:48 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-28 12:03 - 2016-02-09 08:46 - 00179712 _____ () C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll
2015-11-05 01:11 - 2015-11-05 01:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-05-28 12:04 - 2014-02-05 11:16 - 01336832 _____ () C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll
2016-05-05 02:18 - 2016-05-05 02:18 - 12736584 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2016-05-12 08:13 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-12 08:13 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-28 10:48 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-05-12 08:13 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-12 08:13 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-12 08:13 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-04-29 00:49 - 2016-04-29 00:49 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-04-29 00:49 - 2016-04-29 00:49 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll
2016-03-28 12:52 - 2014-03-02 22:35 - 00075776 _____ () C:\Program Files (x86)\Cold Turkey\PcapDotNet.Core.dll
2016-03-10 16:56 - 2016-03-10 16:56 - 00379384 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.FilterManager.dll
2016-09-20 12:34 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-09-20 12:34 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-09-20 12:34 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-09-20 12:34 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-09-20 12:34 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-05-05 02:42 - 2016-05-05 02:42 - 01309768 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2016-05-05 02:18 - 2016-05-05 02:18 - 00202824 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
2016-05-05 02:18 - 2016-05-05 02:18 - 00199752 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
2016-05-05 02:18 - 2016-05-05 02:18 - 00396360 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
2014-06-24 16:08 - 2014-06-24 16:08 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-03-28 10:48 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-17 06:40 - 2016-09-14 02:38 - 01806152 _____ () C:\Users\Pawel\AppData\Local\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 06:40 - 2016-09-14 02:38 - 00094024 _____ () C:\Users\Pawel\AppData\Local\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-06-24 12:20 - 2015-09-28 13:04 - 50572288 _____ () C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\libcef.DLL
2016-06-24 12:20 - 2015-09-28 13:04 - 01874944 _____ () C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\libglesv2.dll
2016-06-24 12:20 - 2015-09-28 13:04 - 00075264 _____ () C:\Users\Pawel\AppData\Local\Todoist\WindowsDesktopApp\libegl.dll
2016-07-14 12:51 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-02-26 10:29 - 2016-02-26 10:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-03-29 05:32 - 2016-08-24 06:43 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-09-20 07:38 - 2016-08-24 06:43 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-09-20 07:38 - 2016-08-24 06:43 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-09-20 07:38 - 2016-08-24 06:43 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-03-29 05:32 - 2016-08-24 06:43 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-03-29 05:32 - 2016-08-24 06:43 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-03-29 05:32 - 2016-09-20 03:15 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-03-29 05:32 - 2016-08-24 06:43 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-03-29 05:32 - 2016-08-24 06:43 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-10 10:27 - 2016-09-20 03:15 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-09-20 07:38 - 2016-08-24 06:43 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-09-20 07:38 - 2016-08-24 06:45 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-03-29 05:32 - 2016-09-20 03:15 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-10 10:27 - 2016-09-20 03:15 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-03-29 05:32 - 2016-08-24 06:43 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-08-10 10:27 - 2016-08-24 06:44 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-03-29 05:32 - 2016-09-20 03:15 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-03-29 05:32 - 2016-09-20 03:15 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-03-29 05:32 - 2016-09-20 03:15 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-03-29 05:32 - 2016-09-20 03:15 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-03-29 05:32 - 2016-09-20 03:15 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-09-20 07:38 - 2016-08-24 06:41 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-09-20 07:38 - 2016-09-20 03:15 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-09-20 07:38 - 2016-09-20 03:15 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-03-29 05:32 - 2016-08-24 06:43 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-10 10:27 - 2016-09-20 03:15 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-03-29 05:32 - 2016-08-24 06:45 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-10 10:27 - 2016-09-20 03:15 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-09-20 07:38 - 2016-09-20 03:15 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
 
==================== Alternate Data Streams (filtrowane) =========
 
(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)
 
AlternateDataStreams: C:\Program Files (x86)\Intertops Poker:MID [81]
 
==================== Tryb awaryjny (filtrowane) ===================
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)
 
 
==================== Powiązania plików (filtrowane) ===============
 
(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)
 
 
==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)
 
 
==================== Hosts - zawartość: ===============================
 
(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Inne obszary ============================
 
(Obecnie brak automatycznej naprawy dla tej sekcji.)
 
HKU\S-1-5-21-52599317-89711426-283389858-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pawel\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]
 
==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==
 
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\StartupApproved\Run: => "CPN Notifier"
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-52599317-89711426-283389858-1001\...\StartupApproved\Run: => "Viber"
 
==================== Reguły Zapory systemu Windows (filtrowane) ===============
 
(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4126929E-4B1B-4C12-9523-CA7E20DE2A21}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FEF018DA-A7B6-475D-AF1B-39459C8E8732}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{86F84CC3-4529-4769-B651-0EE2070F11D1}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{BA34B8DD-353C-4D9D-AAA8-F6BE38967217}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{67E84956-3087-4010-8B34-43B918470BC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EFE06422-F039-42AA-B243-D15516CFBBD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7D8D66CC-6662-4973-9EB6-734FDBD2B0D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{956772F2-3A9C-49BC-B165-AD1DE4A84715}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D1A8DC9A-8610-4640-B711-40E7354F63CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{82B01ECC-EC56-4955-A319-37EEE0466669}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{AD6A4918-3409-4397-9F84-0B10D3E09787}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20F1F35E-A14A-4997-ADDF-EB06D64156F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AB59F83C-B428-473F-9616-B4B2075CBBDC}] => (Allow) LPort=8298
FirewallRules: [{D7AB4E3D-40CA-48B5-B13C-034D0121C88A}] => (Allow) LPort=8317
FirewallRules: [TCP Query User{0FF4AAA6-0C99-433D-B420-932C8D284598}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{E2C65FD9-F352-451E-ACDE-B7B9CF4B0780}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{CD533059-356F-4BDC-B634-3E4785D42DAA}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe
FirewallRules: [{3985B82B-EFE4-40AD-99E8-96A7ECDDCD29}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe
FirewallRules: [{02279230-2B9F-47D4-A710-B70B5D8AB243}] => (Allow) C:\Poker\Poker Rooms\Intertops Poker\PokerClient.exe
FirewallRules: [{BE3B103B-60D1-4342-8B5F-814D21C54DFE}] => (Allow) C:\Poker\Poker Rooms\Intertops Poker\PokerClient.exe
FirewallRules: [{DE8CA6FC-66C1-4268-9CE7-5557F7ED699A}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{FF633091-1B6D-46AB-815A-DF5037010BA5}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{4DE55B8C-28EC-4E60-A4CB-8B8EB8A41F49}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{5E03B6FA-FA67-4D54-AF3D-CD13586BB7D2}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{6E9D0169-FDAF-41BF-9F71-21855CE40B7D}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
FirewallRules: [{039E1888-E5C3-419E-B098-19BD6D75820D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{30F12D02-B741-4D7E-AC86-D6C3ACC7CB69}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{74091F48-6E0C-4687-9AFF-AC2C961C5200}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0039EA3D-E319-4536-905C-92921605AFD5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8C8F07EB-5F9C-402E-9742-B6ABC41E3B54}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Punkty Przywracania systemu =========================
 
 
==================== Wadliwe urządzenia w Menedżerze urządzeń =============
 
 
==================== Błędy w Dzienniku zdarzeń: =========================
 
Dziennik Aplikacja:
==================
Error: (09/21/2016 08:05:08 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\users\pawel\appdata\roaming\windpoker\WindPoker.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
Error: (09/21/2016 07:48:05 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\users\pawel\appdata\roaming\windpoker\WindPoker.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
Error: (09/21/2016 07:18:38 AM) (Source: nssm) (EventID: 1018) (User: )
Description: Failed to read registry value AppDirectory:
Operacja ukończona pomyślnie.
 
Error: (09/20/2016 05:59:37 PM) (Source: nssm) (EventID: 1018) (User: )
Description: Failed to read registry value AppDirectory:
Operacja ukończona pomyślnie.
 
Error: (09/20/2016 04:14:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bsplayer.exe, version: 2.7.0.1080, time stamp: 0x2a425e19
Faulting module name: bsplayer.exe, version: 2.7.0.1080, time stamp: 0x2a425e19
Exception code: 0xc000041d
Fault offset: 0x000038c0
Faulting process ID: 0x25c0
Faulting application start time: 0x01d213436bdb25df
Faulting application path: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
Faulting module path: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
Report ID: 9663b08f-7f3c-11e6-834e-7c5cf83a5b3c
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/20/2016 04:14:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bsplayer.exe, version: 2.7.0.1080, time stamp: 0x2a425e19
Faulting module name: bsplayer.exe, version: 2.7.0.1080, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x000038c0
Faulting process ID: 0x25c0
Faulting application start time: 0x01d213436bdb25df
Faulting application path: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
Faulting module path: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
Report ID: 951d66d8-7f3c-11e6-834e-7c5cf83a5b3c
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/20/2016 03:31:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program bsplayer.exe version 2.7.0.1080 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1260
 
Start Time: 01d2133b6216ed51
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
 
Report Id: 9590bee6-7f36-11e6-834e-7c5cf83a5b3c
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (09/20/2016 01:14:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\users\pawel\appdata\roaming\windpoker\WindPoker.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
Error: (09/20/2016 01:10:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\users\pawel\appdata\roaming\windpoker\WindPoker.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
Error: (09/20/2016 12:35:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\users\pawel\appdata\roaming\windpoker\WindPoker.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 
 
Dziennik System:
=============
Error: (09/20/2016 08:22:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Uruchom usługę ponownie.
 
Error: (09/20/2016 04:46:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Uruchom usługę ponownie.
 
Error: (09/20/2016 01:08:48 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The AMW Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
 
Error: (09/20/2016 07:38:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Wykrywanie usług interakcyjnych service terminated with the following error: 
Incorrect function.
 
Error: (09/20/2016 07:38:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Wykrywanie usług interakcyjnych service terminated with the following error: 
Incorrect function.
 
Error: (09/19/2016 09:09:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Uruchom usługę ponownie.
 
Error: (09/19/2016 06:54:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Uruchom usługę ponownie.
 
Error: (09/19/2016 03:44:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Uruchom usługę ponownie.
 
Error: (09/19/2016 03:41:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Uruchom usługę ponownie.
 
Error: (09/19/2016 03:41:05 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: The właściwe dla aplikacji permission settings do not grant Lokalny Aktywacja permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user ZARZĄDZANIE NT\SYSTEM SID (S-1-5-18) from address LocalHost (użycie LRPC) running in the application container Niedostępny SID (Niedostępny). This security permission can be modified using the Component Services administrative tool.
 
 
==================== Statystyki pamięci =========================== 
 
Procesor: Intel® Core™ i7-5820K CPU @ 3.30GHz
Procent pamięci w użyciu: 18%
Całkowita pamięć fizyczna: 32593.93 MB
Dostępna pamięć fizyczna: 26606.19 MB
Całkowita pamięć wirtualna: 65361.93 MB
Dostępna pamięć wirtualna: 54204.07 MB
 
==================== Dyski ================================
 
Drive c: () (Fixed) (Total:465.66 GB) (Free:103.97 GB) NTFS
Drive d: () (Fixed) (Total:232.88 GB) (Free:83.3 GB) NTFS
 
==================== MBR & Tablica partycji ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 027A99E2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: BE90E8F8)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
==================== Koniec  Addition.txt ============================
 
 
 
Regards gmiliq
 

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:09 AM

Posted 21 September 2016 - 10:24 AM

Greetings and thank you for the information. Please right click on frst64.exe and rename it to frst64english.exe.

Do you recognize these?

Germany Dusseldorf Velia.net Internetdienste Gmbh
C:\Users\Pawel\Downloads\bluff_setup.exe


Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF9B7A4C7-4BA4-46C4-B6D4-77F7E9A9F731&SSPV=
CHR Extension: (FVD Suggestions) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\caoielngcdpgeldnckhponffkiajaobo [2016-08-11]
S3 dbx; system32\DRIVERS\dbx.sys [X]
CustomCLSID: HKU\S-1-5-21-52599317-89711426-283389858-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Pawel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-52599317-89711426-283389858-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Pawel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Brak pliku
C:\ProgramData\flwjycbm.bab
C:\ProgramData\kmytnfun.aqy
  • Right click on FRST.exe, select Run as administrator then press the Fix button
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

AdwCleaner by Xplode

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed if there are threats found you will see Found 3 threats or something similar above the progress bar
  • Click each tab under Results and uncheck any items you want to keep
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
===================================================

Installed Programs

--------------------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type appwiz.cpl and press Enter
  • A list of installed programs will be displayed
  • Please see if you can identify the item listed in bold

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
ÆË¿ËÊÀ½ç (HKLM-x32\...\ÆË¿ËÊÀ½ç) (Version: - ±±¾©ÁªÖÚµçÄÔ¼¼ÊõÓÐÏÞ¹«Ë¾)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Argen Live Poker (HKLM-x32\...\Argen Live Poker 0) (Version: - )

  • Report that information in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Recognize entries?
  • Fixlog
  • AdwCleaner log
  • Program identification?
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 gmiliq

gmiliq
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 22 September 2016 - 01:18 AM

Hey Gary, thanks for answer!!!

 

Do you recognize these?

Germany Dusseldorf Velia.net Internetdienste Gmbh   -> Nope

C:\Users\Pawel\Downloads\bluff_setup.exe -> It's a game, if it's dangerus I can remove it

 

 

 

 

 

 

 

 

 

 

 

 

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2016

Ran by Pawel (22-09-2016 08:05:20) Run:1
Running from C:\Users\Pawel\Downloads
Loaded Profiles: Pawel (Available Profiles: Pawel)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPF9B7A4C7-4BA4-46C4-B6D4-77F7E9A9F731&SSPV=
CHR Extension: (FVD Suggestions) - C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\caoielngcdpgeldnckhponffkiajaobo [2016-08-11]
S3 dbx; system32\DRIVERS\dbx.sys [X]
CustomCLSID: HKU\S-1-5-21-52599317-89711426-283389858-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Pawel\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Brak pliku
CustomCLSID: HKU\S-1-5-21-52599317-89711426-283389858-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Pawel\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Brak pliku
C:\ProgramData\flwjycbm.bab
C:\ProgramData\kmytnfun.aqy
*****************
 
Error: (0) Failed to create a restore point.
Processes closed successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
Chrome HomePage => removed successfully
C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\Default\Extensions\caoielngcdpgeldnckhponffkiajaobo => moved successfully
dbx => service removed successfully
"HKU\S-1-5-21-52599317-89711426-283389858-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}" => key removed successfully
"HKU\S-1-5-21-52599317-89711426-283389858-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}" => key removed successfully
C:\ProgramData\flwjycbm.bab => moved successfully
C:\ProgramData\kmytnfun.aqy => moved successfully
 
 
The system needed a reboot.
 
==== End of Fixlog 08:05:21 ====
 
 
 
 
 
 
 
 
 
 
 
 
 
AdwCleaner by Xplode
 
 
# AdwCleaner v6.020 - Logfile created 22/09/2016 at 08:11:32
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-09-21.1 [Server]
# Operating System : Windows 8.1  (X64)
# Username : Pawel - ILIDEKDESKTOP
# Running from : C:\Users\Pawel\Downloads\adwcleaner_6.020.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\Users\Pawel\AppData\Local\{698D0BA5-6E4B-44BD-9F9A-AA32F2E98D9A}
 
 
***** [ Files ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKU\S-1-5-21-52599317-89711426-283389858-1001\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-52599317-89711426-283389858-1001\Software\dobreprogramy
[-] Key deleted: HKU\S-1-5-21-52599317-89711426-283389858-1001\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[#] Key deleted on reboot: HKCU\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\dobreprogramy
[#] Key deleted on reboot: HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[-] Key deleted: HKLM\SOFTWARE\Conduit
[#] Key deleted on reboot: [x64] HKCU\Software\Conduit
[#] Key deleted on reboot: [x64] HKCU\Software\dobreprogramy
[#] Key deleted on reboot: [x64] HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
 
 
***** [ Web browsers ] *****
 
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [1894 Bytes] - [22/09/2016 08:11:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [2084 Bytes] - [22/09/2016 08:11:05]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2040 Bytes] ##########
 
 
 
 
 
 
 
 
 
 
 
 
 
Installed Programs
 
I do it's a chinesse game 
 
 
 
 
 
 
 
 
  • Update on computer performance

I'll do the same thing that I was doing ealier and faced lags and let you know, today, latter on, if there are further steps go a head. Just want to give you an answer as fast as possible

 

Really appretiate your help,

Thanks a lot! 

 

 


#6 gmiliq

gmiliq
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 22 September 2016 - 01:20 AM

Btw  AdwCleaner by Xplode

 

Told me to look for and enable:

kaspersky pup detection

 

I'd do that right away but you told me to wait for further instruction and don't fix all at the same time,
So I am waiting. 



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:09 AM

Posted 22 September 2016 - 08:45 AM

Greetings and thank you for the information.
 

C:\Users\Pawel\Downloads\bluff_setup.exe -> It's a game, if it's dangerus I can remove it

No, it is not dangerous, just unknown to me.

-----
 

I do it's a chinesse game

Perfect, thanks.

-----

I am not sure I understand the Kaspersky issue. AdwCleaner identified something with Kaspersky?

-----

Please do this while we monitor your computer.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Review the list of entries and if there are any you want to keep stop and copy/paste the ESET.txt report in your reply for my review
  • If you do not wish to keep any of the entries check Uninstall application on close and Delete quarantined files
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message saying UNSUPPORTED OPERATING SYSTEM! ABORTED! reboot your computer and attempt to run it again
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Reply to question about Kaspersky
  • ESET log
  • Security Check log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:09 AM

Posted 25 September 2016 - 08:29 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 gmiliq

gmiliq
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 25 September 2016 - 10:45 AM

Hello,

 

Sorry for not positng it earlier but 30 sec latter and I'd late for bus. 

I do not have access to my desktop for another 2-3 days, I am traveling.

As soon as I back will replay your message.

 

Have a fantastic day!



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:09 AM

Posted 25 September 2016 - 12:51 PM

No problem, just wanted to make sure you are still with me.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:09 AM

Posted 30 September 2016 - 01:26 PM

How are we doing?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 gmiliq

gmiliq
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 01 October 2016 - 12:18 PM

Hey Gary,

 

1) ESET Online Scanner

C:\Users\Pawel\Downloads\HD-Tune-12177-dp.exe a variant of Win32/InstallCore.ALN potentially unwanted application cleaned by deleting
D:\!Back Up\Format\Microsoft.Office.2013.x64.ISO(64 bit).rar a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application deleted
 
2) screen317's Security Check

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Kaspersky Internet Security   
Windows Defender              
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Java 8 Update 101  
 Java version 32-bit out of Date! 
 Adobe Flash Player 23.0.0.162  
 Mozilla Firefox (45.0.1) 
 Google Chrome (52.0.2743.116) 
 Google Chrome (53.0.2785.116) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 Kaspersky Lab Kaspersky Internet Security 16.0.1 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 16.0.1 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
 
3) Reply to question about Kaspersky

 

AdwCleaner by Xplode Told me to look for and enable: kaspersky pup detection

At the end of scan with AdwCleaner, it said that I should enable kaspersky pup detection to protect my computer in the future. I told you that because I changed nothing that you did not recomend, as you mentoned at the beggining of the treat (Up to yesterday) 

 

4) Computer Performance

 

I had a very strong feeling that the issue may be version  of adobe air. I was closing and opponening programs and found that it stopped frezzing when I closed program that was using adobe air. I opened more programs to use 4x more memory and procesor than the previous program and it still was working better. I did unistall adobe air 23 and installed 22 and it works great since then. 

 

However I have one question for you. What about boot of computer? It take like 1-2min to boot my PC and when I see this: 

http://prntscr.com/colret

I swear at it, how it can be sooo slow. 

 

 

Btw sorry for delay. Was doing administration stuff, took whole day longer and because of that was late with work for one day and had to made up with it = less sleep, less rest, more rush and so on.



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:09 AM

Posted 01 October 2016 - 05:20 PM

Greetings,

Thanks for the reply and no problem on the delay. I need to check because sometimes people just abandon the topic without saying anything.

Enable Kaspersky PUP protection.

Please do this and let me know if it boots faster.

===================================================

Clean Boot

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msconfig and press Enter
  • If you are prompted for an administrator password or for a confirmation, type the password, or provide confirmation
  • Click the General tab then click Selective Startup
  • Check Load system services
  • Uncheck Load Startup Items
  • Click the Services tab
  • Click to select the Hide All Microsoft Services check box
  • Click Disable All, and then click OK
  • When you are prompted, click Restart and boot into Normal Mode
  • Check your computer performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 gmiliq

gmiliq
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 02 October 2016 - 01:22 AM

It did changed a lot, however when I enabled autoupdates again it still kind of slow. 

Btw 

Java 8 Update 101  
 Java version 32-bit out of Date!
 
How to treat this? 


#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:09 AM

Posted 02 October 2016 - 08:47 AM

Greetings,

We don't need to update Java 32 bit.

Windows Updates are usually slow so that isn't a big concern.

Either you have a 3rd party program slowing down the boot process or you have too many things loading automatically at startup. Let's troubleshoot the 3rd party programs first. Please do this.

===================================================

Troubleshooting in Clean Boot Environment

--------------------
  • While in a Clean Boot Environment place a check mark in half of the unchecked items and reboot your computer
  • If your symptoms reappear, uncheck an item, reboot your computer and see if your symptoms disappear. Repeat the process as necessary
  • If your symptoms do not appear, check an additional item, reboot your computer and see if your symptoms reappear. Repeat the process as necessary
  • Note: It is possible the unchecking and rechecking of items resolves the underlying issue without a particular service being identified as the culprit
  • List the program(s) causing your difficulties in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users