Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cse.google problem


  • This topic is locked This topic is locked
8 replies to this topic

#1 wpadka

wpadka

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 06 January 2017 - 07:06 AM

In my google chroome when i trying to use google search then website is changing to cse.google. I scanned my computer with MBAM, Eset and AdwCleaner. This last is finding something in "HKLM64\SOFTWARE\MICROSOFTWindows\Currentversion\RunOnce" but when i`m cleaning it and restarting my computer then nothing is changing and adwcleaner is finding this again. I have this problem only in my Google Chroome i was reinstaling this but this didnt help.

 

Here is my scan with FRST:

 

"Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Ran by Milosz (administrator) on CREARTHOR (06-01-2017 12:56:51)
Running from C:\Users\Milosz\Downloads
Loaded Profiles: Milosz &  (Available Profiles: Milosz)
Platform: Windows 10 Home Version 1607 (X64) Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(MPC-HC Team) C:\Program Files (x86)\SVP\MPC-HC\mpc-hc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\Temp\g6F4B.tmp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5342\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.8180\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8180\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8180\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Milosz\Downloads\adwcleaner_6.041.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Milosz\Downloads\ENGLISHFRST64.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-08-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\RunOnce: [wd] => C:\WINDOWS\TEMP\g6F4B.tmp.exe [191488 2017-01-06] () <===== ATTENTION
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\MountPoints2: {2b0bc7e1-9e89-11e5-82ab-f079593383b9} - "G:\_DS.exe"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\MountPoints2: {386ea456-9f09-11e5-82ad-f079593383b9} - "H:\_DS.exe"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\MountPoints2: {90ebff8d-8c46-11e4-8252-806e6f6e6963} - "E:\setup.exe"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\MountPoints2: {a0c5ec1d-652b-11e5-828d-f079593383b9} - "F:\Setup.exe"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\MountPoints2: {2b0bc7e1-9e89-11e5-82ab-f079593383b9} - "G:\_DS.exe"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\MountPoints2: {386ea456-9f09-11e5-82ad-f079593383b9} - "H:\_DS.exe"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\MountPoints2: {90ebff8d-8c46-11e4-8252-806e6f6e6963} - "E:\setup.exe"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\MountPoints2: {a0c5ec1d-652b-11e5-828d-f079593383b9} - "F:\Setup.exe"
ShellExecuteHooks: No Name - {5E5DD81E-CC36-11E6-A1DE-64006A5CFC23} -  -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-01-06]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Action Manager 32.lnk [2016-08-25]
ShortcutTarget: Action Manager 32.lnk -> C:\Program Files (x86)\Plustek\OpticPro S28\AM32.exe ()
Startup: C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-01-17]
ShortcutTarget: Curse.lnk -> C:\Users\Milosz\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-1398810750-701520212-253893804-1001] => Proxy is enabled.
ProxyEnable: [S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520] => Proxy is enabled.
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{415e0c7f-b292-4c34-833a-a0fd8ec42a6f}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{59325281-2a1f-41d7-ace7-4a8666503714}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{a48027a5-6a58-49d3-bdb3-29aed71c547d}: [DhcpNameServer] 62.179.1.61 62.179.1.63

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1398810750-701520212-253893804-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1398810750-701520212-253893804-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888 [2017-01-06]
FF Extension: (Flash and Video Download) - C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2017-01-06]
FF Extension: (Adblock Plus) - C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-26] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-26] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-04] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1398810750-701520212-253893804-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-06] ()
FF Plugin HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-06] ()

Chrome:
=======
CHR HomePage: Default -> hxxp://msn.gazeta.pl/msn/0,0.html?pc=UP97&ocid=UP97DHP&dt=071013
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default [2017-01-06]
CHR Extension: (Prezentacje Google) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-04]
CHR Extension: (Flash Video Downloader) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-01-04]
CHR Extension: (Dokumenty Google) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-04]
CHR Extension: (Dysk Google) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-04]
CHR Extension: (YouTube) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-04]
CHR Extension: (ZenMate - IP & Browser Check) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchhalahcjpkabdgonjhoogdcipienhf [2017-01-04]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2017-01-04]
CHR Extension: (Arkusze Google) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-05]
CHR Extension: (AdBlock) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-04]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-01-04]
CHR Extension: (Video Downloader Pro) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilppkoakomgpcblpemgbloapenijdcho [2017-01-04]
CHR Extension: (DotVPN — a better way to VPN) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2017-01-04]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-04]
CHR Extension: (Gmail) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-04]
CHR Extension: (Chrome Media Router) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-04]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0209301483697013mcinstcleanup; C:\Users\Milosz\AppData\Local\Temp\020930~1.EXE [922152 2016-03-02] (McAfee, Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-11-24] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-07-23] (EasyAntiCheat Ltd)
S4 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-08-04] (ELAN Microelectronics Corp.)
S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2016-10-23] (Macrovision Europe Ltd.) [File not signed]
S4 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [284224 2016-12-23] (GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-12-02] (GOG.com)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
S2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21232 2015-07-09] (Microsoft Corporation) [File not signed]
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3685968 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S4 Origin Client Service; D:\Program Files (x86)\Programy\Origin\OriginClientService.exe [2118664 2016-12-03] (Electronic Arts)
S2 Origin Web Helper Service; D:\Program Files (x86)\Programy\Origin\OriginWebHelperService.exe [2180112 2016-12-03] (Electronic Arts)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [872432 2016-06-23] (Tunngle.net GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S4 AIPS; d:\Program Files (x86)\netcut\services\AIPS.exe [X]
S4 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]
S2 Phiblysuputher; C:\Program Files (x86)\Jerqerthervnaly\SerpocultCnf.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-09-28] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-11-11] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-01-04] (REALiX™)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-06] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-06] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-06] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-06] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-06] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-01-29] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows ® Win 7 DDK provider)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek                                            )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [607512 2015-12-02] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 SRS_SSCFilter; C:\WINDOWS\system32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] ()
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-01-05] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-06 12:56 - 2017-01-06 12:56 - 01854002 _____ C:\Users\Milosz\Downloads\FRST64.rar
2017-01-06 12:48 - 2017-01-06 12:52 - 00074364 _____ C:\Users\Milosz\Downloads\Addition.txt
2017-01-06 12:45 - 2017-01-06 12:56 - 00028443 _____ C:\Users\Milosz\Downloads\FRST.txt
2017-01-06 12:45 - 2017-01-06 12:56 - 00000000 ____D C:\FRST
2017-01-06 12:45 - 2017-01-06 12:45 - 02418176 _____ (Farbar) C:\Users\Milosz\Downloads\ENGLISHFRST64.exe
2017-01-06 11:02 - 2017-01-06 11:02 - 00000005 _____ C:\WINDOWS\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2017-01-06 11:00 - 2014-02-10 18:59 - 00040872 _____ (SlySoft, Inc.) C:\WINDOWS\system32\Drivers\Elb1233.tmp
2017-01-06 01:44 - 2017-01-06 11:53 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-06 01:44 - 2017-01-06 01:44 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-06 01:44 - 2017-01-06 01:44 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-06 01:44 - 2017-01-06 01:44 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-06 01:43 - 2017-01-06 01:43 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-06 01:43 - 2017-01-06 01:43 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-06 01:43 - 2017-01-06 01:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-06 01:43 - 2017-01-06 01:43 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-06 01:43 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-06 00:05 - 2017-01-06 00:05 - 00000010 _____ C:\Users\Milosz\Downloads\56ddb8a8127c6.mp4
2017-01-06 00:05 - 2017-01-06 00:05 - 00000010 _____ C:\Users\Milosz\Downloads\56d8982c77a15.mp4
2017-01-06 00:04 - 2017-01-06 00:04 - 00000010 _____ C:\Users\Milosz\Downloads\56ce1664cb57d.mp4
2017-01-05 20:15 - 2017-01-05 20:15 - 00025656 _____ C:\Users\Milosz\Documents\Zeszyt1.ods
2017-01-05 20:15 - 2017-01-05 20:15 - 00015981 _____ C:\Users\Milosz\Documents\ss.ods
2017-01-05 20:04 - 2017-01-05 20:04 - 00000000 ____D C:\Users\Milosz\Desktop\Stare dane programu Firefox
2017-01-05 01:06 - 2017-01-05 01:11 - 172646643 _____ C:\Users\Milosz\Downloads\[Commie]+Musaigen+no+Phantom+World+02+[9DD4F2CB]-muxed.mp4
2017-01-04 22:10 - 2017-01-05 20:15 - 00138471 _____ C:\Users\Milosz\Downloads\wykresy lab 3.xlsx
2017-01-04 20:47 - 2017-01-04 20:47 - 00012121 _____ C:\Users\Milosz\Documents\antćw3.odt
2017-01-04 20:03 - 2017-01-04 20:03 - 01596491 _____ C:\Users\Milosz\Downloads\anteny.zip
2017-01-04 19:31 - 2017-01-05 20:15 - 00199168 _____ C:\Users\Milosz\Downloads\ćw3.xls
2017-01-04 19:12 - 2017-01-04 19:12 - 03344384 _____ C:\Users\Milosz\Downloads\Wyklad4_CM.ppt
2017-01-04 19:04 - 2017-01-04 19:04 - 00000829 _____ C:\Users\Milosz\Downloads\ZysKAL.zip
2017-01-04 18:28 - 2017-01-04 18:28 - 00020343 _____ C:\Users\Milosz\Downloads\7XII.rar
2017-01-04 18:28 - 2017-01-04 18:28 - 00000543 _____ C:\Users\Milosz\Downloads\anteny6.zip
2017-01-04 18:11 - 2017-01-04 18:16 - 00003566 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-04 18:11 - 2017-01-04 18:16 - 00003442 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-04 18:11 - 2017-01-04 18:11 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-04 18:11 - 2017-01-04 18:11 - 00002340 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-04 18:01 - 2017-01-04 18:01 - 00002860 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-01-04 18:01 - 2017-01-04 18:01 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-04 18:00 - 2017-01-04 18:01 - 08803648 _____ (Piriform Ltd) C:\Users\Milosz\Downloads\ccsetup525.exe
2017-01-04 17:58 - 2017-01-04 18:10 - 01065376 _____ (Google Inc.) C:\Users\Milosz\Downloads\ChromeSetup.exe
2017-01-04 17:57 - 2017-01-04 17:57 - 00936269 _____ C:\Users\Milosz\Downloads\Sprawozdanie-Anteny-Cw-3-1.pdf
2017-01-04 17:32 - 2017-01-04 17:32 - 00745960 _____ C:\Users\Milosz\Downloads\ANTENY LAB 3.7z
2017-01-04 17:30 - 2017-01-04 17:31 - 03977168 _____ C:\Users\Milosz\Downloads\adwcleaner_6.041 (2).exe
2017-01-04 16:11 - 2017-01-05 22:12 - 00036808 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-01-04 16:05 - 2017-01-04 16:05 - 00008458 _____ C:\Users\Milosz\Downloads\Yuujin A-kun wo Watashi no Bansousha ni Ninmeishimasu - Shigatsu wa Kimi no Uso BGM OST.mid
2017-01-04 14:53 - 2017-01-04 14:53 - 00016804 _____ C:\WINDOWS\System32\Tasks\5615r248o2m49
2017-01-04 14:53 - 2017-01-04 14:53 - 00000000 ___HD C:\ProgramData\5615r248o2m49
2017-01-04 12:07 - 2017-01-04 12:07 - 00000266 __RSH C:\Users\Milosz\ntuser.pol
2017-01-04 11:37 - 2017-01-04 11:38 - 54199488 _____ (Malwarebytes ) C:\Users\Milosz\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-04 11:32 - 2017-01-04 12:15 - 00000000 ____D C:\ProgramData\ProductData
2017-01-04 11:32 - 2017-01-04 11:32 - 00027552 _____ (REALiX™) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-01-04 11:32 - 2017-01-04 11:32 - 00000000 ____D C:\WINDOWS\IObit
2017-01-04 11:32 - 2017-01-04 11:32 - 00000000 ____D C:\Users\Milosz\AppData\LocalLow\IObit
2017-01-04 11:32 - 2017-01-04 11:32 - 00000000 ____D C:\ProgramData\IObit
2017-01-04 11:31 - 2017-01-04 11:31 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\IObit
2017-01-04 11:30 - 2017-01-04 12:05 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\Ghiduryljesy
2017-01-04 11:30 - 2017-01-04 11:49 - 00000000 ____D C:\Users\Milosz\AppData\Local\Chuqokguqas
2017-01-04 11:30 - 2017-01-04 11:30 - 00001042 _____ C:\Users\Milosz\Desktop\Play WarThunder.lnk
2017-01-04 11:30 - 2017-01-04 11:30 - 00000266 __RSH C:\ProgramData\ntuser.pol
2017-01-04 10:59 - 2017-01-05 22:50 - 00000000 ____D C:\Users\Milosz\Documents\Black Desert
2017-01-03 22:12 - 2017-01-05 22:12 - 00000000 ____D C:\Users\Milosz\AppData\Local\BlackDesertOnline
2017-01-03 22:12 - 2017-01-03 22:12 - 00000944 _____ C:\Users\Public\Desktop\Black Desert Online.lnk
2017-01-03 22:12 - 2017-01-03 22:12 - 00000944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Black Desert Online.lnk
2017-01-03 22:12 - 2017-01-03 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online
2017-01-03 22:10 - 2017-01-03 22:11 - 50625480 _____ (Daum Games EU) C:\Users\Milosz\Downloads\BlackDesertOnlineSetup_20160228_1005.exe
2017-01-03 18:53 - 2017-01-03 19:00 - 155491846 _____ C:\Users\Milosz\Downloads\Anime Pack, Volume 2.rar
2017-01-03 18:53 - 2017-01-03 18:57 - 183346074 _____ C:\Users\Milosz\Downloads\Anime Pack, Volume 1.rar
2017-01-03 17:55 - 2017-01-03 17:57 - 10576043 _____ C:\Users\Milosz\Downloads\osuplus_1.6.5_stable_1012-0212.apk
2017-01-03 16:45 - 2017-01-03 16:57 - 230703267 _____ C:\Users\Milosz\Downloads\videoplayback (11)
2017-01-03 16:45 - 2017-01-03 16:56 - 219231676 _____ C:\Users\Milosz\Downloads\videoplayback (10)
2017-01-03 16:44 - 2017-01-03 16:59 - 137596338 _____ C:\Users\Milosz\Downloads\55e4820a93566.mp4
2017-01-03 16:44 - 2017-01-03 16:56 - 219173762 _____ C:\Users\Milosz\Downloads\videoplayback (9)
2017-01-03 16:43 - 2017-01-03 16:44 - 06858961 _____ C:\Users\Milosz\Downloads\55d7882fbbd39 (1).mp4
2017-01-03 16:43 - 2017-01-03 16:43 - 09655513 _____ C:\Users\Milosz\Downloads\55d7882fbbd39.mp4
2017-01-03 16:42 - 2017-01-03 16:53 - 211528349 _____ C:\Users\Milosz\Downloads\videoplayback (8)
2017-01-02 21:51 - 2017-01-02 21:51 - 00000222 _____ C:\Users\Milosz\Desktop\Transistor.url
2017-01-02 21:44 - 2017-01-02 21:56 - 227605588 _____ C:\Users\Milosz\Downloads\videoplayback (6)
2017-01-02 21:44 - 2017-01-02 21:56 - 222869995 _____ C:\Users\Milosz\Downloads\videoplayback (7)
2017-01-01 22:04 - 2017-01-01 22:10 - 00869080 _____ C:\Users\Milosz\Downloads\09151219184.pdf
2017-01-01 19:54 - 2017-01-01 20:05 - 235707964 _____ C:\Users\Milosz\Downloads\videoplayback (5)
2017-01-01 19:53 - 2017-01-01 20:05 - 228888085 _____ C:\Users\Milosz\Downloads\videoplayback (3)
2017-01-01 19:53 - 2017-01-01 20:05 - 217400926 _____ C:\Users\Milosz\Downloads\videoplayback (4)
2017-01-01 19:53 - 2017-01-01 20:04 - 235533987 _____ C:\Users\Milosz\Downloads\videoplayback (2)
2017-01-01 19:53 - 2017-01-01 20:04 - 231371396 _____ C:\Users\Milosz\Downloads\videoplayback
2017-01-01 19:53 - 2017-01-01 20:04 - 230154114 _____ C:\Users\Milosz\Downloads\videoplayback (1)
2017-01-01 19:52 - 2017-01-01 19:52 - 03348025 _____ C:\Users\Milosz\Downloads\55a9185f58f2f.mp4
2016-12-31 23:00 - 2016-12-31 23:16 - 186703251 _____ C:\Users\Milosz\Downloads\55a7d651a2472.mp4
2016-12-31 23:00 - 2016-12-31 23:16 - 145694460 _____ C:\Users\Milosz\Downloads\55a50177e488f.mp4
2016-12-31 23:00 - 2016-12-31 23:16 - 143520676 _____ C:\Users\Milosz\Downloads\55a65d5fe9c55.mp4
2016-12-31 23:00 - 2016-12-31 23:15 - 169201570 _____ C:\Users\Milosz\Downloads\553d22c7ed19b.mp4
2016-12-31 23:00 - 2016-12-31 23:15 - 158146049 _____ C:\Users\Milosz\Downloads\553381bd17e35.mp4
2016-12-31 23:00 - 2016-12-31 23:15 - 157794106 _____ C:\Users\Milosz\Downloads\57779c210644f.mp4
2016-12-31 22:59 - 2016-12-31 23:15 - 175203206 _____ C:\Users\Milosz\Downloads\5527d32343e22.mp4
2016-12-31 18:23 - 2017-01-03 18:21 - 00000282 ___SH C:\Users\Milosz\Desktop\desktop.ini
2016-12-30 19:16 - 2016-12-30 19:16 - 00055677 _____ C:\Users\Milosz\Downloads\fizyka-sprawko-55 (1).docx
2016-12-30 17:49 - 2016-12-30 17:49 - 00271696 _____ C:\Users\Milosz\Downloads\1.docx
2016-12-28 23:36 - 2016-12-28 23:37 - 06840832 _____ C:\Users\Milosz\Downloads\5800e476dc98b.mp4
2016-12-27 19:27 - 2016-12-27 19:33 - 310294912 _____ C:\Users\Milosz\Downloads\私の嘘。PianoSolo - NKD.rar
2016-12-27 12:39 - 2016-12-27 12:39 - 01201256 _____ (Adobe Systems Incorporated) C:\Users\Milosz\Downloads\flashplayer24_xa_install.exe
2016-12-25 21:36 - 2016-12-25 21:36 - 00000219 _____ C:\Users\Milosz\Desktop\Left 4 Dead 2.url
2016-12-24 00:09 - 2016-12-24 00:10 - 01871877 _____ C:\Users\Milosz\Downloads\bez_ogonkow.zip
2016-12-24 00:09 - 2016-12-24 00:09 - 00000221 _____ C:\Users\Milosz\Desktop\Borderlands 2.url
2016-12-22 09:42 - 2016-12-22 09:42 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-22 09:42 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-22 09:42 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-22 09:42 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-22 09:42 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-22 09:40 - 2016-12-22 09:40 - 00000162 ____H C:\Users\Milosz\Downloads\~$rawozdanie Anteny Cw 2 — kopia.docx
2016-12-22 09:39 - 2016-12-22 09:39 - 00036864 _____ C:\Users\Milosz\Downloads\Strona_tyt-Lab_ANT (1).doc
2016-12-22 09:35 - 2016-12-12 04:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-22 09:29 - 2017-01-06 11:20 - 00005437 _____ C:\ProgramData\NvTelemetryContainer.log
2016-12-22 09:29 - 2017-01-05 20:17 - 00002938 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-22 09:28 - 2016-12-12 15:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-22 09:27 - 2016-12-22 09:38 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-12-22 09:26 - 2016-12-13 00:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-22 09:26 - 2016-12-13 00:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-21 21:52 - 2016-12-21 21:52 - 00888606 _____ C:\Users\Milosz\Downloads\Sprawozdanie Anteny Cw 2 — kopia.pdf
2016-12-21 21:50 - 2016-12-21 21:50 - 00000000 ____D C:\Users\Milosz\Downloads\Guitar Hero 3
2016-12-21 20:23 - 2016-12-21 20:23 - 00017288 _____ C:\Users\Milosz\Downloads\Guitar.Hero.III.Legends.of.Rock - SKIDROW.torrent
2016-12-21 17:45 - 2016-12-27 11:59 - 00048128 ___SH C:\Users\Milosz\Downloads\Thumbs.db
2016-12-21 17:45 - 2016-12-21 17:45 - 00037950 _____ C:\Users\Milosz\Downloads\15609131_1242368105849430_1429133713_o.png
2016-12-21 17:45 - 2016-12-21 17:45 - 00037944 _____ C:\Users\Milosz\Downloads\15658111_1242368129182761_1558614944_o.png
2016-12-21 17:45 - 2016-12-21 17:45 - 00037810 _____ C:\Users\Milosz\Downloads\15658887_1242392462513661_394216176_o.png
2016-12-21 17:45 - 2016-12-21 17:45 - 00033456 _____ C:\Users\Milosz\Downloads\15658970_1242392455846995_876708189_o.png
2016-12-21 17:45 - 2016-12-21 17:45 - 00031720 _____ C:\Users\Milosz\Downloads\15682416_1242392459180328_866642426_o.png
2016-12-21 17:45 - 2016-12-21 17:45 - 00026004 _____ C:\Users\Milosz\Downloads\15631276_1242368099182764_734352725_o.png
2016-12-21 11:26 - 2016-12-22 02:28 - 00080275 _____ C:\Users\Milosz\Downloads\new.xlsx
2016-12-21 00:52 - 2016-12-21 00:52 - 00774162 _____ C:\Users\Milosz\Downloads\projekt-lab-2-vfinal.pdf
2016-12-21 00:39 - 2016-12-21 11:27 - 00047671 _____ C:\Users\Milosz\Downloads\kołek.xlsx
2016-12-20 23:23 - 2016-12-20 23:23 - 00001617 _____ C:\Users\Milosz\Downloads\Niepotwierdzony 639072.crdownload
2016-12-20 23:13 - 2016-12-20 23:13 - 00004892 _____ C:\Users\Milosz\AppData\Local\recently-used.xbel
2016-12-20 21:51 - 2016-12-20 21:51 - 00027510 _____ C:\Users\Milosz\Downloads\PROJEKT-3 (1).docx
2016-12-20 20:48 - 2016-12-20 22:34 - 00025173 _____ C:\Users\Milosz\Downloads\PROJEKT-3.docx
2016-12-20 20:48 - 2016-12-20 20:48 - 00027510 ____H C:\Users\Milosz\Downloads\~WRL2899.tmp
2016-12-20 20:44 - 2016-12-20 20:44 - 00456127 _____ C:\Users\Milosz\Downloads\Analiza_IL-PIAST-2016-12-20-21_57.png
2016-12-20 20:00 - 2016-12-21 20:21 - 00372248 _____ C:\Users\Milosz\Downloads\Sprawozdanie Anteny Cw 2 — kopia.docx
2016-12-20 20:00 - 2016-12-20 20:00 - 00427785 ____H C:\Users\Milosz\Downloads\~WRL1364.tmp
2016-12-20 20:00 - 2016-12-20 20:00 - 00427785 _____ C:\Users\Milosz\Downloads\Sprawozdanie Anteny Cw 2 — kopia (1).docx
2016-12-20 19:56 - 2016-12-20 19:56 - 00009961 _____ C:\Users\Milosz\Downloads\virus.exe.7z
2016-12-18 14:44 - 2016-12-18 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex Workshop v6.8
2016-12-18 14:44 - 2016-12-18 14:44 - 00000000 ____D C:\Program Files\BreakPoint Software
2016-12-18 14:43 - 2016-12-18 14:44 - 18864464 _____ (BreakPoint Software) C:\Users\Milosz\Downloads\hw_v680.exe
2016-12-18 14:42 - 2016-12-22 01:46 - 00000000 ____D C:\Users\Milosz\Documents\Aspyr
2016-12-18 14:41 - 2016-12-18 14:41 - 02548793 _____ C:\Users\Milosz\Downloads\vty-0256.7z
2016-12-18 13:05 - 2016-12-22 01:46 - 00000000 ____D C:\Users\Milosz\AppData\Local\Aspyr
2016-12-18 10:41 - 2016-12-18 10:41 - 03977168 _____ C:\Users\Milosz\Downloads\adwcleaner_6.041 (1).exe
2016-12-18 02:36 - 2017-01-06 12:03 - 00000000 ____D C:\AdwCleaner
2016-12-18 02:36 - 2016-12-18 02:36 - 03977168 _____ C:\Users\Milosz\Downloads\adwcleaner_6.041.exe
2016-12-18 02:35 - 2016-12-18 02:35 - 02964472 _____ (Google) C:\Users\Milosz\Downloads\chrome_cleanup_tool.exe
2016-12-18 00:26 - 2016-12-18 00:26 - 00000935 _____ C:\Users\Public\Desktop\Play Guitar Hero World Tour.lnk
2016-12-17 23:38 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-12-17 23:38 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-12-17 23:38 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-12-17 23:38 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-12-17 23:38 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-12-17 23:38 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-12-17 22:03 - 2016-12-30 19:46 - 00042039 _____ C:\Users\Milosz\Downloads\fizyka-sprawko-55.docx
2016-12-17 15:40 - 2016-12-17 15:40 - 00077884 _____ C:\Users\Milosz\Downloads\15320443_1415514385155381_1975078022_n (1).jpg
2016-12-16 11:55 - 2016-12-16 11:55 - 00077884 _____ C:\Users\Milosz\Downloads\15320443_1415514385155381_1975078022_n.jpg
2016-12-16 11:54 - 2016-12-16 11:54 - 00076031 _____ C:\Users\Milosz\Downloads\15401336_1415514421822044_686343686_n.jpg
2016-12-16 11:54 - 2016-12-16 11:54 - 00060940 _____ C:\Users\Milosz\Downloads\15319500_1415514468488706_174192601_n.jpg
2016-12-16 11:49 - 2016-12-16 11:49 - 00019763 _____ C:\Users\Milosz\Downloads\bilet.pdf
2016-12-16 01:52 - 2016-12-16 01:52 - 00232035 _____ C:\Users\Milosz\Downloads\Kodeki opracowanie FINAL.docx
2016-12-15 18:40 - 2016-12-15 18:40 - 00069262 _____ C:\Users\Milosz\Downloads\media lab 4 v2(1).docx
2016-12-15 18:15 - 2016-12-15 18:15 - 00066281 _____ C:\Users\Milosz\Downloads\media lab 4 v2.docx
2016-12-15 17:37 - 2016-12-15 18:27 - 00483410 _____ C:\Users\Milosz\Documents\Ćwiczenie 7 PTM (Automatycznie zapisany).pdf
2016-12-15 17:36 - 2016-12-16 15:17 - 00021976 _____ C:\Users\Milosz\Documents\Ćwiczenie 7 PTM (Automatycznie zapisany).docx
2016-12-15 16:59 - 2016-12-16 15:17 - 00022443 _____ C:\Users\Milosz\Downloads\media lab 4(2).docx
2016-12-15 16:56 - 2016-12-15 16:56 - 00029550 _____ C:\Users\Milosz\Downloads\media lab 4(1).docx
2016-12-14 16:07 - 2016-12-14 16:07 - 00000000 ____D C:\Users\Milosz\AppData\Local\Chromium
2016-12-14 00:04 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-14 00:04 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 00:04 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 00:04 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-14 00:04 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 00:04 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-14 00:04 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-14 00:04 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-14 00:04 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-14 00:04 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-14 00:04 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 00:04 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-14 00:04 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-14 00:04 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-14 00:04 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-14 00:04 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-14 00:04 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-14 00:04 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-14 00:04 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-14 00:04 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 00:04 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-14 00:04 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-14 00:04 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 00:04 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-14 00:04 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-14 00:04 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 00:04 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 00:04 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 00:04 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-14 00:04 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 00:04 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-14 00:04 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-14 00:04 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-14 00:04 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-14 00:04 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-14 00:04 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-14 00:04 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-14 00:04 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-14 00:04 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-14 00:04 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-14 00:04 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-14 00:04 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-13 23:59 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-13 23:59 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-13 23:59 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-13 23:59 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-13 23:59 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 23:59 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-13 23:59 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-13 23:59 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-13 23:59 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-13 23:59 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-13 23:59 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-13 23:59 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-13 23:59 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-13 23:59 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-13 23:59 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-13 23:59 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-13 23:59 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-13 23:59 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-13 23:59 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-13 23:59 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-13 23:59 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-13 23:59 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-13 23:59 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-13 23:59 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-13 23:59 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-13 23:59 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-13 23:59 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-13 23:59 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-13 23:59 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-13 23:59 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-13 23:59 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-13 23:59 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-13 23:59 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-13 23:59 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-13 23:59 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-13 23:59 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-13 23:59 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-13 23:59 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-13 23:59 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-13 23:59 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-13 23:59 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-13 23:59 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-13 23:59 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-13 23:59 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-13 23:59 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-13 23:59 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-13 23:59 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-13 23:59 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-13 23:59 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-13 23:58 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-13 23:58 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-13 23:58 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-13 23:58 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-13 23:58 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-13 23:58 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-13 23:58 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-13 23:58 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-13 23:58 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-13 23:58 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-13 23:58 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-13 23:58 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-13 23:58 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-13 23:58 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-13 23:58 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-13 23:58 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-13 23:58 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-13 23:58 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-13 23:58 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-13 23:58 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-13 23:58 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-13 23:58 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-13 23:58 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-13 23:58 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-13 23:58 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-13 23:31 - 2016-12-13 23:31 - 00001617 _____ C:\Users\Milosz\Downloads\Niepotwierdzony 916382.crdownload
2016-12-13 23:27 - 2016-12-13 23:27 - 00483062 _____ C:\Users\Milosz\Downloads\Ćwiczenie 7 PTM.pdf
2016-12-13 21:25 - 2016-12-13 21:25 - 00022963 _____ C:\Users\Milosz\Downloads\Sprawozdanie-ćw-7.docx
2016-12-13 21:13 - 2016-12-13 21:13 - 00159250 _____ C:\Users\Milosz\Downloads\15536852_1235676939851880_771726328_o (1).jpg
2016-12-13 21:04 - 2016-12-13 21:04 - 00070324 _____ C:\Users\Milosz\Downloads\media lab 4.docx
2016-12-13 21:04 - 2016-12-13 21:04 - 00000162 ____H C:\Users\Milosz\Downloads\~$dia lab 4.docx
2016-12-13 21:02 - 2016-12-13 21:02 - 00169300 _____ C:\Users\Milosz\Downloads\15502854_1235677023185205_861317238_o.jpg
2016-12-13 20:55 - 2016-12-13 20:55 - 00000162 ____H C:\Users\Milosz\Downloads\~$iczenie 7 PTM.docx
2016-12-13 20:53 - 2016-12-13 20:53 - 00232838 _____ C:\Users\Milosz\Downloads\15540127_1235555313197376_224745691_o (1).jpg
2016-12-13 20:53 - 2016-12-13 20:53 - 00159250 _____ C:\Users\Milosz\Downloads\15536852_1235676939851880_771726328_o.jpg
2016-12-13 20:51 - 2016-12-13 22:03 - 00022227 _____ C:\Users\Milosz\Downloads\Ćwiczenie 7 PTM.docx
2016-12-13 20:51 - 2016-12-13 20:51 - 00075356 ____H C:\Users\Milosz\Downloads\~WRL1616.tmp
2016-12-13 18:26 - 2016-12-13 18:26 - 00008142 _____ C:\Users\Milosz\Documents\d.odt
2016-12-13 18:05 - 2016-12-13 18:05 - 00235575 _____ C:\Users\Milosz\Downloads\15491911_1235555316530709_1522278059_o.jpg
2016-12-13 18:05 - 2016-12-13 18:05 - 00232838 _____ C:\Users\Milosz\Downloads\15540127_1235555313197376_224745691_o.jpg
2016-12-13 14:27 - 2016-12-13 14:27 - 00210176 _____ C:\Users\Milosz\Downloads\15555282_1425273107512842_1804191309_o.jpg
2016-12-13 14:25 - 2016-12-13 14:28 - 01245753 _____ C:\Users\Milosz\Downloads\091584219184.pdf
2016-12-13 14:24 - 2016-12-13 14:24 - 00225246 _____ C:\Users\Milosz\Downloads\15540584_1425269314179888_1012641359_o.jpg
2016-12-12 23:39 - 2016-12-13 19:07 - 00465577 _____ C:\Users\Milosz\Downloads\84.docx
2016-12-11 21:59 - 2016-12-11 21:59 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-12-11 21:26 - 2016-12-12 00:34 - 00000000 _____ C:\WINDOWS\SysWOW64\Access.dat
2016-12-11 13:37 - 2016-12-12 00:34 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\Tunngle
2016-12-11 13:37 - 2016-12-11 21:26 - 00000000 ____D C:\ProgramData\Tunngle
2016-12-11 13:37 - 2016-12-11 13:38 - 00000000 ____D C:\Program Files (x86)\Tunngle
2016-12-11 13:37 - 2016-12-11 13:37 - 00001062 _____ C:\Users\Public\Desktop\Tunngle.lnk
2016-12-11 13:37 - 2016-12-11 13:37 - 00000000 ____D C:\Users\Public\Documents\Tunngle
2016-12-11 13:37 - 2016-12-11 13:37 - 00000000 ____D C:\Users\Milosz\Documents\Tunngle
2016-12-11 13:37 - 2016-12-11 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2016-12-11 13:37 - 2016-04-26 16:10 - 00048824 _____ (Tunngle.net GmbH) C:\WINDOWS\system32\Drivers\tap0901t.sys
2016-12-11 13:35 - 2016-12-11 13:36 - 04832624 _____ (Tunngle.net GmbH ) C:\Users\Milosz\Downloads\Tunngle_Setup_v5.8.7.exe
2016-12-11 12:02 - 2017-01-04 18:04 - 00000000 ____D C:\Users\Milosz\AppData\Local\LogMeIn Hamachi
2016-12-11 11:56 - 2016-12-14 16:02 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-12-11 11:56 - 2016-12-14 16:02 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-12-11 11:53 - 2016-12-11 11:53 - 08716288 _____ C:\Users\Milosz\Downloads\hamachi 2.0.385.msi
2016-12-10 14:52 - 2016-12-10 14:53 - 05684737 _____ C:\Users\Milosz\Downloads\dungeon_siege_revived_loa_v0.9.0.zip
2016-12-10 14:44 - 2016-12-10 23:34 - 00000000 ____D C:\Users\Milosz\Documents\Dungeon Siege LOA
2016-12-10 14:38 - 2016-12-10 14:38 - 00000955 _____ C:\Users\Public\Desktop\Dungeon Siege Legends of Aranna.lnk
2016-12-10 14:38 - 2016-12-10 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeon Siege Legends of Aranna
2016-12-10 14:36 - 2016-12-10 14:36 - 00000000 ____D C:\WINDOWS\Installing Adobe Acrobat Reader
2016-12-10 14:35 - 2016-12-10 14:35 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-12-10 14:26 - 2016-12-10 14:26 - 00000000 ____D C:\Users\Milosz\AppData\Local\LogMeIn
2016-12-10 14:26 - 2016-12-10 14:26 - 00000000 ____D C:\ProgramData\LogMeIn
2016-12-10 14:24 - 2016-12-11 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-12-10 14:23 - 2016-12-10 14:23 - 08417280 _____ C:\Users\Milosz\Downloads\hamachi.msi
2016-12-10 14:20 - 2016-12-10 14:22 - 00000000 ____D C:\Users\Milosz\Downloads\Dungeon Siege &  Legends of Aranna Expansion
2016-12-10 14:20 - 2016-12-10 14:20 - 00002732 _____ C:\Users\Milosz\Desktop\µTorrent.lnk
2016-12-10 14:20 - 2016-12-10 14:20 - 00002732 _____ C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-10 14:05 - 2016-12-10 14:05 - 51947152 _____ C:\Users\Milosz\Downloads\Dungeon Siege Legends of Aranna - spolszczenie.rar
2016-12-10 14:05 - 2016-12-10 14:05 - 51947152 _____ C:\Users\Milosz\Downloads\Dungeon Siege Legends of Aranna - spolszczenie (1).rar
2016-12-10 13:50 - 2016-12-10 13:50 - 04390144 _____ (Smart Projects ) C:\Users\Milosz\Downloads\IsoBuster 3.6 [1].exe
2016-12-10 13:50 - 2016-12-10 13:50 - 00000000 ____D C:\Program Files\McAfee
2016-12-10 13:43 - 2017-01-04 18:04 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\uTorrent
2016-12-10 13:42 - 2016-12-10 13:42 - 02403520 _____ (BitTorrent Inc.) C:\Users\Milosz\Downloads\uTorrent.exe
2016-12-10 01:16 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 01:16 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 01:16 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 01:16 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 01:16 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 01:16 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 01:16 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 01:16 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 01:16 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 01:16 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 01:16 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 01:16 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 01:16 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 01:16 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 01:16 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 01:16 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 01:16 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 01:16 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 01:16 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 01:16 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 01:16 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 01:16 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 01:16 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 01:16 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 01:16 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 01:16 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 01:16 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 01:16 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 01:16 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 01:16 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 01:16 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 01:16 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 01:16 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 01:16 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 01:16 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 01:16 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 01:16 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 01:16 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 01:16 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 01:16 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 01:16 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 01:16 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 01:16 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 01:16 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 01:16 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 01:16 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 01:16 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 01:16 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 01:16 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 01:16 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 01:16 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 01:16 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 01:16 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 01:16 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 01:16 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 01:16 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 01:16 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 01:16 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 01:16 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 01:16 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 01:16 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 01:16 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 01:16 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 01:16 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 01:16 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 01:16 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 01:16 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 01:16 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 01:16 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 01:16 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 01:16 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 01:16 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 01:16 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 01:16 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 01:16 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 01:16 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 01:16 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 01:16 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 01:16 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 01:16 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 01:16 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-10 01:16 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 01:16 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 01:16 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 01:16 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 01:16 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 01:16 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 01:16 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 01:16 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 01:16 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 01:16 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 01:16 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 01:16 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 01:16 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 01:16 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 01:16 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 01:16 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 01:16 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 01:16 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 01:16 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 01:16 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 01:16 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 01:16 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 01:16 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 01:16 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 01:16 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 01:16 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 01:16 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 01:16 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 01:16 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 01:16 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 01:16 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 01:16 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 01:16 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 01:16 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 01:16 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 01:16 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 01:16 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 01:16 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 01:16 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 01:16 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 01:16 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 01:16 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 01:16 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 01:16 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 01:16 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 01:16 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 01:16 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-10 01:16 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 01:16 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 01:16 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 01:16 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 01:16 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 01:16 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 01:16 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 01:16 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 01:16 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 01:16 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 01:16 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 01:16 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 01:16 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 01:16 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 01:16 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 01:16 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 01:16 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 01:16 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 01:16 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 01:16 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 01:16 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 01:16 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 01:16 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 01:16 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 01:16 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 01:16 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 01:16 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 01:16 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 01:16 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 01:16 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 01:16 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 01:16 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 01:16 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 01:16 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 01:16 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 01:16 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 01:16 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 01:16 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 01:16 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 01:16 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 01:16 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 01:16 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 01:16 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 01:16 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 01:16 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 01:16 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 01:16 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 01:16 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 01:16 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 01:16 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 01:16 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 01:16 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 01:16 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 01:16 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 01:16 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 01:16 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 01:16 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 01:16 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 01:16 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 01:16 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 01:16 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 01:16 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 01:16 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 01:16 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 01:16 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 01:16 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 01:16 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 01:16 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 01:16 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 01:16 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 01:16 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 01:16 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 01:16 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 01:16 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 01:16 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 01:16 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 01:16 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 01:16 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 01:16 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 01:16 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 01:16 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 01:16 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 01:16 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 01:16 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 01:16 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 01:15 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 01:15 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 01:15 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 01:15 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 01:15 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 01:15 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 01:15 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 01:15 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 01:15 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 01:15 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 01:15 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 01:15 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 01:15 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 01:15 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 01:15 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 01:15 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 01:15 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 01:15 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 01:15 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 01:15 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 01:15 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 01:15 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 01:15 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 01:15 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 01:15 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 01:15 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 01:15 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 01:15 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 01:15 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 01:15 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 01:15 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 01:15 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 01:15 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 01:15 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 01:15 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 01:15 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 01:15 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 01:15 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 01:15 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 01:15 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 01:15 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 01:15 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 01:15 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 01:15 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 01:15 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 01:15 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 01:15 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 01:15 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 01:15 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 01:15 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 01:15 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 01:15 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 01:15 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 01:15 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 01:15 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 01:15 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-09 06:55 - 2016-12-09 06:55 - 00000000 ___HD C:\OneDriveTemp
2016-12-07 20:00 - 2016-12-07 20:00 - 01412458 _____ C:\Users\Milosz\Downloads\Anteny_PFR_zad1i2.zip
2016-12-07 19:49 - 2016-12-07 19:49 - 00047693 _____ C:\Users\Milosz\Downloads\IMG_07122016_194943.png

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-06 12:52 - 2016-05-04 00:19 - 00000000 ____D C:\Users\Milosz\AppData\Local\Battle.net
2017-01-06 12:20 - 2016-11-22 12:24 - 00000000 ____D C:\Users\Milosz\AppData\LocalLow\Mozilla
2017-01-06 12:01 - 2016-02-04 16:20 - 00000000 ____D C:\Users\Milosz\Documents\Dla Pawła
2017-01-06 11:24 - 2015-04-22 15:11 - 00000000 ____D C:\Users\Milosz\AppData\Local\Ubisoft Game Launcher
2017-01-06 11:21 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-06 11:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-06 11:21 - 2015-04-19 20:49 - 00000000 ____D C:\Users\Milosz\AppData\Local\Packages
2017-01-06 11:20 - 2016-08-20 09:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-06 11:01 - 2015-12-30 15:33 - 00000000 ____D C:\Users\Milosz\AppData\Local\CrashDumps
2017-01-06 11:01 - 2015-05-27 15:18 - 00000000 ____D C:\Users\Milosz\.VirtualBox
2017-01-06 11:00 - 2016-12-01 21:52 - 00000000 ____D C:\ProgramData\SlySoft
2017-01-06 11:00 - 2015-09-29 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2017-01-06 10:59 - 2015-10-07 15:07 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-01-06 10:58 - 2016-10-23 22:50 - 00000000 ____D C:\ti
2017-01-06 10:58 - 2016-07-14 18:08 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-06 10:53 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-06 02:59 - 2016-10-07 14:33 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2017-01-06 02:55 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-06 02:50 - 2016-08-20 09:45 - 00000000 ____D C:\Users\Milosz
2017-01-06 02:49 - 2016-08-20 09:40 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-06 01:43 - 2015-12-10 12:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-05 20:19 - 2015-04-22 07:31 - 00000000 ____D C:\Users\Milosz\AppData\Local\Adobe
2017-01-05 20:18 - 2016-08-20 09:41 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-05 20:18 - 2015-04-19 20:49 - 00000000 __SHD C:\Users\Milosz\IntelGraphicsProfiles
2017-01-05 20:17 - 2016-08-20 10:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-05 20:16 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-05 20:15 - 2016-11-06 19:19 - 00000000 ____D C:\Users\Milosz\Documents\2016
2017-01-05 20:15 - 2016-11-06 18:50 - 00000000 ____D C:\Users\Milosz\Documents\inne
2017-01-05 20:05 - 2015-04-19 20:45 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\Skype
2017-01-05 01:26 - 2016-11-09 17:07 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\MPC-HC
2017-01-04 18:11 - 2015-04-19 22:59 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-04 18:04 - 2016-09-05 21:49 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-04 18:04 - 2015-09-28 21:39 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\DAEMON Tools Lite
2017-01-04 17:25 - 2015-12-02 08:38 - 00000000 ____D C:\Temp
2017-01-04 14:53 - 2015-04-19 20:49 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\Adobe
2017-01-04 12:10 - 2016-07-16 23:05 - 00744958 _____ C:\WINDOWS\system32\perfh015.dat
2017-01-04 12:10 - 2016-07-16 23:05 - 00159698 _____ C:\WINDOWS\system32\perfc015.dat
2017-01-04 12:10 - 2015-07-31 15:57 - 01977492 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-04 12:09 - 2016-03-23 09:44 - 00000165 _____ C:\Users\Milosz\AppData\Roaming\sp_data.sys
2017-01-04 12:08 - 2016-07-30 12:43 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-01-04 11:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-01-03 21:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-03 18:33 - 2016-09-13 10:38 - 00000000 ___RD C:\Users\Milosz\OneDrive
2017-01-03 14:00 - 2015-08-23 09:07 - 00000000 ____D C:\Users\Milosz\.gimp-2.8
2017-01-01 20:26 - 2015-05-01 21:16 - 00000000 ____D C:\Users\Milosz\AppData\Local\Warframe
2017-01-01 00:17 - 2015-04-20 12:07 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\Synthesia
2016-12-30 17:50 - 2015-11-07 15:38 - 00000000 ____D C:\Users\Milosz\Documents\Fiz
2016-12-30 14:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-30 14:33 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-29 12:18 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-29 12:17 - 2014-10-21 05:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-28 21:53 - 2015-05-06 11:04 - 00000000 ____D C:\Users\Milosz\AppData\Local\Diagnostics
2016-12-28 17:41 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-24 00:52 - 2015-04-19 20:32 - 00000000 ____D C:\Users\Milosz\Documents\My Games
2016-12-23 23:45 - 2015-07-03 19:16 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-12-22 09:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-12-22 09:29 - 2016-10-19 20:27 - 00001487 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-22 09:29 - 2016-08-20 09:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-22 09:29 - 2016-08-20 09:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-22 09:29 - 2015-04-19 20:49 - 00000000 ____D C:\Users\Milosz\AppData\Local\NVIDIA
2016-12-22 09:28 - 2015-04-19 20:50 - 00000000 ____D C:\Users\Milosz\AppData\Local\NVIDIA Corporation
2016-12-22 09:28 - 2014-12-25 16:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-22 02:29 - 2016-08-20 09:45 - 00524288 ___SH C:\Users\Milosz\NTUSER.DAT{a33bc43b-66b9-11e6-b1d3-8f5f02bf6f6d}.TMContainer00000000000000000001.regtrans-ms
2016-12-21 18:28 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-20 23:13 - 2015-08-23 09:08 - 00000000 ____D C:\Users\Milosz\AppData\Local\gtk-2.0
2016-12-20 17:52 - 2015-04-20 12:19 - 00000000 ____D C:\Users\Milosz\AppData\Local\ElevatedDiagnostics
2016-12-18 14:42 - 2015-12-14 01:17 - 00000000 ___RD C:\Users\Milosz\3D Objects
2016-12-18 13:35 - 2016-08-20 09:45 - 00000000 ____D C:\Users\Milosz\AppData\Local\Microsoft
2016-12-18 10:38 - 2015-04-19 15:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-17 23:56 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\assembly
2016-12-15 19:40 - 2016-08-20 09:44 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 15:09 - 2016-02-12 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-15 03:12 - 2016-07-16 07:04 - 00016384 _____ C:\Users\Default\NTUSER.DAT
2016-12-15 03:09 - 2016-08-20 09:37 - 05022232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-15 03:08 - 2016-08-20 09:37 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 03:08 - 2016-08-20 09:37 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-15 03:07 - 2016-07-16 12:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-15 03:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-15 03:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-15 03:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-15 03:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-15 03:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-14 16:55 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 16:07 - 2015-04-19 23:03 - 00000000 ____D C:\Users\Milosz\AppData\Local\Steam
2016-12-14 11:14 - 2015-04-19 17:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 11:10 - 2015-04-19 17:26 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-13 21:53 - 2016-11-29 19:54 - 02677603 _____ C:\Users\Milosz\Documents\media lab 6.docx
2016-12-13 14:29 - 2015-04-21 11:55 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\CodeBlocks
2016-12-13 00:37 - 2016-10-19 20:27 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-13 00:37 - 2016-10-19 20:27 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-13 00:37 - 2016-10-19 20:27 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-13 00:37 - 2016-10-19 20:27 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-13 00:37 - 2016-10-19 20:27 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-13 00:36 - 2016-05-09 18:36 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-12 04:03 - 2016-07-27 08:20 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-12 04:03 - 2016-07-27 08:20 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-12 04:03 - 2016-07-27 08:20 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-12 00:56 - 2016-11-09 03:09 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-11-09 03:09 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 19:47 - 2016-10-19 20:26 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-11 19:47 - 2016-08-20 09:39 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-11 19:47 - 2016-08-20 09:39 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-11 19:47 - 2016-08-20 09:39 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-11 19:47 - 2016-08-20 09:39 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-11 19:47 - 2016-08-20 09:39 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-11 19:47 - 2016-08-20 09:39 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-11 19:47 - 2016-08-20 09:39 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-11 13:37 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Public\Documents
2016-12-11 12:22 - 2016-08-20 10:36 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-11 12:22 - 2015-08-15 19:12 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\TS3Client
2016-12-11 11:56 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default\AppData\Local
2016-12-11 11:56 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default User\AppData\Local
2016-12-11 05:16 - 2016-11-24 20:22 - 00000513 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-12-11 00:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2016-12-11 00:16 - 2016-07-16 12:47 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-10 23:34 - 2016-12-01 21:07 - 00000000 ____D C:\Users\Milosz\Documents\Dungeon Siege
2016-12-10 23:01 - 2016-08-20 10:23 - 00000174 ___SH C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-10 23:01 - 2015-04-19 20:49 - 00000402 ___SH C:\Users\Milosz\Documents\desktop.ini
2016-12-10 23:01 - 2015-04-19 20:49 - 00000174 ___SH C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-10 23:01 - 2015-04-19 20:49 - 00000000 ___RD C:\Users\Milosz\Searches
2016-12-10 23:01 - 2015-04-19 20:49 - 00000000 ___RD C:\Users\Milosz\Contacts
2016-12-10 23:01 - 2015-04-19 20:49 - 00000000 ___RD C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-10 23:01 - 2015-04-19 20:49 - 00000000 ___RD C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-10 23:01 - 2015-04-19 20:48 - 00000000 ___RD C:\Users\Milosz\Saved Games
2016-12-10 23:01 - 2015-04-19 20:48 - 00000000 ___RD C:\Users\Milosz\Links
2016-12-10 23:01 - 2015-04-19 20:48 - 00000000 ___RD C:\Users\Milosz\Favorites
2016-12-10 23:01 - 2015-04-19 20:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-10 22:54 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-10 22:54 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-10 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-10 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-10 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-10 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-10 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-10 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-10 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-10 22:54 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-10 22:54 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-10 22:54 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-10 22:54 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-10 22:54 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-10 14:38 - 2016-12-01 20:59 - 00000998 _____ C:\Users\Public\Desktop\Dungeon Siege.lnk
2016-12-10 13:50 - 2015-05-28 09:07 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-10 13:50 - 2014-12-25 16:39 - 00000000 ____D C:\ProgramData\McAfee
2016-12-10 12:12 - 2016-11-06 19:20 - 00000000 ____D C:\Users\Milosz\Documents\elementy
2016-12-10 10:02 - 2016-11-11 18:40 - 00031239 _____ C:\Users\Milosz\Downloads\fizyka-obliczenia (1).xlsx
2016-12-10 01:01 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-09 09:52 - 2016-08-20 09:39 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-09 06:55 - 2015-07-31 16:10 - 00002453 _____ C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories =======

2016-04-18 22:26 - 2016-04-17 10:26 - 0000040 ____H () C:\Program Files (x86)\6cc0b0a0.tmp
2016-03-23 21:40 - 2016-03-23 21:47 - 0002667 _____ () C:\Users\Milosz\AppData\Roaming\droid4xinstaller.log
2016-02-28 16:54 - 2016-05-09 15:36 - 0004751 _____ () C:\Users\Milosz\AppData\Roaming\LTspiceIV.ini
2015-10-01 19:58 - 2015-10-03 16:32 - 0002155 _____ () C:\Users\Milosz\AppData\Roaming\SpeedRunnersLog.txt
2016-03-23 09:44 - 2017-01-04 12:09 - 0000165 _____ () C:\Users\Milosz\AppData\Roaming\sp_data.sys
2015-04-19 20:49 - 2015-07-31 15:21 - 0313542 _____ () C:\Users\Milosz\AppData\Local\BTServer.log
2016-04-25 21:16 - 2016-04-25 21:16 - 0000600 _____ () C:\Users\Milosz\AppData\Local\PUTTY.RND
2016-12-20 23:13 - 2016-12-20 23:13 - 0004892 _____ () C:\Users\Milosz\AppData\Local\recently-used.xbel
2015-12-10 20:23 - 2015-12-13 22:09 - 0007602 _____ () C:\Users\Milosz\AppData\Local\Resmon.ResmonCfg
2015-08-08 10:28 - 2015-08-08 10:28 - 0000000 _____ () C:\Users\Milosz\AppData\Local\{7E28A2B1-F9E2-4F72-8354-8EF36D298DD3}
2015-09-03 00:49 - 2015-09-03 00:49 - 0000016 _____ () C:\ProgramData\mntemp
2016-12-22 09:29 - 2017-01-06 11:20 - 0005437 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-22 09:29 - 2017-01-05 20:17 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2016-04-09 16:56 - 2016-04-09 16:56 - 0004131 _____ () C:\ProgramData\rxsmznjf.zcp
2014-10-21 05:28 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-21 05:28 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-21 05:28 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\WINDOWS\TEMP\g6F4B.tmp.exe
C:\Users\Milosz\Uninst0.dat
C:\Users\Milosz\Uninst0.exe


Some files in TEMP:
====================
C:\Users\Milosz\AppData\Local\Temp\0209301483697013mcinst.exe
C:\Users\Milosz\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
C:\Users\Milosz\AppData\Local\Temp\8FE0.tmp.exe
C:\Users\Milosz\AppData\Local\Temp\9f1ea41bb877aa795a8d2cbed5d97022.dll
C:\Users\Milosz\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\Milosz\AppData\Local\Temp\DS_patch_1_10_pol.exe
C:\Users\Milosz\AppData\Local\Temp\g5A26.tmp.exe
C:\Users\Milosz\AppData\Local\Temp\libeay32.dll
C:\Users\Milosz\AppData\Local\Temp\MGS5C2E.Exe
C:\Users\Milosz\AppData\Local\Temp\MGS5CDA.DLL
C:\Users\Milosz\AppData\Local\Temp\msvcr120.dll
C:\Users\Milosz\AppData\Local\Temp\NvTelemetry.dll
C:\Users\Milosz\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\Milosz\AppData\Local\Temp\NvTelemetryAPI64.dll
C:\Users\Milosz\AppData\Local\Temp\Setup.Exe
C:\Users\Milosz\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Milosz\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-03 14:58

==================== End of FRST.txt ============================"



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:33 PM

Posted 07 January 2017 - 11:28 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

() C:\Windows\Temp\g6F4B.tmp.exe
HKLM\...\RunOnce: [wd] => C:\WINDOWS\TEMP\g6F4B.tmp.exe [191488 2017-01-06] () <===== ATTENTION
ShellExecuteHooks: No Name - {5E5DD81E-CC36-11E6-A1DE-64006A5CFC23} -  -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-01-06]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
ProxyEnable: [S-1-5-21-1398810750-701520212-253893804-1001] => Proxy is enabled.
ProxyEnable: [S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520] => Proxy is enabled.
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
CHR Extension: (Flash Video Downloader) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-01-04]
CHR Extension: (Video Downloader Pro) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilppkoakomgpcblpemgbloapenijdcho [2017-01-04]
CHR Extension: (Platnosci w sklepie Chrome Web Store) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-04]
CHR Extension: (Chrome Media Router) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-04]
S4 AIPS; d:\Program Files (x86)\netcut\services\AIPS.exe [X]
S4 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]
S2 Phiblysuputher; C:\Program Files (x86)\Jerqerthervnaly\SerpocultCnf.dll [X]
C:\Windows\Temp\g6F4B.tmp.exe
C:\WINDOWS\TEMP\g6F4B.tmp.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk

RemoveProxy:
Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and include the Addition.txt file that was created by the Farbar tool.

Let me know what problem persists.

p.s.
Please do no create a new topic for this problem. Post in this topic.

#3 wpadka

wpadka
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 10 January 2017 - 11:45 AM

Fixlog.txt

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017

Ran by Milosz (10-01-2017 17:13:01) Run:2
Running from C:\Users\Milosz\Downloads
Loaded Profiles: Milosz (Available Profiles: Milosz)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
() C:\Windows\Temp\g6F4B.tmp.exe
HKLM\...\RunOnce: [wd] => C:\WINDOWS\TEMP\g6F4B.tmp.exe [191488 2017-01-06] () <===== ATTENTION
ShellExecuteHooks: No Name - {5E5DD81E-CC36-11E6-A1DE-64006A5CFC23} -  -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-01-06]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
ProxyEnable: [S-1-5-21-1398810750-701520212-253893804-1001] => Proxy is enabled.
ProxyEnable: [S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520] => Proxy is enabled.
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
CHR Extension: (Flash Video Downloader) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-01-04]
CHR Extension: (Video Downloader Pro) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilppkoakomgpcblpemgbloapenijdcho [2017-01-04]
CHR Extension: (Platnosci w sklepie Chrome Web Store) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-04]
CHR Extension: (Chrome Media Router) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-04]
S4 AIPS; d:\Program Files (x86)\netcut\services\AIPS.exe [X]
S4 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]
S2 Phiblysuputher; C:\Program Files (x86)\Jerqerthervnaly\SerpocultCnf.dll [X]
C:\Windows\Temp\g6F4B.tmp.exe
C:\WINDOWS\TEMP\g6F4B.tmp.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
 
RemoveProxy:
Reboot:
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Windows\Temp\g6F4B.tmp.exe => No running process found
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\wd => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{5E5DD81E-CC36-11E6-A1DE-64006A5CFC23} => value not found.
HKCR\CLSID\{5E5DD81E-CC36-11E6-A1DE-64006A5CFC23} => key not found. 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk => not found.
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File) => not found.
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found.
HKU\S-1-5-21-1398810750-701520212-253893804-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
 

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017

Ran by Milosz (06-01-2017 12:59:30)
Running from C:\Users\Milosz\Downloads
Windows 10 Home Version 1607 (X64) (2016-08-20 09:14:35)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1398810750-701520212-253893804-500 - Administrator - Disabled)
Gość (S-1-5-21-1398810750-701520212-253893804-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1398810750-701520212-253893804-1006 - Limited - Enabled)
Konto domyślne (S-1-5-21-1398810750-701520212-253893804-503 - Limited - Disabled)
Milosz (S-1-5-21-1398810750-701520212-253893804-1001 - Administrator - Enabled) => C:\Users\Milosz
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.2.0 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 23.1.0.0 (Version: 23.1.0.0 - NVIDIA Corporation) Hidden
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0035 - ASUS)
Audiosurf 2 (HKLM-x32\...\Steam App 235800) (Version:  - Dylan Fitterer)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.5 - Daum Games EU)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco Packet Tracer 6.3 (HKLM-x32\...\Cisco Packet Tracer 6.3_is1) (Version:  - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version:  - Brace Yourself Games)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dungeon Siege Legends of Aranna (HKLM-x32\...\Dungeon Siege Legends of Aranna 1.0) (Version:  - Microsoft)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
ffdshow x64 v1.3.4533 [2014-09-29] (HKLM\...\ffdshow64_is1) (Version: 1.3.4533.0 - )
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Freemake Video Converter wersja 4.1.7 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.7 - Ellora Assets Corporation)
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameMaker: Player (HKLM-x32\...\GameMakerPlayer) (Version: 1.4.1242.41000 - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guitar Hero III (HKLM-x32\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.00.0000 - Aspyr)
Guitar Hero World Tour (HKLM-x32\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr)
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
HexEdit (HKLM-x32\...\{083EF76E-0760-4D7A-9508-0B88A3AF1889}) (Version: 4.0.0 - Expert Commercial Software Pty Ltd)
HideIPVPN (HKLM-x32\...\HideIPVPN) (Version: 4.0.0.1 - HideIPVPN.com)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
LAV Filters 0.68.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1 - Hendrik Leppkes)
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
LEGO - The Hobbit (HKLM-x32\...\Steam App 285160) (Version:  - Traveller's Tales)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
LTspice IV (HKLM-x32\...\LTspice IV) (Version:  - )
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes (wersja 3.0.5.1299) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MATLAB R2015a (HKLM\...\Matlab R2015a) (Version: 8.5 - MathWorks)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Morrowind (HKLM-x32\...\{EF203EF0-3977-41C7-8705-4F259EEC2B4C}) (Version: 1.6.0.1820 - Bethesda Softworks)
Morrowind AnimKit 2.1 (remove only) (HKLM-x32\...\Morrowind AnimKit) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pl)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MPC-HC 1.7.10 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
Muve Downloader (HKLM-x32\...\{29850ACF-D3C1-4EEC-84C4-DE795C6207F1}) (Version: 1.5.0 - Muve)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 (HKLM-x32\...\Steam App 349040) (Version:  - CyberConnect2 Co. Ltd.)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version:  - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.4.1428 - Native Instruments)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Origin (HKLM-x32\...\Origin) (Version: 10.3.2.64936 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Pakiet sterowników systemu Windows - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Panel sterowania NVIDIA 376.33 (Version: 376.33 - NVIDIA Corporation) Hidden
PC Remote (HKLM-x32\...\{C934DF74-D0D9-445C-90AA-34012A04E11D}) (Version: 3.51 - PC Remote)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.13.0.18 - GOG.com)
Pillars of Eternity Kickstarter Item (HKLM-x32\...\1427204139_is1) (Version: 2.13.0.18 - GOG.com)
Pillars of Eternity Kickstarter Item (HKLM-x32\...\Pillars of Eternity Kickstarter Item_is1) (Version: 2.7.0.15 - GOG.com)
Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\1207666843_is1) (Version: 2.13.0.18 - GOG.com)
Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\Pillars of Eternity Preorder Item and Pet_is1) (Version: 2.7.0.15 - GOG.com)
Plustek OpticPro S28 (HKLM-x32\...\{5265664F-6128-405C-9225-9782A85954FD}) (Version: V4.3.0 - )
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
PTC Diagnostic Tools (HKLM\...\{D8EE1206-5E41-425D-83E7-E6D9886E716D}) (Version: 3.0.0.0 - PTC)
PTC Mathcad Prime 3.1 (HKLM\...\{3A4F83E8-C604-4970-8A1F-8963B3507630}) (Version: 3.1.0 - PTC)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.833.833.101614 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rocksmith (HKLM-x32\...\Steam App 205190) (Version:  - Ubisoft - San Francisco)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
SDK Debuggers (x32 Version: 8.100.26936 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Skullgirls (HKLM\...\Steam App 245170) (Version:  - Lab Zero Games)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SmoothVideo Project version 3.1.6 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.6 - SVP)
Split/Second (HKLM-x32\...\{28526951-55EF-4901-A0CA-B9AC966D1DD1}) (Version: 1.00.0000 - Disney Interactive Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamVR (HKLM-x32\...\Steam App 250820) (Version:  - )
SVP 4 Free (HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\{c34c71ae-9eca-4b0d-90fb-0fb103b0b9a3}) (Version: 4.0 - SVP Team)
SVP 4 Free (HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\{c34c71ae-9eca-4b0d-90fb-0fb103b0b9a3}) (Version: 4.0 - SVP Team)
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
System Requirements Lab Detection (HKLM-x32\...\{7929FAC1-521D-4A22-AB2D-08118608D243}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Transistor (HKLM\...\Steam App 237930) (Version:  - Supergiant Games)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.7 - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UPC Fiber Power Optimizer (HKLM-x32\...\UPC Fiber Power Optimizer) (Version:  - UPC Broadband)
UPC Fiber Power Optimizer (x32 Version: 2.0.0.2 - UPC Broadband) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 7.3 - Ubisoft)
Visual Importer (HKLM-x32\...\Visual Importer_is1) (Version: 5.3.7.1 - DB Software Laboratory)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Phone IP Over USB (HKLM-x32\...\{E7C8E5D3-9EDC-4430-8AEF-FD590937F55F}) (Version: 10.0.10240.0 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B12E8D67895A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1398810750-701520212-253893804-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B12E8D67895A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1398810750-701520212-253893804-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {102c92bb-e159-4ae0-8779-1402c13f6e62} - no filepath
Task: {162DA9A3-04CD-4204-8F6F-DDA8FE160179} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {17D06B77-0E1A-4CFA-AB05-6A804ED9DB71} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {18B7EF86-84B2-49A2-95BC-68735EFDA355} - System32\Tasks\5615r248o2m49 => Rundll32.exe "C:\ProgramData\5615r248o2m49\5615r248o2m49.dll",romovr <==== ATTENTION
Task: {1EF532F1-AEA8-4EBB-B436-A3B317927115} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-04] (Microsoft Corporation)
Task: {245AB936-E9AE-4CEA-9437-C66931591249} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {280B1E55-EF1E-4D2C-A388-7F81632771C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {34FB31B6-9D84-42C8-8DEB-0F4451172507} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {40E5A722-566B-47B5-B26D-EFF43B9F4854} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {429E775E-8AF3-4BEB-A523-C1370EEB7BB9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {46811037-2145-471B-ABB3-5CDAC6DE8EBB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {635A0363-FC16-407A-929B-30802BDF83CA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {654447D5-7C24-43D3-A05B-AD1713F61120} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {7F738D5A-2544-4B3B-9CEF-9B19A6108E54} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-04] (Microsoft Corporation)
Task: {7FB0B100-047C-4C45-AE4D-053380A464A3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-04] (Microsoft Corporation)
Task: {94F67E02-5DB0-4B50-AA5C-C8C6904925F9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A855E69C-AC7E-4A77-9EDB-E3A2734BA2BE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BF92ECC3-2F1C-44CD-81E9-8D28BC81E009} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C49B3A9F-B4BD-4405-A017-C50F35239C91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {DC1CF410-C6B0-4499-824C-43528E4CE673} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {E3208402-DE59-46DE-810C-380737308C5B} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\Milosz\AppData\Roaming\Adobe\Manager.exe
Task: {EEB1997C-A02C-4276-B441-6209E1F4C654} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FAB4F693-435F-4EE7-9EFF-F61EB25CF585} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Milosz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\wpadka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-10-19 20:26 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-19 20:26 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-11 17:35 - 2013-04-15 10:50 - 00198144 _____ () C:\WINDOWS\System32\HP1006LM.DLL
2015-10-11 17:35 - 2013-04-15 10:50 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1006PP.dll
2016-08-18 10:34 - 2012-09-18 14:27 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2016-08-20 09:39 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 23:59 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 23:59 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-05-22 18:33 - 2016-05-22 18:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-12-09 06:54 - 2016-12-09 06:54 - 01678560 _____ () C:\Users\Milosz\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () D:\Program Files (x86)\Programy\Notepad++\NppShell_06.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 23:59 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-01-04 14:53 - 2014-03-22 14:48 - 02854400 _____ () C:\ProgramData\5615r248o2m49\5615r248o2m49.dll
2017-01-06 00:54 - 2017-01-06 03:00 - 00191488 _____ () C:\WINDOWS\TEMP\g6F4B.tmp.exe
2016-12-06 15:09 - 2016-12-06 15:09 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll
2016-09-15 00:36 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-13 23:59 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-30 20:30 - 2016-11-30 20:30 - 01484776 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8180\Battle.net Helper.exe
2016-11-09 01:36 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 01:36 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 01:36 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 01:36 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 01:36 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-06 00:53 - 2017-01-06 03:00 - 03258880 _____ () C:\WINDOWS\TEMP\g6F4C.tmp
2017-01-04 18:11 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2017-01-04 18:11 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-12-18 02:36 - 2016-12-18 02:36 - 03977168 _____ () C:\Users\Milosz\Downloads\adwcleaner_6.041.exe
2015-11-10 10:27 - 2015-05-14 11:54 - 00422600 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2014-12-25 16:12 - 2013-12-09 16:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-04-19 23:10 - 2016-12-13 00:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-19 20:26 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-19 20:26 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-10 00:08 - 2014-02-03 00:51 - 00237376 _____ () C:\Program Files (x86)\SVP\MPC-HC\LAVFilters\libbluray.dll
2016-11-10 00:08 - 2014-09-29 12:23 - 03502080 _____ () C:\Program Files (x86)\ffdshow\ffdshow.ax
2016-11-10 00:08 - 2014-09-29 12:19 - 04013568 _____ () C:\Program Files (x86)\ffdshow\ffmpeg.dll
2016-11-30 20:30 - 2016-11-30 20:30 - 37247976 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8180\libcef.dll
2016-11-30 20:30 - 2016-11-30 20:30 - 00540336 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8180\ortp.dll
2016-11-30 20:30 - 2016-11-30 20:30 - 06402560 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8180\battle.net.dll
2016-11-30 20:30 - 2016-11-30 20:30 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8180\libEGL.dll
2016-11-30 20:30 - 2016-11-30 20:30 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8180\libGLESv2.dll
2016-11-30 20:30 - 2016-11-30 20:30 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8180\libglesv2.dll
2016-11-30 20:30 - 2016-11-30 20:30 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8180\libegl.dll
2016-11-30 20:30 - 2016-11-30 20:30 - 00990696 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8180\ffmpegsumo.dll
2017-01-06 00:53 - 2017-01-06 03:00 - 03603456 _____ () C:\WINDOWS\TEMP\g6F49.tmp
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:E5914F2B [143]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2016-01-09 15:23 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122712827\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713021\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1398810750-701520212-253893804-1001\Control Panel\Desktop\\Wallpaper -> c:\users\milosz\pictures\tapeta.jpg
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\Control Panel\Desktop\\Wallpaper -> c:\users\milosz\pictures\tapeta.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: ABBYY.Licensing.PDFTransformer.Classic.4.0 => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AIPS => 2
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: Droid4XService => 2
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: HTCMonitorService => 2
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McBootDelayStartSvc => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: ModuleCoreService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: NIHardwareService => 2
MSCONFIG\Services: nlsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: PEFService => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
HKLM\...\StartupApproved\StartupFolder: => "HandyAndy.lnk"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "NCUpdateHelper"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1287255F383F8AE755FD3FF198A5E1C5"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "SRS Audio Sandbox"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Milosz\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "PC Remote Server"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1287255F383F8AE755FD3FF198A5E1C5"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "SRS Audio Sandbox"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "Uninstall C:\Users\Milosz\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1398810750-701520212-253893804-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01062017122713520\...\StartupApproved\Run: => "PC Remote Server"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [UDP Query User{6CCC487C-E4B0-481B-A0E8-1F23E699995B}C:\program files (x86)\zuxxez\battle vs. chess\battlevschess.exe] => C:\program files (x86)\zuxxez\battle vs. chess\battlevschess.exe
FirewallRules: [TCP Query User{7C5B53D3-FCBB-453C-B1D0-BAC4A81017D9}C:\program files (x86)\zuxxez\battle vs. chess\battlevschess.exe] => C:\program files (x86)\zuxxez\battle vs. chess\battlevschess.exe
FirewallRules: [UDP Query User{8A0E6DAD-8E34-48FB-8FF2-CA5916573C41}C:\program files\java\jdk1.7.0_79\bin\jmc.exe] => C:\program files\java\jdk1.7.0_79\bin\jmc.exe
FirewallRules: [TCP Query User{6FEA47D0-8E8D-4B7C-AF53-217AE769C464}C:\program files\java\jdk1.7.0_79\bin\jmc.exe] => C:\program files\java\jdk1.7.0_79\bin\jmc.exe
FirewallRules: [UDP Query User{1497894A-E6FD-4A7D-8408-B1593A8B9470}I:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => I:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{8B7F1E3E-40B9-4EBA-A6EB-3B2E330AD67B}I:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => I:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{46573893-FED2-4E38-8981-E0CCA3F41227}D:\program files (x86)\gry\overwatch\overwatch.exe] => D:\program files (x86)\gry\overwatch\overwatch.exe
FirewallRules: [TCP Query User{A6D63C80-0010-4023-8A75-65B03E5DA8B9}D:\program files (x86)\gry\overwatch\overwatch.exe] => D:\program files (x86)\gry\overwatch\overwatch.exe
FirewallRules: [UDP Query User{B7924930-D10E-4980-ABB6-287F688520CA}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{D9A0D5FA-B683-45D6-B928-7459E36D4CE3}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [{C1A5CF9D-30C4-4775-8A41-63D86A400AA7}] => LPort=1900
FirewallRules: [{20CC4138-3538-46D0-8CBA-BD02C44032FF}] => LPort=2869
FirewallRules: [{F8B99C6F-E44F-4BA5-B664-36390CE99A33}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1A60C782-FFEE-4AFD-85B4-E929CBBCBC1D}] => C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
FirewallRules: [{6B1507A3-4BBE-40FB-9D33-4B2B47C46CBA}] => C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe
FirewallRules: [{E974B715-61FB-49F9-AC56-8B21534AC91F}] => C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe
FirewallRules: [{6842B825-3B41-42A0-91D6-CC4C5088AE4A}] => C:\Program Files (x86)\Droid4X\Droid4X.exe
FirewallRules: [{877F9BF5-9DAD-4D44-B248-902D0B7321CA}] => D:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{455010EC-013C-493E-B48D-E842AE3DE492}] => D:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{8EF20DEE-39F1-499A-9F35-D6C8A951E6A9}] => D:\Program Files (x86)\Steam\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{D215A8DE-F769-4CEE-A021-E8F50AEF7F02}] => D:\Program Files (x86)\Steam\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{CFA06CC5-676B-4FD8-8DB6-F23D5954DDD4}] => D:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{25A753B8-948D-42B9-B605-3D70EC48526C}] => D:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{54D2E7BF-FC8D-4007-8551-B79CAE271C5B}] => D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{AA3D176D-095B-4A26-ACA0-B9A33372B485}] => D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A2FA3A03-4939-45B9-B14E-BBCAE6F9330C}] => D:\Program Files (x86)\Steam\steamapps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{3B2AE23E-914D-4DB5-9424-D0641E9FA3A3}] => D:\Program Files (x86)\Steam\steamapps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{137C833E-F63E-469D-9322-B07D133D8BB6}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{55BDB99C-D917-4291-9696-BE8E02E4C57A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{29C7D4B9-8423-43F6-8815-FAD28C3A21F6}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6407F308-8DEE-4484-B868-F99FCB5FB098}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8BFFEC42-F0D5-4225-83FC-E4F4B3583CAC}] => D:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{5D03CC95-4A29-41D6-A27A-EEEAF50D460C}] => D:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{52BC35DD-BF05-4358-AEF5-625A03FB164B}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{097ED9EB-3F03-4962-93AB-DA23E9833CE6}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{15E32CA3-50A4-4C3E-B82D-4EB860A1586D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6ECA83CB-A37E-4D40-8207-FE11B7936361}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2966F7E-292A-4501-BE2F-1920065120AF}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9CF1324B-6AB3-453E-B5D4-0935CF86E082}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7FF1318E-C742-4819-B5CB-633A31E66DC0}] => D:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{12D6CB33-DC9F-4D2C-B5BD-91B3455080D9}] => D:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{9732774A-FDB8-41BA-832C-D3D90FB420D4}D:\program files (x86)\gry\gta v\gta5.exe] => D:\program files (x86)\gry\gta v\gta5.exe
FirewallRules: [UDP Query User{E5909AB6-D910-4D98-8CE3-1B78D80B2CC1}D:\program files (x86)\gry\gta v\gta5.exe] => D:\program files (x86)\gry\gta v\gta5.exe
FirewallRules: [{32A136BF-C978-4F13-84A4-3FBF5F21715A}] => D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\bin\win32\vrmonitor.exe
FirewallRules: [{CCE189EF-4DDD-4835-8F27-EEA9D749A173}] => D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\bin\win32\vrmonitor.exe
FirewallRules: [{083B6FD3-689A-456F-B034-D3A13930B7AC}] => D:\Program Files (x86)\Steam\steamapps\common\Rocksmith\Rocksmith.exe
FirewallRules: [{C52E6E56-3256-4B62-82F6-257957EB09F2}] => D:\Program Files (x86)\Steam\steamapps\common\Rocksmith\Rocksmith.exe
FirewallRules: [{844570A4-3768-4662-A437-17C7AFD7349F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1AC68B1F-013B-4641-A9C5-1F5FF0715440}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9233842C-029E-4CA8-9582-937CC8582FF3}] => D:\Program Files (x86)\Muve\Muve Downloader\Launcher.exe
FirewallRules: [{AC433DA7-4793-459E-BD13-FC11D87F37AE}] => D:\Program Files (x86)\Muve\Muve Downloader\Launcher.exe
FirewallRules: [{11502D18-605C-4E72-874B-1F45C5941F26}] => D:\Program Files (x86)\Muve\Muve Downloader\MuveDownloader.exe
FirewallRules: [{BF2C00AD-88E5-4342-84D5-B600973CB742}] => D:\Program Files (x86)\Muve\Muve Downloader\MuveDownloader.exe
FirewallRules: [{11085F20-6EAB-4B41-9D82-E6CC2CD42A51}] => D:\Program Files (x86)\Gry\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{97718BDC-3573-4903-A57B-BDDBDE3852CD}] => D:\Program Files (x86)\Gry\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{4D38FD06-9E3D-443D-9CBF-1C25A9CD4C63}] => D:\Program Files (x86)\Gry\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{E265C258-EB17-44EE-8986-12FB01DF9125}] => D:\Program Files (x86)\Gry\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [TCP Query User{BEB0921E-F2C4-4476-8348-3649324AC3A0}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{26532067-135B-421F-AB76-0A8B58609C6C}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{FBFEAC20-B703-43AD-8F41-64D81AA0B2AB}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{55C1F625-487B-4B39-92A7-3A53E7AF78FD}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{C3C0CC80-B56E-4049-80BC-AFEDF79E9FE2}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9D7F832E-3A6D-4896-8C90-08122BACA8F9}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8131ADE8-B7EC-4CA4-B9AE-B94215765518}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{EAEB0C5E-031F-44C2-9C26-2338C7DE41D7}C:\program files (x86)\cisco packet tracer 6.3\bin\packettracer6.exe] => C:\program files (x86)\cisco packet tracer 6.3\bin\packettracer6.exe
FirewallRules: [UDP Query User{0C2CE6CB-B7B7-492F-8CC5-8D89F80ED761}C:\program files (x86)\cisco packet tracer 6.3\bin\packettracer6.exe] => C:\program files (x86)\cisco packet tracer 6.3\bin\packettracer6.exe
FirewallRules: [TCP Query User{78A03E80-86A6-4CCF-9802-36AE6EEBD4E8}C:\program files (x86)\java\jre1.8.0_111\bin\jp2launcher.exe] => C:\program files (x86)\java\jre1.8.0_111\bin\jp2launcher.exe
FirewallRules: [UDP Query User{17E4C7C7-FAF1-41CA-9222-54CB00A25374}C:\program files (x86)\java\jre1.8.0_111\bin\jp2launcher.exe] => C:\program files (x86)\java\jre1.8.0_111\bin\jp2launcher.exe
FirewallRules: [{82E08FD0-F76A-4219-B334-574ABE90F96F}] => D:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{B9606EDA-F67D-40BB-A76B-98357C849EA1}] => D:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{C285E9D2-108F-4F77-8AB6-4C41E0BD8377}] => %systemroot%\system32\alg.exe
FirewallRules: [{FA644FDD-7E12-4382-9C25-D21BDE447DDC}] => %systemroot%\system32\alg.exe
FirewallRules: [{7D88C8EA-81BD-47BA-BF3B-228ECADE0DD4}] => %systemroot%\system32\alg.exe
FirewallRules: [{B84D4658-E4D0-4934-8289-63229C7ECC03}] => %systemroot%\system32\alg.exe
FirewallRules: [{B5F7DCA0-240D-4D77-AFE3-2AC57BE92BC3}] => %systemroot%\system32\alg.exe
FirewallRules: [{06518D09-168B-450C-A044-AA3D5A4B3FC3}] => %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{EAE77824-935E-4974-88D3-9168D143D9E9}C:\windows\syswow64\dpnsvr.exe] => C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{F3F3748D-8C7C-4960-981B-C2F5CD1A8F21}C:\windows\syswow64\dpnsvr.exe] => C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{5DA6FCF7-CBDD-45A6-B51B-E2FD3F4413EF}] => D:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{7AD60FCF-9A11-4174-86E2-1F9C5A901901}] => D:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [TCP Query User{B43CF626-CB59-40CD-AFFC-78DD6EE658BB}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [UDP Query User{713C0940-DB30-491A-BD91-53FFD0AC1B86}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [TCP Query User{9BF67ACB-C7D2-4536-9C10-3BF3EEFF6A9A}C:\users\milosz\appdata\roaming\utorrent\utorrent.exe] => C:\users\milosz\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D27A69CC-FAF1-4404-A607-F0043E431B2A}C:\users\milosz\appdata\roaming\utorrent\utorrent.exe] => C:\users\milosz\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{835036F7-3F31-42AF-9580-291461044C10}D:\games\microsoft games\dungeon siege\dsloa.exe] => D:\games\microsoft games\dungeon siege\dsloa.exe
FirewallRules: [UDP Query User{E6F7D09F-169C-4EA2-8D3F-356C3CBA2392}D:\games\microsoft games\dungeon siege\dsloa.exe] => D:\games\microsoft games\dungeon siege\dsloa.exe
FirewallRules: [{66A0A083-7FDC-4EB9-9FC2-F83D12932EE1}] => %systemroot%\system32\alg.exe
FirewallRules: [{9C4E3063-4C36-4A84-8794-45D3992454D4}] => C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{BFD72EBF-0F3F-4C96-B7B7-C3EAA52BCC61}] => C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{E5890101-EF3D-4437-B227-DE1196B3D1A6}] => C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{51BE780C-07C6-446C-813B-43108722A074}] => C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{2B22A251-07C2-4A8C-97A9-E2C0D7325540}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BEB255E0-54F4-443B-9466-8DEF12571E94}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EE9483A2-460E-4360-B1E0-62A300E3280F}] => D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{ECA74D71-E109-419E-9CFE-F190D64B5ACD}] => D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5CF9AEBC-86C7-4727-B3A2-D94A35BB77D3}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7D2936FE-8F85-4760-A614-9C6D5FD8D38F}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{C6CA0CC8-2A9F-491F-ADCD-23753812BAFB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3E0366BD-1352-4964-B3B0-2FCD7FB83D01}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{597DD1D5-08E0-4EFB-A87E-4F099745C572}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{559919D7-3683-4A0C-A245-F33A51A6DAEE}] => D:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{94E3DABB-CAC2-43C2-A2C0-F3EF6B40B2E0}] => D:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{27885301-BFAD-48F0-B78F-FBF28508F65C}] => D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{CB27956B-8940-4FBA-B2C2-707520F83432}] => D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9C050380-7B82-48AC-A8BA-3A6CD59CD1F1}] => D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{D6199A7F-05AC-416E-B338-8F41ACC69E08}] => D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{C56DAF4E-04F5-46E1-BC8F-646A39F5129E}] => D:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EFC159C0-703D-4E10-B9F9-DA74DEAF0DED}] => D:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FE057F82-F386-41D9-8332-A9D8EB6281B4}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{98E194A0-368D-4AB9-9F72-545610A29E31}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{46A9AAD8-B259-4607-AD32-EB0FEC70C2C6}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{9708AB35-CD32-498E-91C9-A693504AB85D}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C15180AC-4FCF-4499-B201-4DC02D1E784E}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{2C378A84-3C54-42DC-BA0A-EC05955D5AC1}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{5FF6A490-7A38-45B0-9BDE-9A5F02BED128}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4AC53B8A-A35B-46AB-98E9-F759D71E3EA3}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F071DC3B-A1DC-42FE-8232-9709CB61185B}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{35EF6FA0-77A9-4691-8D16-D74ACD7B4C0F}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{84B9A1F0-3D78-4F91-938A-79251CE3264F}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8D65FE99-62C7-488E-BD8E-DB0226C27D85}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{573F0709-8B87-43C7-8F6C-9444C6531E7A}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6474485E-1E3F-44D4-B64A-01938C828834}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8B78F89C-6777-4274-9A95-BDD81FF16CAB}] => D:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{D0D5199A-9F7D-4351-843C-9E076D19B3EE}] => D:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{3C064CAC-5899-4FD8-971A-123E7DB957D8}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{6FCDEDB3-0529-4E96-9A0B-9113D881F822}] => C:\Users\Milosz\AppData\Local\Temp\is-LKERP.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{0C6D7D19-FB0B-4A6E-8AF9-B00DA3CA9552}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{763C7382-F70D-48B7-948E-C3D2E8CA62CB}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{3998434E-70D5-4F65-A9E9-820CF3344769}] => C:\Windows\System32\rundll32.exe
 
==================== Restore Points =========================
 
22-12-2016 01:39:27 Installed Guitar Hero III.
24-12-2016 01:04:24 Zainstalowano: Microsoft Visual C++ 2005 Redistributable
03-01-2017 21:49:02 Zaplanowany punkt kontrolny
06-01-2017 01:43:59 Removed BCL easyConverter Desktop 3 (Word Version).
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/06/2017 12:38:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: mbamservice.exe, wersja: 3.1.0.388, sygnatura czasowa: 0x58320f73
Nazwa modułu powodującego błąd: MBAMCore.dll, wersja: 3.0.0.510, sygnatura czasowa: 0x584f274d
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x000000000003572b
Identyfikator procesu powodującego błąd: 0x37e8
Godzina uruchomienia aplikacji powodującej błąd: 0x01d267b5f1851e84
Ścieżka aplikacji powodującej błąd: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Ścieżka modułu powodującego błąd: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll
Identyfikator raportu: 4e160ca5-5897-4700-ae12-e40a09abbc2b
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (01/06/2017 12:23:39 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu .
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (01/06/2017 11:01:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: CensusCore.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x548e78cb
Nazwa modułu powodującego błąd: CensusCore.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x548e78cb
Kod wyjątku: 0xc0000409
Przesunięcie błędu: 0x0004280b
Identyfikator procesu powodującego błąd: 0x3bf0
Godzina uruchomienia aplikacji powodującej błąd: 0x01d26803d18c0482
Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Droid4X\CensusCore.exe
Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Droid4X\CensusCore.exe
Identyfikator raportu: e4c1b8ba-4807-4b9f-80dc-65511b3b2f78
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (01/06/2017 10:53:41 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (01/06/2017 10:51:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: ShellExperienceHost.exe, wersja: 10.0.14393.447, sygnatura czasowa: 0x5819bf85
Nazwa modułu powodującego błąd: Windows.UI.Xaml.dll, wersja: 10.0.14393.479, sygnatura czasowa: 0x58258ce8
Kod wyjątku: 0xc000027b
Przesunięcie błędu: 0x00000000006d675b
Identyfikator procesu powodującego błąd: 0x3e6c
Godzina uruchomienia aplikacji powodującej błąd: 0x01d267bf272699a6
Ścieżka aplikacji powodującej błąd: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Ścieżka modułu powodującego błąd: C:\Windows\System32\Windows.UI.Xaml.dll
Identyfikator raportu: b8b5ad25-9fbd-4107-91fe-16d71e90d99e
Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy
Identyfikator aplikacji względem pakietu powodującego błąd: App
 
Error: (01/06/2017 02:06:46 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu .
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Składnik 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
 
Error: (01/06/2017 02:06:23 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla „c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu .
Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki powodujące konflikt:
Składnik 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Składnik 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (01/06/2017 01:55:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Taskmgr.exe w wersji 1.0.0.1 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania.
 
Identyfikator procesu: 2f54
 
Godzina rozpoczęcia: 01d267894172302f
 
Godzina zakończenia: 6
 
Ścieżka aplikacji: C:\Windows\System32\Taskmgr.exe
 
Identyfikator raportu: b0d707cf-d3aa-11e6-8333-f079593383b9
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (01/06/2017 01:46:47 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" w wierszu 1.
Tożsamość składnika znaleziona w manifeście nie odpowiada tożsamości składnika żądanego.
Odwołanie to UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definicja to UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
 
Error: (01/06/2017 01:46:36 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.
 
System Error:
Odmowa dostępu.
.
 
 
System errors:
=============
Error: (01/06/2017 12:38:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Malwarebytes Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.
 
Error: (01/06/2017 12:27:14 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ZARZĄDZANIE NT)
Description: 0x8000002a117\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-1398810750-701520212-253893804-1001-01062017122713520-ntuser.dat
 
Error: (01/06/2017 12:24:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: 
Nastąpiło zablokowanie ładowania sterownika
 
Error: (01/06/2017 12:24:25 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Milosz\AppData\Local\Temp\ehdrv.sys
 
Error: (01/06/2017 12:24:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: 
Nastąpiło zablokowanie ładowania sterownika
 
Error: (01/06/2017 12:24:24 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Milosz\AppData\Local\Temp\ehdrv.sys
 
Error: (01/06/2017 12:24:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: 
Nastąpiło zablokowanie ładowania sterownika
 
Error: (01/06/2017 12:24:24 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Milosz\AppData\Local\Temp\ehdrv.sys
 
Error: (01/06/2017 12:24:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: 
Nastąpiło zablokowanie ładowania sterownika
 
Error: (01/06/2017 12:24:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Milosz\AppData\Local\Temp\ehdrv.sys
 
 
CodeIntegrity:
===================================
  Date: 2017-01-06 11:31:44.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-06 01:44:25.771
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-01-05 00:12:25.371
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-04 13:13:34.425
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-01 22:18:27.859
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-01 04:33:36.396
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-28 16:22:43.122
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-27 20:30:47.298
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-26 15:43:57.394
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-12-25 12:41:19.457
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 72%
Total physical RAM: 8075.01 MB
Available physical RAM: 2250.12 MB
Total Virtual: 13707.01 MB
Available Virtual: 6344.47 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:136.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:24.48 GB) NTFS
Drive e: (Guitar Hero World Tour) (CDROM) (Total:6.13 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A0A05130)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 

Still this same problem


Edited by wpadka, 10 January 2017 - 12:01 PM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:33 PM

Posted 10 January 2017 - 01:50 PM

Please run the AdwCleaner tool and run it.

Do not remove the findings. Just post the log for my review.

#5 wpadka

wpadka
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 10 January 2017 - 07:19 PM

Log from AdwCleaner

 

# AdwCleaner v6.042 - Logfile created 11/01/2017 at 01:18:03
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-10.2 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Milosz - CREARTHOR
# Running from : C:\Users\Milosz\Downloads\adwcleaner_6.042.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
No malicious folders found.
 
 
***** [ Files ] *****
 
No malicious files found.
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
Value Found:  [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [Wd]
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [3138 Bytes] - [18/12/2016 02:39:56]
C:\AdwCleaner\AdwCleaner[C2].txt - [3981 Bytes] - [04/01/2017 17:35:55]
C:\AdwCleaner\AdwCleaner[C3].txt - [1426 Bytes] - [06/01/2017 02:18:26]
C:\AdwCleaner\AdwCleaner[S0].txt - [2934 Bytes] - [18/12/2016 02:38:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [3667 Bytes] - [04/01/2017 17:33:47]
C:\AdwCleaner\AdwCleaner[S2].txt - [1659 Bytes] - [06/01/2017 02:17:54]
C:\AdwCleaner\AdwCleaner[S3].txt - [1799 Bytes] - [06/01/2017 12:03:39]
C:\AdwCleaner\AdwCleaner[S4].txt - [1545 Bytes] - [11/01/2017 01:18:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1618 Bytes] ##########

 

 


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:33 PM

Posted 11 January 2017 - 09:51 AM

SystemLook.exe
SystemLook_x64.exe
  • Double-click SystemLook.exe/SystemLook_x64.exe
  • to run it.
  • Copy and paste the content of the following bold text into the main textfield:
  • :reg
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop entitled SystemLook.txt.
  • ===



#7 wpadka

wpadka
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 11 January 2017 - 11:12 AM

Systemlook.txt

 

SystemLook 30.07.11 by jpshortstuff

Log created at 17:12 on 11/01/2017 by Milosz
Administrator - Elevation successful
 
========== reg ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"wd"="C:\WINDOWS\TEMP\g61FD.tmp.exe"
 
 
-= EOF =-


#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:33 PM

Posted 11 January 2017 - 01:41 PM

Copy the text IN THE QUOTE BOX below to notepad. Save it as fixme.reg to your desktop.
Be sure the "Save as" type is set to "all files" Once you have saved Right click the .reg file and allow it to merge with the registry.
 

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"wd"=-


Restart the computer when completed.

You can delete the fixme.reg file when done.

===

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

Edited by nasdaq, 11 January 2017 - 01:41 PM.


#9 wpadka

wpadka
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 14 January 2017 - 02:08 PM

Many Thx, problem solved






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users