Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cse.google problem 2


  • This topic is locked This topic is locked
6 replies to this topic

#1 wpadka

wpadka

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 15 January 2017 - 05:32 AM

Hi! 

Here is topic with my problem: https://www.bleepingcomputer.com/forums/t/636668/csegoogle-problem/#entry4160688.

Cse.google website returned after few days, and i hava again this same threat in AdwCleaner.

 



BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:55 PM

Posted 15 January 2017 - 06:45 AM

:welcome: to BleepingComputer.

Hi there,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / music / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


:step1: Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


:step2: Temporarily disable your AV program so it does not interfere.
Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides.

Download Zoek tool from here

When the download appears, save to the Desktop.
On the Desktop, right-click the Zoek.exe file and select: Run as Administrator
(it takes a few seconds to appear.)

Next, copy/paste the entire script inside the code box below to the input field of Zoek:



createsrpoint;
filesrcm; 
uninstall-list;
iedefaults;
ffdefaults;
chrdefaults;
emptyclsid;
emptyalltemp;
autoclean;
Now...
Close any open Browsers.
Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Copy and paste the log to your next reply please.
 

***


:step3: FRST / FSRT64: run it again.
  • Right-click FRST / FSRT64 then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Put a check into the box next to Addition.txt and press the Scan button.
  • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
  • Please copy and paste both logs in your next reply.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 wpadka

wpadka
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 15 January 2017 - 01:14 PM

Checkup.txt

 

Results of screen317's Security Check version 1.014 --- 12/23/15  

   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 111  
 Java version 32-bit out of Date!
 Adobe Flash Player  23.0.0.207  
 Mozilla Firefox (50.1.0) 
 Google Chrome (55.0.2883.87) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````
 Windows Defender MSMpEng.exe 
 Windows Defender MSASCuiL.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
 

 

Zoek.txt

 

 

 
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Milosz on 2017-01-15 at 14:44:54,36.
Microsoft Windows 10 Home 10.0.14393  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Milosz\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
2017-01-15 14:47:32 Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\Program Files\McAfee deleted successfully
C:\Program Files\onedrive deleted successfully
C:\Program Files\stinger deleted successfully
C:\Program Files\VideoLAN deleted successfully
C:\PROGRA~3\BlueStacksSetup deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\Reprise deleted successfully
C:\PROGRA~3\SlySoft deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Milosz\AppData\Local\ActiveSync deleted successfully
C:\Users\Milosz\AppData\Local\EmieSiteList deleted successfully
C:\Users\Milosz\AppData\Local\EmieUserList deleted successfully
C:\Users\Milosz\AppData\Local\NetworkTiles deleted successfully
C:\Users\Milosz\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== FireFox Fix ======================
 
Deleted from C:\Users\Milosz\AppData\Roaming\Profiles\Anuqise.default\prefs.js:
user_pref("browser.startup.homepage", "google.pl");
 
Added to C:\Users\Milosz\AppData\Roaming\Profiles\Anuqise.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
Deleted from C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888\prefs.js:
 
Added to C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
==== Deleting Files \ Folders ======================
 
C:\Users\Milosz\AppData\Roaming\Championify deleted
C:\Users\Milosz\AppData\Roaming\Curse Client deleted
C:\Users\Milosz\AppData\Roaming\livestreamer deleted
C:\Users\Milosz\AppData\Roaming\pokenurse deleted
C:\Users\Milosz\AppData\Roaming\Synthesia deleted
C:\windows\SysNative\Tasks\5615r248o2m49 deleted
C:\Users\Milosz\.android deleted
C:\PROGRA~2\6cc0b0a0.tmp deleted
C:\Users\Milosz\ia_remove.sh3653.tmp deleted
C:\Users\Milosz\ia_remove.sh4866.tmp deleted
C:\Users\Milosz\ia_remove.sh8425.tmp deleted
C:\PROGRA~3\fontcacheev1.dat deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\{3155EF3F-3778-4C4C-B0F3-3E48423B8965} deleted
C:\PROGRA~3\{3A20D009-047D-496D-9874-DF40CA126D3C} deleted
C:\PROGRA~3\{98529CCC-D431-4B85-965E-E98139A4FACD} deleted
C:\PROGRA~3\{BD761B7D-CF85-4D9F-8742-F8457E267565} deleted
C:\PROGRA~3\{C0AE4A98-3E1D-45FB-8465-ECCCB391E633} deleted
C:\PROGRA~3\{E70386C6-507F-4906-86C2-96C1066BA097} deleted
C:\PROGRA~3\{FD1615C0-ED4A-4CEB-94C3-1850BF1BAA6A} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Milosz\AppData\Local\BTServer.log deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\WINDOWS\Syswow64\d3dx9_11.dll.tmp deleted
C:\WINDOWS\Syswow64\lMMLDeleteUserData42107612FX.tmp deleted
C:\WINDOWS\Syswow64\SETADEB.tmp deleted
C:\WINDOWS\Syswow64\SETBD32.tmp deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
C:\Users\Milosz\Uninst0.exe deleted
"C:\Users\Milosz\AppData\Local\{7E28A2B1-F9E2-4F72-8354-8EF36D298DD3}" deleted
"C:\ProgramData\mntemp" deleted
 
==== Files Recently Created / Modified ======================
 
====== C:\WINDOWS ====
2017-01-04 15:11:57 BD546B3E73971E53D76E63F3888B9D93 36808 ----a-w- C:\WINDOWS\xhunter1.sys
2016-12-22 08:28:15 74F28574BB8F61FFC7DD419FE6B6E0D5 1951 ----a-w- C:\WINDOWS\NvTelemetryContainerRecovery.bat
====== C:\Users\Milosz\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2017-01-11 16:35:36 827F77A3D43A0B349919C2F66BBCFC4A 7469056 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 16:35:36 01E2B9E7C8443F43B0222890A1173E78 237056 ----a-w- C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 16:35:35 D32B01BB5724B3600528CFFFB2BAE948 1255936 ----a-w- C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 16:35:34 16BD10FB0F72B9C844234C07C3130E04 167424 ----a-w- C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 16:35:24 1DD77E7ED258C57103D1FF1B0571D3FD 553984 ----a-w- C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 16:35:21 FB8657C99B33C9E3AD5197D4AD6B229F 5398016 ----a-w- C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 16:35:19 6C79DD2C43E95A38FBB567D83DACDC52 263472 ----a-w- C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 16:35:17 D1A551B0B7AB57490179E5ED5C4B24DA 2998272 ----a-w- C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 16:35:17 5521425D404C71B95CFDCBB06455FB97 1557808 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 16:35:17 19F7122EC19F1EDA724D13BF54ABB180 147968 ----a-w- C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 16:35:15 6F8A2A1B1411B91B836034457CD797B3 712192 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 16:35:14 E9A61066D8433692073FB7A71B76BF4F 223232 ----a-w- C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 16:35:14 C03354B15AB4B40A3D626EEA4BD6AFBB 74752 ----a-w- C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 16:35:14 BC95B9B72F50130CE7D87093E9F04110 253952 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 16:35:14 79079788BFF24158D1F1E945D1AC092D 557568 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 16:35:14 2A046635F3515975AEFBB855CB4E9559 180224 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 16:35:14 1220BEFEC4639175792FC0462DD52F3A 866816 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 16:35:13 E0D6916E8A0B269D22231BA00E8630FC 318976 ----a-w- C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 16:35:13 899A18BA61C0D1242A0E6A92752B7329 34304 ----a-w- C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 16:35:13 593B33D87F2EB6BA09D583D782EC5922 285184 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 16:35:13 4C10A7F62FD74CC8D7CA096F77997E0A 2748416 ----a-w- C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 16:35:13 4ABEA64DBFF541F8EFF80CE488D1E2A6 7626752 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 16:35:12 DEF44B761300AF3C2CF2955273325093 20969928 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 16:35:12 D9CCC54D17C28BC96DEA313DACA9CE96 509792 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 16:35:12 975BAA926F998BD296FACF0102D1B4F5 860672 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 16:35:11 E8866BF59BEBEE221459E82453642290 755712 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 16:35:11 D9A7E46105EF2A77055B6A8E62094DA9 886272 ----a-w- C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 16:35:11 BBFB3487BC2BA17DD45311D3B764C771 341344 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 16:35:11 66E893992BE9048429451B026F85E6C6 6044160 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 16:35:11 1375FA26B9483F8C2D607E1741F3A440 822784 ----a-w- C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 16:35:10 3032268EA235CE27FD2E9E946E3BCFAB 4612608 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 16:35:05 D6BC9443751A6307D6DED2C94438BF9E 1155072 ----a-w- C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 16:35:05 B78C83C57A50A6F32B3A73023F0BCC14 6474752 ----a-w- C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 16:35:05 677A1A604EA11CEEE78CD62AC0A79972 2206496 ----a-w- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 16:35:05 1B6A591492D31591458C7A732830D739 1300480 ----a-w- C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 16:35:04 FA5384E6FBF90FC1BB7009279F6BDB5F 980832 ----a-w- C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 16:35:04 E9CA8EAECA4785A9798056A321C4AD21 1201872 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 16:35:04 DCBAA27489EE9D25E3ED7D727260F876 1277344 ----a-w- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 16:35:04 7FBDC2558247BBDC8935FEF194D0C1E8 1360464 ----a-w- C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 16:35:04 78B393E8F4C1990F7A3E2ECD40A48DF3 3892864 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 16:35:04 50E24324A257CBD80B8E57A96FCAA9B6 1852720 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 16:35:03 26401C08D6407D11FEE6514FD6786B90 640000 ----a-w- C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 16:35:02 509C9E1A9DA6CAA6E405DEA9345AC7B3 497152 ----a-w- C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 16:34:59 DC195E020B6173087BC61E5694199E7C 198656 ----a-w- C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 16:34:59 2C61DF542F945F12A4FE28FD9C83AC9A 19413504 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 16:34:58 037C1DD70B4A895EA4B80B3E25D095C8 19417600 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 16:34:54 B827440852CDBF8724A38E698FA0AA2D 806400 ----a-w- C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 16:34:54 7CCEAACEF7840EA15EEF6EC2A098DB72 3733504 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 16:34:54 65F4FD7E19758FF07BB5203D65A1C8AA 13869056 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 16:34:54 4F3F93808E5D84E014A417DD7F5ADD90 1631232 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 16:34:53 E88811CA8FD0847E359D14C96C5DAE8C 218976 ----a-w- C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 16:34:53 86F3DD8105EA18131BAD4A145F31B668 5061120 ----a-w- C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 16:34:52 AF1CD431B9B08CBFB62F3B97C614951F 213504 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 16:34:52 A522BCEB7132DD667AB8EC9E076BF53E 231424 ----a-w- C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 16:34:51 E507716406282DED993ED67B192E4B93 382784 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 16:34:51 94A7B28F9433289C2447B7F701D8AB4A 76984 ----a-w- C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 16:34:51 0C3C22395BBA6B4F6AF5075A0FFADA86 484584 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 16:34:50 0484DE6C56F366D01C9C57616E74AF9C 231936 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
====== C:\WINDOWS\SysWOW64\drivers =====
2017-01-11 21:18:53 485BB79FA0B2EC81158E035DFFFC9B91 259 ----a-w- C:\WINDOWS\SysWOW64\drivers\vwifikerneldrv.sys
2017-01-04 10:32:14 EF558A02D734A1403583E95CCEEC2487 27552 ----a-w- C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
====== C:\WINDOWS\Sysnative =====
2017-01-11 16:29:29 23C699902D38FB40220B9DCC6A5961E7 328008 ----a-w- C:\WINDOWS\Sysnative\Windows.Storage.ApplicationData.dll
2017-01-11 16:29:06 CB69C94BC348A8435541453D1C1D7F0D 206848 ----a-w- C:\WINDOWS\Sysnative\win32k.sys
2017-01-11 16:29:06 C4D85EB020B7A610354F94CFAAFAE448 319288 ----a-w- C:\WINDOWS\Sysnative\wow64.dll
2017-01-11 16:29:06 BB22F3FE6B6FA52E6A1A0270530C0607 1513472 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys
2017-01-11 16:29:06 917F081E2AB667C44F7D96DE1D16DFAE 673792 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe
2017-01-11 16:29:06 4C08BF958476A137C78B62B22B5F90A4 147456 ----a-w- C:\WINDOWS\Sysnative\winsrv.dll
2017-01-11 16:29:06 3C31E12CEA4F72AAC79ECB89512D7089 3616768 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys
2017-01-11 16:29:06 0F08A4AA40A0F3663149B182954BA7CA 1694712 ----a-w- C:\WINDOWS\Sysnative\winmde.dll
2017-01-11 16:29:04 DDB7E452A99E0E5244105C6D2CF4BC9E 2317824 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll
2017-01-11 16:29:04 8C521D161445C3E1F38A494E7649E70D 837632 ----a-w- C:\WINDOWS\Sysnative\wbiosrvc.dll
2017-01-11 16:29:03 E61548BAF8C7B573C40175C28132D51A 869888 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll
2017-01-11 16:29:03 82A72D1FE11ADE12D7213228F27C2351 391168 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll
2017-01-11 16:29:02 FB04124C2D2F68BBF3B9D31950B78222 211968 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe
2017-01-11 16:29:02 ED63AA851858968B968BD5C144361075 748544 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll
2017-01-11 16:29:02 9F69F9CF2D6D337D41824E2F2B3921DB 260608 ----a-w- C:\WINDOWS\Sysnative\InstallAgentUserBroker.exe
2017-01-11 16:29:02 70888F2C61E34DA8C7BC476119375955 90112 ----a-w- C:\WINDOWS\Sysnative\updatepolicy.dll
2017-01-11 16:29:01 74159E9FFFE9325BC7729A4E3719875D 49152 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
2017-01-11 16:29:00 EBF9E40845362DBE2AD0DB3077269488 539648 ----a-w- C:\WINDOWS\Sysnative\usocore.dll
2017-01-11 16:29:00 CAD92D19FF3674F36C778D0E79C40772 290816 ----a-w- C:\WINDOWS\Sysnative\updatehandlers.dll
2017-01-11 16:29:00 70703DDFF5F20685B09ED4392139B03D 418304 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.BlockedShutdown.dll
2017-01-11 16:29:00 4CA3CFEA3483EDEFFD27A3A3EC92391C 363520 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.BioFeedback.dll
2017-01-11 16:28:58 C9B67DBC82FBBB5688CF8E8293495937 9131008 ----a-w- C:\WINDOWS\Sysnative\twinui.dll
2017-01-11 16:28:58 13F38871E8AF34DCCB041D1B5BCEE465 43008 ----a-w- C:\WINDOWS\Sysnative\LaunchWinApp.exe
2017-01-11 16:28:57 E35794C871B70206F8DA6C48ABA003DC 360448 ----a-w- C:\WINDOWS\Sysnative\rdpencom.dll
2017-01-11 16:28:57 848A3CF59AAE081532C22F7C9A8DAAEC 3134976 ----a-w- C:\WINDOWS\Sysnative\rdpcore.dll
2017-01-11 16:28:57 4DE2027EC9EB53F11BE46DE27D1B1A72 8075776 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll
2017-01-11 16:28:56 4BF211AAECBBE524D1F141135241C5CE 310784 ----a-w- C:\WINDOWS\Sysnative\SyncSettings.dll
2017-01-11 16:28:56 26569D6A2BCBC0058340145C4C79488A 1002496 ----a-w- C:\WINDOWS\Sysnative\SRH.dll
2017-01-11 16:28:56 0C968E9C3B514AAA634339ADFDBE5C04 2009600 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll
2017-01-11 16:28:55 CF03DB835BD053C5DF1020B08149334F 22224480 ----a-w- C:\WINDOWS\Sysnative\shell32.dll
2017-01-11 16:28:55 C1B5EE58E759C53F9939581709DC70BB 193536 ----a-w- C:\WINDOWS\Sysnative\certprop.dll
2017-01-11 16:28:55 5E8ECCE130A72107B6DFDBE26185A7FB 201728 ----a-w- C:\WINDOWS\Sysnative\ScDeviceEnum.dll
2017-01-11 16:28:55 38B1A32D777CAEBE248FB608023701D2 584544 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe
2017-01-11 16:28:54 E481F29B8CCA13ED638BCC626D8BC613 1121280 ----a-w- C:\WINDOWS\Sysnative\aadtb.dll
2017-01-11 16:28:54 C608AF956CE1F99F5B00B9D2AB6C8F4C 352768 ----a-w- C:\WINDOWS\Sysnative\cloudAP.dll
2017-01-11 16:28:54 B7B0337702015FE3D8F1B1ABD07C1301 932864 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll
2017-01-11 16:28:54 AD09DD001BFF1562665F5670F1E76259 1062912 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll
2017-01-11 16:28:54 A8D1EF5E96E2F4FB513D83040B22FF31 1908224 ----a-w- C:\WINDOWS\Sysnative\AzureSettingSyncProvider.dll
2017-01-11 16:28:54 2F7824EC4540A5FED80D605BC0AD6B39 404832 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll
2017-01-11 16:28:53 916B789655832BDF681FCE3070AFABB8 1600632 ----a-w- C:\WINDOWS\Sysnative\sppobjs.dll
2017-01-11 16:28:53 164B90D40F4D459A32008762504CD6DC 425984 ----a-w- C:\WINDOWS\Sysnative\aadcloudap.dll
2017-01-11 16:28:53 123D03C4DCE989FAEAB11B69EBE021AF 8129536 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll
2017-01-11 16:28:52 8795108A09CCDE6E6D25B1427FD7B593 289792 ----a-w- C:\WINDOWS\Sysnative\DeveloperOptionsSettingsHandlers.dll
2017-01-11 16:28:52 87067444E515E123F712F564E5668DAB 368640 ----a-w- C:\WINDOWS\Sysnative\OneBackupHandler.dll
2017-01-11 16:28:52 08D9755DADCA7A0FA9C093EC09C84AE0 4749312 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll
2017-01-11 16:28:48 2F0111384FB522FE6B62EF1ECC60373A 236544 ----a-w- C:\WINDOWS\Sysnative\WinSCard.dll
2017-01-11 16:28:47 6586E0291CD53DA7794CD988366AED58 6285312 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll
2017-01-11 16:28:46 62B1292F90D98574FDA94C15455DBE54 92512 ----a-w- C:\WINDOWS\Sysnative\rdpudd.dll
2017-01-11 16:28:46 21A12249A5D06DBD8C40CF186E9DF6C7 4149248 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll
2017-01-11 16:28:45 EFA5FFD923DB1FF8C0A8E0BE95DF34DA 234496 ----a-w- C:\WINDOWS\Sysnative\KnobsCore.dll
2017-01-11 16:28:45 639EB29D9311C212A3C35D44A56B1766 349184 ----a-w- C:\WINDOWS\Sysnative\provengine.dll
2017-01-11 16:28:45 1188528BD42005037F57A1F7EB9FFEA2 83968 ----a-w- C:\WINDOWS\Sysnative\ProvPluginEng.dll
2017-01-11 16:28:45 0BF189620AE82619BA12C2D0659E719A 119808 ----a-w- C:\WINDOWS\Sysnative\KnobsCsp.dll
2017-01-11 16:28:41 6B4BFAC812452A7DFB04B79266068333 7816032 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe
2017-01-11 16:28:39 CE793530EC8C3669D9521B01E5EBBD46 136032 ----a-w- C:\WINDOWS\Sysnative\ImplatSetup.dll
2017-01-11 16:28:37 FA26C660CD221A53EFF56D7E0533A129 947712 ----a-w- C:\WINDOWS\Sysnative\MSVP9DEC.dll
2017-01-11 16:28:37 BBCA1BF191B6F20FF549E51FB80A2868 6664192 ----a-w- C:\WINDOWS\Sysnative\mspaint.exe
2017-01-11 16:28:37 7730E5E104B739368AECE9C00E7C1531 1292288 ----a-w- C:\WINDOWS\Sysnative\MSVPXENC.dll
2017-01-11 16:28:37 3EFA8AE16B279E0C7C84CD8739ADEAC4 2482280 ----a-w- C:\WINDOWS\Sysnative\msmpeg2vdec.dll
2017-01-11 16:28:35 F139D4F13DBBB417B33A193258660611 1454504 ----a-w- C:\WINDOWS\Sysnative\mfnetsrc.dll
2017-01-11 16:28:35 A71B83E91B8850F7DC1A691E227BF1F6 1071736 ----a-w- C:\WINDOWS\Sysnative\mfnetcore.dll
2017-01-11 16:28:34 E56AF91E9346979B4AA060D42D8F0A94 1702392 ----a-w- C:\WINDOWS\Sysnative\mfasfsrcsnk.dll
2017-01-11 16:28:34 7DDF10FC2C70EA83BAC2BB934DF03CAD 936960 ----a-w- C:\WINDOWS\Sysnative\MCRecvSrc.dll
2017-01-11 16:28:34 3E3F64B5A629BDF6DC8C4CFAE77C8E4E 1300600 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll
2017-01-11 16:28:34 181C169AE98C74A1CC4B9AA0B4A22EA4 4130440 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll
2017-01-11 16:28:34 0EC298CD8F21F9AC04FEC57505B9150D 1988560 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll
2017-01-11 16:28:31 92156481488CDD143B4FC5AAEF94F85C 1490432 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll
2017-01-11 16:28:30 6A767EA4AB61E6CD23E21299FF2EB045 707584 ----a-w- C:\WINDOWS\Sysnative\LogonController.dll
2017-01-11 16:28:26 FBF28125556F3A32518DA015497353F4 223744 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe
2017-01-11 16:28:25 939B177EDD2B38D3E8BD994FF05EE27C 261632 ----a-w- C:\WINDOWS\Sysnative\indexeddbserver.dll
2017-01-11 16:28:25 1B135C7D7C2930F967C40FEF9D0A6BE2 22563840 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll
2017-01-11 16:28:24 F4886590FE0DF86EB9426A298B81C6B6 23678464 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll
2017-01-11 16:28:16 6DFED1399CF52D877E6C91D470A29916 440320 ----a-w- C:\WINDOWS\Sysnative\fhcfg.dll
2017-01-11 16:28:16 0D9A63B965E6871809EE83B56697E0B3 462336 ----a-w- C:\WINDOWS\Sysnative\fhsettingsprovider.dll
2017-01-11 16:28:10 9EF92B1669413DF478D4A8DCDE201F4C 17188864 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2017-01-11 16:28:10 980FB14885AE2404726EE45F8AABB586 4474368 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_47.dll
2017-01-11 16:28:10 8B3D8DF2574E9EAA7FC5A93066AA9260 1005568 ----a-w- C:\WINDOWS\Sysnative\D3D12.dll
2017-01-11 16:28:10 74FCE9C9854C94C264AF7639A5F46FF6 1631232 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.Resources.dll
2017-01-11 16:28:09 B7EF5FF80CC9C0723ADA31B4355B9C13 883712 ----a-w- C:\WINDOWS\Sysnative\samsrv.dll
2017-01-11 16:28:09 1EB7C2F34EFD0B1AAE841F0272531106 1231872 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll
2017-01-11 16:28:09 13D5AFBE138BADC93960102A4F187DE1 245600 ----a-w- C:\WINDOWS\Sysnative\offlinesam.dll
2017-01-11 16:28:08 466F6475D5161FD26F144967C84FA30F 324096 ----a-w- C:\WINDOWS\Sysnative\domgmt.dll
2017-01-11 16:28:08 0969BCCDE7E838227140F64382EF64AE 5611008 ----a-w- C:\WINDOWS\Sysnative\d2d1.dll
2017-01-11 16:28:06 F77CC6A4AD680477252538615B4F6863 257024 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.CredDialogController.dll
2017-01-11 16:28:06 BFBCD0C204BFFFB1CC17FE8A8B734A8B 266752 ----a-w- C:\WINDOWS\Sysnative\ConsoleLogon.dll
2017-01-11 16:28:06 0A9D8B84C895E51D61F85F7AE4E639ED 600576 ----a-w- C:\WINDOWS\Sysnative\cryptui.dll
2017-01-11 16:28:05 391C0A1E168E6E66D9136DDA4FA2743E 241504 ----a-w- C:\WINDOWS\Sysnative\CloudExperienceHost.dll
2017-01-11 16:27:53 42AFA15DE8FE204B74B3C8D2E2E12B0D 295424 ----a-w- C:\WINDOWS\Sysnative\CloudBackupSettings.dll
2017-01-11 16:27:49 D70B1453ADA82A92E76EAE72D936A0F6 2275840 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2017-01-11 16:27:49 C9F62A3544BCEBACAF17E3EA22B0F5A2 590960 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll
2017-01-11 16:27:49 C1AD9597ADC4770E221A25B8BEB7271C 418952 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll
2017-01-11 16:27:49 A707CE085972BBDBA1F6780B444F6D3C 89416 ----a-w- C:\WINDOWS\Sysnative\remoteaudioendpoint.dll
2017-01-11 16:27:49 A1D181D6D7D14F4EB36675D0D62CE817 1692672 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.onecore.dll
2017-01-11 16:27:49 82F99FCA5931BB62B465F5B6B1D420DD 534096 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll
2017-01-11 16:27:49 7B993290E7691C446C16A56A431669BA 942080 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll
2017-01-11 16:27:49 2DC3D53FFA0D10EB8C911AE2DB7BF4CF 337920 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll
2017-01-11 16:27:48 47A61ECCDD1EC29E66EEAB90416B2064 5511680 ----a-w- C:\WINDOWS\Sysnative\aclui.dll
2017-01-11 16:27:47 783B7FCD68D9C42EC4779140ED55E542 1235296 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll
2017-01-11 16:27:45 BD19B0A85E7F7D70543A77C61CE21054 324608 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.LockScreen.dll
2017-01-11 16:27:43 4B1302F2DDF5B7F19520B20B380FBE39 455520 ----a-w- C:\WINDOWS\Sysnative\securekernel.exe
2017-01-11 16:27:40 D4BEF92AFE4C1BBF3216D159E2B9B0F7 1356864 ----a-w- C:\WINDOWS\Sysnative\ClipUp.exe
====== C:\WINDOWS\Sysnative\drivers =====
2017-01-11 21:18:55 DC5CA6C274EAF6540374A205D1AA450E 74864 ----a-w- C:\WINDOWS\Sysnative\drivers\adgnetworkwfpdrv.sys
2017-01-11 16:28:31 90C07EB909C42316982E753BDAA7860D 624048 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys
2017-01-11 16:27:23 3BB8D153A9A514EC9FFCB586251A1925 715104 ----a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys
2017-01-11 16:27:23 29AF16726F4DD84376ECA85AB6AFF2C6 335712 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys
2017-01-06 00:44:33 3BEC6134F1E45AEF5E971F69F0D38510 176064 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMChameleon.sys
2017-01-06 00:44:08 F3960CA85778E5D7611EE0F501972340 102856 ----a-w- C:\WINDOWS\Sysnative\drivers\farflt.sys
2017-01-06 00:44:08 205C2D377E1CA85A4465491DB8064DA9 91584 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys
2017-01-06 00:44:02 88BD122C3A35DE63D75D382DF75554CE 43968 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys
2017-01-06 00:43:58 ABB371D9AEF728B0489B0E6872B4A1C0 250816 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2017-01-06 00:43:28 4D7F3114147C31390262F19F74E5BF07 77416 ----a-w- C:\WINDOWS\Sysnative\drivers\mbae64.sys
====== C:\WINDOWS\Tasks ======
2017-01-13 00:12:47 2D4599678A36E8CEA60ADF754F0E8A8B 3628 ----a-w- C:\WINDOWS\Sysnative\Tasks\ASUS Smart Gesture Launcher
2017-01-04 17:11:01 13C7B044F5D4587D4CC797098C04E7A4 3566 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2017-01-04 17:11:01 0C930C9375513840E9C27574513D15D2 3442 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-12-18 13:44:34 -------- d-----w- C:\Program Files\BreakPoint Software
======= C:\PROGRA~2 =====
2017-01-13 04:20:29 -------- d---a-w- C:\PROGRA~2\COMMON~1\DESIGNER
2017-01-11 21:18:33 -------- d---a-w- C:\PROGRA~2\Adguard
2016-12-22 08:42:16 -------- d-----w- C:\PROGRA~2\VulkanRT
======= C: =====
====== C:\Users\Milosz\AppData\Roaming ======
2017-01-11 21:18:50 -------- d-----w- C:\Users\Milosz\AppData\Local\Performix_LLC
2017-01-04 10:30:57 -------- d-----w- C:\Users\Milosz\AppData\Local\Chuqokguqas
2017-01-03 21:12:39 -------- d-----w- C:\Users\Milosz\AppData\Local\BlackDesertOnline
2016-12-20 22:13:34 980BBFB9F8B86165C2D6F3093B375BDC 4892 ----a-w- C:\Users\Milosz\AppData\Local\recently-used.xbel
2016-12-18 12:05:42 -------- d-----w- C:\Users\Milosz\AppData\Local\Aspyr
====== C:\Users\Milosz ======
2017-01-14 11:34:18 -------- d-----w- C:\ProgramData\ASUS Smart Gesture
2017-01-11 21:18:37 -------- d-----w- C:\ProgramData\Adguard
2017-01-11 21:18:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard
2017-01-11 21:17:12 040257E7A658BAC53269A9071C1A897C 173328 ----a-w- C:\Users\Milosz\Downloads\adguardInstaller.exe
2017-01-11 16:11:50 F783EC309D42813F74319EB776153B2B 165376 ----a-w- C:\Users\Milosz\Downloads\SystemLook_x64.exe
2017-01-11 16:11:44 DEDB5F9E28EE2C9363E83A2A94BA83B9 139264 ----a-w- C:\Users\Milosz\Downloads\SystemLook.exe
2017-01-11 00:15:00 E05BC40301AB39A2DFC1E03B9B117A99 3988944 ----a-w- C:\Users\Milosz\Downloads\adwcleaner_6.042.exe
2017-01-06 11:45:08 CAA005A9C658F54FE235BD3B74867DF9 2419200 ----a-w- C:\Users\Milosz\Downloads\EnglishFRST64.exe
2017-01-04 17:00:45 0BBF9BB937C34B05655A6D30E52A516E 8803648 ----a-w- C:\Users\Milosz\Downloads\ccsetup525.exe
2017-01-04 16:58:01 75236578BFF1CCD867F6DC5B8095E5DE 1065376 ----a-w- C:\Users\Milosz\Downloads\ChromeSetup.exe
2017-01-04 13:53:52 -------- d--h--w- C:\ProgramData\5615r248o2m49
2017-01-04 11:07:23 8E1B08222F20E45A3E8DB04C569F9CB7 8 --sha-r- C:\Users\Milosz\ntuser.pol
2017-01-04 10:37:35 C5EE10B806249B92666E8AA1415C6FBC 54199488 ----a-w- C:\Users\Milosz\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-04 10:32:12 -------- d-----w- C:\ProgramData\IObit
2017-01-04 10:30:53 8E1B08222F20E45A3E8DB04C569F9CB7 8 --sha-r- C:\ProgramData\ntuser.pol
2017-01-03 21:12:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online
2017-01-03 21:10:28 9B0AACBE04643421AD847A083E1A1444 50625480 ----a-w- C:\Users\Milosz\Downloads\BlackDesertOnlineSetup_20160228_1005.exe
2016-12-18 13:44:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex Workshop v6.8
 
====== C: exe-files ==
2017-01-13 00:12:45 10AC92545F948E86F2E3A23FD3F59EC4 190960 ----a-w- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\DesktopManager\x86\AsusTPSwipe.exe
2017-01-13 00:12:45 0B58DD6EFB3C275EE6768310AA8A6D51 193520 ----a-w- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\DesktopManager\x64\AsusTPSwipe.exe
2017-01-10 19:34:39 6893AEEA00C998A715A95CB216050350 129512 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net.8265\Loader64.exe
2017-01-10 19:34:30 7C677C2C2600FD616AF1B635818253BC 14216168 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net.8265\Battle.net.exe
2017-01-10 19:34:29 CC1F1C9CB57E8670F0ADAC369BB4230B 1448936 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net.8265\Battle.net Helper.exe
=== C: other files ==
2017-01-11 21:20:21 4CB99C82C4F7A35A1E7DAA56952D9C29 3739863 ----a-w- C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Webstore Downloads\bgnkhhnnamicmpeenaelnjfhikgbkllg_61889.crx
2017-01-11 21:18:55 DC5CA6C274EAF6540374A205D1AA450E 74864 ----a-w- C:\Windows\System32\drivers\adgnetworkwfpdrv.sys
2017-01-11 21:16:05 4CB99C82C4F7A35A1E7DAA56952D9C29 3739863 ----a-w- C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Webstore Downloads\bgnkhhnnamicmpeenaelnjfhikgbkllg_48262.crx
2017-01-11 16:29:06 CB69C94BC348A8435541453D1C1D7F0D 206848 ----a-w- C:\Windows\System32\win32k.sys
2017-01-11 16:29:06 BB22F3FE6B6FA52E6A1A0270530C0607 1513472 ----a-w- C:\Windows\System32\win32kbase.sys
2017-01-11 16:29:06 3C31E12CEA4F72AAC79ECB89512D7089 3616768 ----a-w- C:\Windows\System32\win32kfull.sys
2017-01-11 16:28:31 90C07EB909C42316982E753BDAA7860D 624048 ----a-w- C:\Windows\System32\drivers\cng.sys
2017-01-11 16:27:23 3BB8D153A9A514EC9FFCB586251A1925 715104 ----a-w- C:\Windows\System32\drivers\vhdmp.sys
2017-01-11 16:27:23 29AF16726F4DD84376ECA85AB6AFF2C6 335712 ----a-w- C:\Windows\System32\drivers\pci.sys
2017-01-10 16:34:46 B6704EE5A17116F0723014F0C3DA1954 59448 ----a-w- C:\ProgramData\NVIDIA Corporation\Downloader\latest\NvvHCI\nvvhci64.sys
2017-01-10 16:34:46 9DD6CF5A300F4D7867DA4629C4AB6802 51768 ----a-w- C:\ProgramData\NVIDIA Corporation\Downloader\latest\NvvHCI\nvvhci32.sys
2017-01-09 13:33:05 A305B7DEF03D5A954508E8BC21F5EAC9 52769312 ----a-w- C:\Users\Milosz\Downloads\SmartGesture_Win81_64_VER409.zip
 
==== Firefox Start and Search pages ======================
 
ProfilePath: C:\Users\Milosz\AppData\Roaming\Profiles\Anuqise.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
ProfilePath: C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\Milosz\AppData\Roaming\Profiles\Anuqise.default
- Undetermined - C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\vjsp33n8.default-1436442300194\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
- Flash and Video Download - %ProfilePath%\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 
ProfilePath: C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888
- Flash and Video Download - %ProfilePath%\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888
83FCFA3C1E0D7523C21CCFBF336D2687 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll - Shockwave Flash
 
 
==== Chromium Look ======================
 
 
Video Downloader - Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc
IP Check - Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchhalahcjpkabdgonjhoogdcipienhf
Chrome Media Router - Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
 
==== Chromium Fix ======================
 
C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc deleted successfully
C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aiimdkdngfcipjohbjenkahhlhccpdbc_0.localstorage deleted successfully
C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aiimdkdngfcipjohbjenkahhlhccpdbc_0.localstorage-journal deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
==== All HKLM and HKCU SearchScopes ======================
 
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
 
==== Reset Google Chrome ======================
 
C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
 
==== Uninstall List x64 ======================
 
Adguard  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}]
Adguard  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b2963e15-24ed-4084-988e-5b2c8660c1e6}]
Adobe Creative Cloud [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Creative Cloud]
Adobe Flash Player 23 NPAPI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI]
Adobe Media Encoder CC 2015 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}]
Adobe Premiere Pro CC 2015 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{38C72D42-0672-43B1-9E05-E7631684F9A1}]
Aktualizacje NVIDIA 23.1.0.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update]
Ansel  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel]
ASUS Power4Gear Hybrid [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}]
ASUS Screen Saver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}]
ASUS Smart Gesture [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}]
ASUS Splendid Video Enhancement Technology [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}]
ASUS USB Charger Plus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}]
ATK Package [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}]
Audiosurf 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 235800]
Battle.net  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Battle.net]
Black Desert Online [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}]
Borderlands 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 49520]
CCleaner  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]
Cisco EAP-FAST Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}]
Cisco LEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AF312B06-5C5C-468E-89B3-BE6DE2645722}]
Cisco Packet Tracer 6.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Cisco Packet Tracer 6.3_is1]
Cisco PEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}]
Conexant HD Audio [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_AUDIO_HDA]
Crypt of the NecroDancer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 247080]
Curse  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}]
D3DX10  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]
DAEMON Tools Lite [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite]
DARK SOULS III [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 374320]
Device Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}]
Don't Starve Together Beta [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 322330]
Dungeon Siege Legends of Aranna [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Dungeon Siege Legends of Aranna 1.0]
ELAN Touchpad 15.8.4.3_X64_WHQL [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Elantech]
Epic Games Launcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}]
ffdshow v1.3.4533 [2014-09-29] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ffdshow_is1]
ffdshow x64 v1.3.4533 [2014-09-29] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ffdshow64_is1]
Foxit PhantomPDF [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}]
Foxit Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Foxit Reader_is1]
Freemake Video Converter wersja 4.1.7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Freemake Video Converter_is1]
Galeria fotografii [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}]
GameMaker-Studio 1.4 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\GameMaker-Studio14]
GameMaker: Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GameMakerPlayer]
Garry's Mod [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 4000]
GIMP 2.8.18 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\GIMP-2_is1]
GOG Galaxy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7258BA11-600C-430E-A759-27E2C691A335}_is1]
Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}]
GPU Temp version 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1]
Grand Theft Auto V [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}]
Guitar Hero III [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}]
Guitar Hero World Tour [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A126E617-63F0-4E57-BFA4-7190F5845C39}]
Hex Workshop v6.8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A36AC685-4435-4C16-861F-221231DE165D}]
HexEdit  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{083EF76E-0760-4D7A-9508-0B88A3AF1889}]
Hi-Rez Studios Authenticate and Update Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}]
HideIPVPN  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HideIPVPN]
Intel® Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}]
Intel® Processor Graphics [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}]
IntelR Trusted Connect Service Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B5E06417-A4AC-4225-B36E-7E34C91616E7}]
Java 8 Update 111 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180111F0}]
Java SE Development Kit 7 Update 79 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{64A3A4F4-B792-11D6-A78A-00B0D0170790}]
Kits Configuration Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B74E65FD-CC47-41C5-4B89-791A3F61942D}]
LAV Filters 0.68.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\lavfilters_is1]
Left 4 Dead 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 550]
LEGO - The Hobbit [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 285160]
Livestreamer 1.12.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Livestreamer]
LogMeIn Hamachi [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{91B5DF26-717A-4A5F-AB10-CD450FAD428C}]
LogMeIn Hamachi [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LogMeIn Hamachi]
LTspice IV [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LTspice IV]
Magicka  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 42910]
Malwarebytes (wersja 3.0.5.1299) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1]
MATLAB R2015a [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Matlab R2015a]
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}]
Microsoft .NET Framework 4.5.1 SDK [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19A5926D-66E1-46FC-854D-163AA10A52D3}]
Microsoft ASP.NET MVC 4 Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}]
Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}]
Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}]
Microsoft Office 365 ProPlus - pl-pl [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\O365ProPlusRetail - pl-pl]
Microsoft OneDrive [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\OneDriveSetup.exe]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{a1909659-0a08-4554-8af1-2175904903a1}]
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}]
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8e70e4e1-06d7-470b-9f74-a51bef21088e}]
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}]
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37B8F9C7-03FB-3253-8781-2517C99D7C00}]
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}]
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9}]
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}]
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7f51bdb9-ee21-49ee-94d6-90afc321780e}]
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{050d4fc8-5d48-4b8f-8972-47c82c46020f}]
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ce085a78-074e-4823-8dc1-8a721b94b76d}]
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f65db027-aff3-4070-886a-0d87064aabb1}]
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{929FBD26-9020-399B-9A7A-751D61F0B942}]
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}]
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}]
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}]
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}]
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}]
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23918 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DFFEB619-5455-3697-B145-243D936DB95B}]
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23918 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7B50D081-E670-3B43-A460-0E2CDB5CE984}]
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD9CFD69-EB91-354E-9C98-D439E6091932}]
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B5FC62F5-A367-37A5-9FD2-A6E137C0096F}]
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}]
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)]
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D3415F15-8C15-328C-933C-9075E60843CA}]
Microsoft XNA Framework Redistributable 3.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}]
Microsoft XNA Framework Redistributable 4.0 Refresh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}]
Mixxx 2.0.0 (64-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mixxx (2.0.0)]
Morrowind  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF203EF0-3977-41C7-8705-4F259EEC2B4C}]
Morrowind AnimKit 2.1 (remove only) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Morrowind AnimKit]
Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}]
Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DD67BE4B-7E62-4215-AFA3-F123A800A389}]
Mozilla Firefox 50.1.0 (x86 pl) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 50.1.0 (x86 pl)]
Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]
MPC-HC 1.7.10 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1]
MPC-HC 1.7.10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1]
MSVCRT  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]
MSVCRT Redists [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58}]
MSVCRT110  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}]
MSVCRT110_amd64  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9FA781F-3E80-4399-825A-AD3E11C28C77}]
Muve Downloader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29850ACF-D3C1-4EEC-84C4-DE795C6207F1}]
NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 349040]
Native Instruments Controller Editor [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0886900B-B2F3-452C-B580-60F1253F7F80}]
Native Instruments Controller Editor [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Controller Editor]
Native Instruments Guitar Rig 5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}]
Native Instruments Guitar Rig 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Guitar Rig 5]
Native Instruments Guitar Rig Mobile IO Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2930FB47-6452-4476-BF16-D77F748646DB}]
Native Instruments Guitar Rig Mobile IO Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Guitar Rig Mobile IO Driver]
Native Instruments Guitar Rig Session IO Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7930FB47-6452-4476-BF16-D77F748646DB}]
Native Instruments Guitar Rig Session IO Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Guitar Rig Session IO Driver]
Native Instruments Rig Kontrol 3 Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B962AD08-335F-46f7-A182-257D37672E5C}]
Native Instruments Rig Kontrol 3 Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Rig Kontrol 3 Driver]
Native Instruments Service Center [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}]
Native Instruments Service Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Service Center]
Notepad++  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Notepad++]
NVIDIA Backend [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend]
NVIDIA Container [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer]
NVIDIA Display Container [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer]
NVIDIA Display Container LS [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS]
NVIDIA GeForce Experience 3.2.0.96 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience]
NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer]
NVIDIA LocalSystem Container [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem]
NVIDIA Message Bus for NvContainer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus]
NVIDIA NetworkService Container [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService]
NVIDIA Oprogramowanie systemu PhysX 9.16.0318 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX]
NVIDIA Optimus Update 23.1.0.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus]
NVIDIA Session Container [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session]
NVIDIA ShadowPlay 3.2.0.96 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay]
Nvidia Share [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC]
NVIDIA Sterownik graficzny 376.33 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver]
NVIDIA Telemetry Container [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer]
NVIDIA Update Core [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core]
NVIDIA User Container [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User]
NVIDIA Virtual Audio 3.50.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver]
NVIDIA Watchdog Plugin for NvContainer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog]
NVIDIA Wireless Controller Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService]
NvNodejs  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs]
NvTelemetry  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry]
Oracle VM VirtualBox 4.3.12_ZZZZ [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}]
Ori and the Blind Forest [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ori and the Blind Forest_R.G. Mechanics_is1]
Origin  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Origin]
Overwatch  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Overwatch]
Pakiet sterownik˘w systemu Windows - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\A044C5901003C24E6891688653ABA1068D04A1A0]
Panel sterowania NVIDIA 376.33 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel]
PC Remote [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C934DF74-D0D9-445C-90AA-34012A04E11D}]
Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3EEF6B1E-38AA-4F22-BA70-30A73BB06AAE}]
Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07AAB66E-4718-422D-9218-4AFB3C922A71}]
Pillars of Eternity [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1207666813_is1]
Pillars of Eternity Kickstarter Item [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1427204139_is1]
Pillars of Eternity Kickstarter Item [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Pillars of Eternity Kickstarter Item_is1]
Pillars of Eternity Preorder Item and Pet [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1207666843_is1]
Pillars of Eternity Preorder Item and Pet [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Pillars of Eternity Preorder Item and Pet_is1]
Plustek OpticPro S28 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5265664F-6128-405C-9225-9782A85954FD}]
Podstawowe programy Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}]
Podstawowe programy Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]
Polski pakiet j©zykowy dla narz©dzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK]
PTC Diagnostic Tools [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D8EE1206-5E41-425D-83E7-E6D9886E716D}]
PTC Mathcad Prime 3.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A4F83E8-C604-4970-8A1F-8963B3507630}]
REALTEK Bluetooth Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D3D8C60-A5EF-4123-B2B9-172095903AB}]
Realtek Card Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}]
Realtek Ethernet Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}]
REALTEK Wireless LAN Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}]
Rocket League [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 252950]
Rocksmith  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 205190]
Rockstar Games Social Club [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Rockstar Games Social Club]
SDK Debuggers [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9274C832-3D8A-A294-FDE8-8B9272357098}]
SHIELD Streaming [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv]
SHIELD Wireless Controller Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController]
Skullgirls  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 245170]
Skypet 7.29 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC965A47-4839-40CA-B618-18F486F042C6}]
SmoothVideo Project version 3.1.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SmoothVideo Project_is1]
Split/Second  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{28526951-55EF-4901-A0CA-B9AC966D1DD1}]
Steam  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam]
SteamVR  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 250820]
SVP 4 Free [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c34c71ae-9eca-4b0d-90fb-0fb103b0b9a3}]
Synthesia  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Synthesia]
System Requirements Lab Detection [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7929FAC1-521D-4A22-AB2D-08118608D243}]
TeamSpeak 3 Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TeamSpeak 3 Client]
TeamViewer 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TeamViewer]
TechPowerUp GPU-Z [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TechPowerUp GPU-Z]
The Crew (Worldwide) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uplay Install 413]
Tom Clancy's Rainbow Six Siege [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uplay Install 635]
Tom Clancy's The Division [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uplay Install 568]
Transistor  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 237930]
Tunngle  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tunngle_is1]
Ubisoft Game Launcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{888F1505-C2B3-4FDE-835D-36353EBD4754}]
UPC Fiber Power Optimizer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{631141AD-79AA-447F-B403-21C704D39B8C}]
UPC Fiber Power Optimizer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\UPC Fiber Power Optimizer]
Update Installer for WildTangent Games App [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App]
Uplay  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uplay]
uTorrent  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
Visual Importer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Visual Importer_is1]
Warframe  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 230410]
WebStorage  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WebStorage]
WildTangent Games App [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus]
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 1.0.0.228) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\7504488B89E0121B0737D63957491C9CD2633065]
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}]
Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{659CB81C-B54E-4DF1-B618-F35777393A54}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}]
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}]
Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}]
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D1893000-EA77-493C-8DDD-E262436E959B}]
Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}]
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC57543E-EC54-4AB7-A18C-4B04BB1CF09A}]
Windows Phone IP Over USB [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E7C8E5D3-9EDC-4430-8AEF-FD590937F55F}]
Windows Software Development Kit EULA [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F5C7BAE-1E1A-7C93-1B90-84CE308AFC1C}]
Windows Software Development Kit for Windows 8.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}]
WinFlash  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8F21291E-0444-4B1D-B9F9-4370A73E346D}]
WinRAR 5.21 (32-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
WinRAR 5.31 (64-bitowy) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
 
==== Empty IE Cache ======================
 
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Milosz\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Milosz\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Milosz\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Milosz\AppData\Local\Microsoft\Windows\INetCache\IE\IJRZ0DZY will be deleted at reboot
C:\Users\Milosz\AppData\Local\Microsoft\Windows\INetCache\IE\LMKT56ZX will be deleted at reboot
C:\Users\Milosz\AppData\Local\Microsoft\Windows\INetCache\IE\S0NA5ZGP will be deleted at reboot
 
==== Empty FireFox Cache ======================
 
C:\Users\Milosz\AppData\Local\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888\cache2 emptied successfully
 
==== Empty Chrome Cache ======================
 
C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
No Flash Cache Found
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=890 folders=190 726704472 bytes)
 
==== Empty Temp Folders ======================
 
C:\WINDOWS\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\WINDOWS\Temp successfully emptied
C:\Users\Milosz\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\Users\Milosz\AppData\Local\Microsoft\Windows\INetCache\IE\IJRZ0DZY" not found
"C:\Users\Milosz\AppData\Local\Microsoft\Windows\INetCache\IE\LMKT56ZX" not found
"C:\Users\Milosz\AppData\Local\Microsoft\Windows\INetCache\IE\S0NA5ZGP" not found
 
==== EOF on 2017-01-15 at 17:42:53,82 ======================
 

 

 


Edited by wpadka, 15 January 2017 - 01:18 PM.


#4 wpadka

wpadka
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 15 January 2017 - 01:18 PM

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017

Ran by Milosz (administrator) on CREARTHOR (15-01-2017 18:04:32)
Running from C:\Users\Milosz\Downloads
Loaded Profiles: Milosz (Available Profiles: Milosz)
Platform: Windows 10 Home Version 1607 (X64) Language: Polski (Polska)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Performix LLC) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Electronic Arts) D:\Program Files (x86)\Programy\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Performix LLC) C:\Program Files (x86)\Adguard\Adguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.8265\Battle.net.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5362\Agent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8265\Battle.net Helper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files (x86)\Battle.net\Battle.net.8265\Battle.net Helper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Farbar) C:\Users\Milosz\Downloads\EnglishFRST64.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-08-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [3122152 2016-07-14] (Blizzard Entertainment)
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5622032 2016-12-02] (Performix LLC)
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\MountPoints2: {2b0bc7e1-9e89-11e5-82ab-f079593383b9} - "G:\_DS.exe" 
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\MountPoints2: {386ea456-9f09-11e5-82ad-f079593383b9} - "H:\_DS.exe" 
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\MountPoints2: {a0c5ec1d-652b-11e5-828d-f079593383b9} - "F:\Setup.exe" 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Action Manager 32.lnk [2016-08-25]
ShortcutTarget: Action Manager 32.lnk -> C:\Program Files (x86)\Plustek\OpticPro S28\AM32.exe ()
Startup: C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-01-17]
ShortcutTarget: Curse.lnk -> C:\Users\Milosz\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.179.1.61 62.179.1.63
Tcpip\..\Interfaces\{415e0c7f-b292-4c34-833a-a0fd8ec42a6f}: [DhcpNameServer] 62.179.1.61 62.179.1.63
Tcpip\..\Interfaces\{59325281-2a1f-41d7-ace7-4a8666503714}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{a48027a5-6a58-49d3-bdb3-29aed71c547d}: [DhcpNameServer] 62.179.1.61 62.179.1.63
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1398810750-701520212-253893804-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-1398810750-701520212-253893804-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888 [2017-01-15]
FF NewTab: Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888 -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888 -> about:home
FF Extension: (Flash and Video Download) - C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2017-01-06]
FF Extension: (Adblock Plus) - C:\Users\Milosz\AppData\Roaming\Mozilla\Firefox\Profiles\e6g5jp1d.default-1483643078888\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-26] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-26] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1398810750-701520212-253893804-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-06] ()
 
Chrome: 
=======
CHR Profile: C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default [2017-01-15]
CHR Extension: (Prezentacje Google) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-15]
CHR Extension: (Dokumenty Google) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-15]
CHR Extension: (Dysk Google) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-15]
CHR Extension: (YouTube) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-15]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-15]
CHR Extension: (Gmail) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-15]
CHR Extension: (Chrome Media Router) - C:\Users\Milosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-15]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [151312 2016-12-02] (Performix LLC)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-11-24] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-07-23] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-08-04] (ELAN Microelectronics Corp.)
S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2016-10-23] (Macrovision Europe Ltd.) [File not signed]
S4 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [284224 2016-12-23] (GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-12-02] (GOG.com)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21232 2015-07-09] (Microsoft Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3685968 2015-07-22] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S4 Origin Client Service; D:\Program Files (x86)\Programy\Origin\OriginClientService.exe [2118664 2016-12-03] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Programy\Origin\OriginWebHelperService.exe [2180112 2016-12-03] (Electronic Arts)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [872432 2016-06-23] (Tunngle.net GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S4 0209301483697013mcinstcleanup; C:\Users\Milosz\AppData\Local\Temp\020930~1.EXE -cleanup -nolog [X]
S4 AIPS; d:\Program Files (x86)\netcut\services\AIPS.exe [X]
S4 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]
S2 Phiblysuputher; C:\Program Files (x86)\Jerqerthervnaly\SerpocultCnf.dll [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [74864 2016-10-05] ()
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-09-28] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R3 hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-11-11] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-01-04] (REALiX™)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-06] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-06] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-06] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-07] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-06] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-01-29] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows ® Win 7 DDK provider)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek                                            )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [607512 2015-12-02] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 SRS_SSCFilter; C:\WINDOWS\system32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] ()
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-01-15] (Wellbia.com Co., Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-15 18:01 - 2017-01-15 18:01 - 00852798 _____ C:\Users\Milosz\Downloads\SecurityCheck (1).exe
2017-01-15 18:01 - 2017-01-15 18:01 - 00852798 _____ C:\Users\Milosz\Desktop\SecurityCheck.exe
2017-01-15 17:39 - 2017-01-15 17:39 - 00000259 _____ C:\WINDOWS\SysWOW64\d3dx9_11.dll.tmp
2017-01-15 17:39 - 2017-01-15 17:39 - 00000259 _____ C:\ProgramData\fontcacheev1.dat
2017-01-15 17:28 - 2017-01-15 17:28 - 01127231 _____ C:\Users\Milosz\Downloads\lab 8.pdf
2017-01-15 16:57 - 2017-01-15 16:57 - 00000000 ____D C:\Program Files (x86)\AviSynth+
2017-01-15 16:57 - 2016-10-26 19:06 - 01569792 _____ (The Public) C:\WINDOWS\system32\AviSynth.dll
2017-01-15 16:57 - 2016-10-20 17:30 - 02300928 _____ (Abysmal Software) C:\WINDOWS\system32\DevIL.dll
2017-01-15 16:56 - 2017-01-15 16:57 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-15 15:50 - 2017-01-15 15:50 - 00252493 ____H C:\Users\Milosz\Downloads\~WRL2657.tmp
2017-01-15 15:49 - 2017-01-15 15:49 - 00877041 _____ C:\Users\Milosz\Downloads\Anteny8-1.pdf
2017-01-15 15:34 - 2017-01-15 15:34 - 00000000 ____D C:\Users\Milosz\AppData\Local\NetworkTiles
2017-01-15 15:32 - 2017-01-15 15:32 - 01412458 _____ C:\Users\Milosz\Downloads\Anteny_PFR_zad1i2 (1).zip
2017-01-15 15:12 - 2017-01-15 14:44 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-01-15 14:44 - 2017-01-15 15:10 - 00000000 ____D C:\zoek_backup
2017-01-15 14:33 - 2017-01-15 14:33 - 99701150 _____ C:\Users\Milosz\Downloads\anteny.rar
2017-01-15 14:16 - 2017-01-15 14:16 - 01309184 _____ C:\Users\Milosz\Desktop\zoek.exe
2017-01-15 14:04 - 2017-01-15 14:18 - 343711477 _____ C:\Users\Milosz\Downloads\videoplayback (13)
2017-01-15 14:04 - 2017-01-15 14:17 - 126605165 _____ C:\Users\Milosz\Downloads\videoplayback (14)
2017-01-15 14:04 - 2017-01-15 14:16 - 137630668 _____ C:\Users\Milosz\Downloads\videoplayback (12)
2017-01-15 14:04 - 2017-01-15 14:14 - 210525188 _____ C:\Users\Milosz\Downloads\55365a4f97ced.mp4
2017-01-15 14:03 - 2017-01-15 14:21 - 372875667 _____ C:\Users\Milosz\Downloads\5534d348e671a.mp4
2017-01-15 14:03 - 2017-01-15 14:21 - 361815441 _____ C:\Users\Milosz\Downloads\55335d30955e8.mp4
2017-01-15 13:56 - 2017-01-15 14:14 - 460399600 _____ C:\Users\Milosz\Downloads\580fb062e489d (1).mp4
2017-01-15 13:13 - 2017-01-15 13:23 - 283977868 _____ C:\Users\Milosz\Downloads\580fb062e489d.mp4
2017-01-14 23:53 - 2017-01-14 23:53 - 02007395 _____ C:\Users\Milosz\Downloads\TESTOWNIK NA POPRAWĘ 5.02.2015.rar
2017-01-14 20:14 - 2017-01-14 20:14 - 00382542 _____ C:\Users\Milosz\Downloads\testownik.rar
2017-01-14 19:47 - 2017-01-14 19:47 - 00000005 _____ C:\Users\Milosz\Downloads\kolokwium
2017-01-14 12:34 - 2017-01-15 17:42 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-01-13 01:12 - 2017-01-13 01:12 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2017-01-13 01:11 - 2017-01-13 01:11 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-01-11 22:18 - 2017-01-15 18:05 - 00000000 ____D C:\ProgramData\Adguard
2017-01-11 22:18 - 2017-01-15 17:39 - 00000000 ____D C:\Program Files (x86)\Adguard
2017-01-11 22:18 - 2017-01-11 22:18 - 00000960 _____ C:\Users\Public\Desktop\Adguard.lnk
2017-01-11 22:18 - 2017-01-11 22:18 - 00000259 _____ C:\WINDOWS\SysWOW64\Drivers\vwifikerneldrv.sys
2017-01-11 22:18 - 2017-01-11 22:18 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\Performix LLC
2017-01-11 22:18 - 2017-01-11 22:18 - 00000000 ____D C:\Users\Milosz\AppData\Local\Performix_LLC
2017-01-11 22:18 - 2017-01-11 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard
2017-01-11 22:18 - 2016-10-05 06:26 - 00074864 _____ () C:\WINDOWS\system32\Drivers\adgnetworkwfpdrv.sys
2017-01-11 22:17 - 2017-01-11 22:17 - 00173328 _____ C:\Users\Milosz\Downloads\adguardInstaller.exe
2017-01-11 20:37 - 2017-01-11 20:37 - 00000238 _____ C:\Users\Milosz\Desktop\fixme.reg
2017-01-11 17:35 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 17:35 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 17:35 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 17:35 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 17:35 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 17:35 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 17:35 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 17:35 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 17:35 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 17:35 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 17:35 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 17:35 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 17:35 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 17:35 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 17:35 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 17:35 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 17:35 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 17:35 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 17:35 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 17:35 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 17:35 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 17:35 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 17:35 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 17:35 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 17:35 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 17:35 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 17:35 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 17:35 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 17:35 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 17:35 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 17:35 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 17:35 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 17:35 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 17:35 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 17:35 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 17:35 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 17:35 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 17:35 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 17:35 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 17:35 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 17:35 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 17:35 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 17:35 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 17:35 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 17:34 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 17:34 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:34 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 17:34 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 17:34 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 17:34 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 17:34 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 17:34 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 17:34 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 17:34 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 17:34 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 17:34 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:34 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 17:34 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 17:34 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 17:34 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 17:29 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 17:29 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 17:29 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 17:29 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 17:29 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 17:29 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 17:29 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 17:29 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 17:29 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 17:29 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 17:29 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 17:29 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 17:29 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 17:29 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 17:29 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 17:29 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 17:29 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 17:29 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 17:29 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 17:29 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 17:29 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 17:29 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 17:28 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 17:28 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 17:28 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 17:28 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 17:28 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 17:28 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 17:28 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 17:28 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 17:28 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 17:28 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 17:28 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 17:28 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 17:28 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 17:28 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 17:28 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 17:28 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 17:28 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 17:28 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 17:28 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 17:28 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 17:28 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 17:28 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 17:28 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 17:28 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 17:28 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 17:28 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 17:28 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 17:28 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 17:28 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 17:28 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 17:28 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 17:28 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 17:28 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 17:28 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 17:28 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 17:28 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 17:28 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 17:28 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 17:28 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 17:28 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 17:28 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 17:28 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 17:28 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 17:28 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 17:28 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 17:28 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 17:28 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 17:28 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 17:28 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 17:28 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 17:28 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 17:28 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 17:28 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 17:28 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:28 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 17:28 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 17:28 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 17:28 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 17:28 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 17:28 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 17:28 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 17:28 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 17:28 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 17:28 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 17:28 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 17:28 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 17:28 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 17:28 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 17:27 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 17:27 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 17:27 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 17:27 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 17:27 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 17:27 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 17:27 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 17:27 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 17:27 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 17:27 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 17:27 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 17:27 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 17:27 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 17:27 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:27 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 17:27 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 17:12 - 2017-01-11 17:12 - 00000550 _____ C:\Users\Milosz\Downloads\SystemLook.txt
2017-01-11 17:11 - 2017-01-11 17:12 - 00165376 _____ C:\Users\Milosz\Downloads\SystemLook_x64.exe
2017-01-11 17:11 - 2017-01-11 17:11 - 00139264 _____ C:\Users\Milosz\Downloads\SystemLook.exe
2017-01-11 01:19 - 2017-01-11 01:19 - 00005991 _____ C:\Users\Milosz\Downloads\Otouto Mitai na Sonzai -Piano Solo [Melsarion].mid
2017-01-11 01:15 - 2017-01-11 01:15 - 03988944 _____ C:\Users\Milosz\Downloads\adwcleaner_6.042.exe
2017-01-10 16:38 - 2017-01-15 18:04 - 00000000 ____D C:\Users\Milosz\Downloads\FRST-OlderVersion
2017-01-10 16:38 - 2017-01-10 17:13 - 00003661 _____ C:\Users\Milosz\Downloads\Fixlog.txt
2017-01-10 16:37 - 2017-01-10 16:37 - 00002520 _____ C:\Users\Milosz\Downloads\fixlist.txt
2017-01-09 14:33 - 2017-01-09 14:33 - 52769312 _____ C:\Users\Milosz\Downloads\SmartGesture_Win81_64_VER409.zip
2017-01-07 00:10 - 2017-01-07 00:28 - 252061608 _____ C:\Users\Milosz\Downloads\5706beda5a16d.mp4
2017-01-07 00:10 - 2017-01-07 00:28 - 194704057 _____ C:\Users\Milosz\Downloads\570539050af04.mp4
2017-01-07 00:09 - 2017-01-07 00:27 - 184887685 _____ C:\Users\Milosz\Downloads\570103ad9ec46.mp4
2017-01-06 12:56 - 2017-01-06 12:56 - 01854002 _____ C:\Users\Milosz\Downloads\FRST64.rar
2017-01-06 12:48 - 2017-01-06 13:01 - 00073779 _____ C:\Users\Milosz\Downloads\Addition.txt
2017-01-06 12:45 - 2017-01-15 18:05 - 00027814 _____ C:\Users\Milosz\Downloads\FRST.txt
2017-01-06 12:45 - 2017-01-15 18:04 - 02419200 _____ (Farbar) C:\Users\Milosz\Downloads\EnglishFRST64.exe
2017-01-06 12:45 - 2017-01-10 17:13 - 00000000 ____D C:\FRST
2017-01-06 01:44 - 2017-01-06 11:53 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-06 01:44 - 2017-01-06 01:44 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-06 01:44 - 2017-01-06 01:44 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-06 01:44 - 2017-01-06 01:44 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-06 01:43 - 2017-01-07 17:52 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-06 01:43 - 2017-01-06 01:43 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-06 01:43 - 2017-01-06 01:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-06 01:43 - 2017-01-06 01:43 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-06 01:43 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-06 00:05 - 2017-01-06 00:05 - 00000010 _____ C:\Users\Milosz\Downloads\56ddb8a8127c6.mp4
2017-01-06 00:05 - 2017-01-06 00:05 - 00000010 _____ C:\Users\Milosz\Downloads\56d8982c77a15.mp4
2017-01-06 00:04 - 2017-01-06 00:04 - 00000010 _____ C:\Users\Milosz\Downloads\56ce1664cb57d.mp4
2017-01-05 20:15 - 2017-01-05 20:15 - 00025656 _____ C:\Users\Milosz\Documents\Zeszyt1.ods
2017-01-05 20:15 - 2017-01-05 20:15 - 00015981 _____ C:\Users\Milosz\Documents\ss.ods
2017-01-05 20:04 - 2017-01-05 20:04 - 00000000 ____D C:\Users\Milosz\Desktop\Stare dane programu Firefox
2017-01-05 01:06 - 2017-01-05 01:11 - 172646643 _____ C:\Users\Milosz\Downloads\[Commie]+Musaigen+no+Phantom+World+02+[9DD4F2CB]-muxed.mp4
2017-01-04 22:10 - 2017-01-05 20:15 - 00138471 _____ C:\Users\Milosz\Downloads\wykresy lab 3.xlsx
2017-01-04 20:47 - 2017-01-04 20:47 - 00012121 _____ C:\Users\Milosz\Documents\antćw3.odt
2017-01-04 20:03 - 2017-01-04 20:03 - 01596491 _____ C:\Users\Milosz\Downloads\anteny.zip
2017-01-04 19:31 - 2017-01-05 20:15 - 00199168 _____ C:\Users\Milosz\Downloads\ćw3.xls
2017-01-04 19:12 - 2017-01-04 19:12 - 03344384 _____ C:\Users\Milosz\Downloads\Wyklad4_CM.ppt
2017-01-04 19:04 - 2017-01-04 19:04 - 00000829 _____ C:\Users\Milosz\Downloads\ZysKAL.zip
2017-01-04 18:28 - 2017-01-04 18:28 - 00020343 _____ C:\Users\Milosz\Downloads\7XII.rar
2017-01-04 18:28 - 2017-01-04 18:28 - 00000543 _____ C:\Users\Milosz\Downloads\anteny6.zip
2017-01-04 18:11 - 2017-01-04 18:16 - 00003566 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-04 18:11 - 2017-01-04 18:16 - 00003442 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-04 18:11 - 2017-01-04 18:11 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-04 18:11 - 2017-01-04 18:11 - 00002340 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-04 18:01 - 2017-01-04 18:01 - 00002860 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-01-04 18:01 - 2017-01-04 18:01 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-01-04 18:00 - 2017-01-04 18:01 - 08803648 _____ (Piriform Ltd) C:\Users\Milosz\Downloads\ccsetup525.exe
2017-01-04 17:58 - 2017-01-04 18:10 - 01065376 _____ (Google Inc.) C:\Users\Milosz\Downloads\ChromeSetup.exe
2017-01-04 17:57 - 2017-01-04 17:57 - 00936269 _____ C:\Users\Milosz\Downloads\Sprawozdanie-Anteny-Cw-3-1.pdf
2017-01-04 17:32 - 2017-01-04 17:32 - 00745960 _____ C:\Users\Milosz\Downloads\ANTENY LAB 3.7z
2017-01-04 16:11 - 2017-01-15 15:36 - 00036808 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-01-04 16:05 - 2017-01-04 16:05 - 00008458 _____ C:\Users\Milosz\Downloads\Yuujin A-kun wo Watashi no Bansousha ni Ninmeishimasu - Shigatsu wa Kimi no Uso BGM OST.mid
2017-01-04 14:53 - 2017-01-04 14:53 - 00000000 ___HD C:\ProgramData\5615r248o2m49
2017-01-04 12:07 - 2017-01-10 17:32 - 00000008 __RSH C:\Users\Milosz\ntuser.pol
2017-01-04 11:37 - 2017-01-04 11:38 - 54199488 _____ (Malwarebytes ) C:\Users\Milosz\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-04 11:32 - 2017-01-04 11:32 - 00027552 _____ (REALiX™) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-01-04 11:32 - 2017-01-04 11:32 - 00000000 ____D C:\WINDOWS\IObit
2017-01-04 11:32 - 2017-01-04 11:32 - 00000000 ____D C:\Users\Milosz\AppData\LocalLow\IObit
2017-01-04 11:32 - 2017-01-04 11:32 - 00000000 ____D C:\ProgramData\IObit
2017-01-04 11:31 - 2017-01-04 11:31 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\IObit
2017-01-04 11:30 - 2017-01-10 17:32 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-01-04 11:30 - 2017-01-04 12:05 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\Ghiduryljesy
2017-01-04 11:30 - 2017-01-04 11:49 - 00000000 ____D C:\Users\Milosz\AppData\Local\Chuqokguqas
2017-01-04 10:59 - 2017-01-05 22:50 - 00000000 ____D C:\Users\Milosz\Documents\Black Desert
2017-01-03 22:12 - 2017-01-15 15:36 - 00000000 ____D C:\Users\Milosz\AppData\Local\BlackDesertOnline
2017-01-03 22:12 - 2017-01-03 22:12 - 00000944 _____ C:\Users\Public\Desktop\Black Desert Online.lnk
2017-01-03 22:12 - 2017-01-03 22:12 - 00000944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Black Desert Online.lnk
2017-01-03 22:12 - 2017-01-03 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online
2017-01-03 22:10 - 2017-01-03 22:11 - 50625480 _____ (Daum Games EU) C:\Users\Milosz\Downloads\BlackDesertOnlineSetup_20160228_1005.exe
2017-01-03 18:53 - 2017-01-03 19:00 - 155491846 _____ C:\Users\Milosz\Downloads\Anime Pack, Volume 2.rar
2017-01-03 18:53 - 2017-01-03 18:57 - 183346074 _____ C:\Users\Milosz\Downloads\Anime Pack, Volume 1.rar
2017-01-03 17:55 - 2017-01-03 17:57 - 10576043 _____ C:\Users\Milosz\Downloads\osuplus_1.6.5_stable_1012-0212.apk
2017-01-03 16:45 - 2017-01-03 16:57 - 230703267 _____ C:\Users\Milosz\Downloads\videoplayback (11)
2017-01-03 16:45 - 2017-01-03 16:56 - 219231676 _____ C:\Users\Milosz\Downloads\videoplayback (10)
2017-01-03 16:44 - 2017-01-03 16:59 - 137596338 _____ C:\Users\Milosz\Downloads\55e4820a93566.mp4
2017-01-03 16:44 - 2017-01-03 16:56 - 219173762 _____ C:\Users\Milosz\Downloads\videoplayback (9)
2017-01-03 16:43 - 2017-01-03 16:44 - 06858961 _____ C:\Users\Milosz\Downloads\55d7882fbbd39 (1).mp4
2017-01-03 16:43 - 2017-01-03 16:43 - 09655513 _____ C:\Users\Milosz\Downloads\55d7882fbbd39.mp4
2017-01-03 16:42 - 2017-01-03 16:53 - 211528349 _____ C:\Users\Milosz\Downloads\videoplayback (8)
2017-01-02 21:51 - 2017-01-02 21:51 - 00000222 _____ C:\Users\Milosz\Desktop\Transistor.url
2017-01-02 21:44 - 2017-01-02 21:56 - 227605588 _____ C:\Users\Milosz\Downloads\videoplayback (6)
2017-01-02 21:44 - 2017-01-02 21:56 - 222869995 _____ C:\Users\Milosz\Downloads\videoplayback (7)
2017-01-01 22:04 - 2017-01-01 22:10 - 00869080 _____ C:\Users\Milosz\Downloads\09151219184.pdf
2017-01-01 19:54 - 2017-01-01 20:05 - 235707964 _____ C:\Users\Milosz\Downloads\videoplayback (5)
2017-01-01 19:53 - 2017-01-01 20:05 - 228888085 _____ C:\Users\Milosz\Downloads\videoplayback (3)
2017-01-01 19:53 - 2017-01-01 20:05 - 217400926 _____ C:\Users\Milosz\Downloads\videoplayback (4)
2017-01-01 19:53 - 2017-01-01 20:04 - 235533987 _____ C:\Users\Milosz\Downloads\videoplayback (2)
2017-01-01 19:53 - 2017-01-01 20:04 - 231371396 _____ C:\Users\Milosz\Downloads\videoplayback
2017-01-01 19:53 - 2017-01-01 20:04 - 230154114 _____ C:\Users\Milosz\Downloads\videoplayback (1)
2017-01-01 19:52 - 2017-01-01 19:52 - 03348025 _____ C:\Users\Milosz\Downloads\55a9185f58f2f.mp4
2016-12-31 23:00 - 2016-12-31 23:16 - 186703251 _____ C:\Users\Milosz\Downloads\55a7d651a2472.mp4
2016-12-31 23:00 - 2016-12-31 23:16 - 145694460 _____ C:\Users\Milosz\Downloads\55a50177e488f.mp4
2016-12-31 23:00 - 2016-12-31 23:16 - 143520676 _____ C:\Users\Milosz\Downloads\55a65d5fe9c55.mp4
2016-12-31 23:00 - 2016-12-31 23:15 - 169201570 _____ C:\Users\Milosz\Downloads\553d22c7ed19b.mp4
2016-12-31 23:00 - 2016-12-31 23:15 - 158146049 _____ C:\Users\Milosz\Downloads\553381bd17e35.mp4
2016-12-31 23:00 - 2016-12-31 23:15 - 157794106 _____ C:\Users\Milosz\Downloads\57779c210644f.mp4
2016-12-31 22:59 - 2016-12-31 23:15 - 175203206 _____ C:\Users\Milosz\Downloads\5527d32343e22.mp4
2016-12-31 18:23 - 2017-01-11 23:31 - 00000282 ___SH C:\Users\Milosz\Desktop\desktop.ini
2016-12-30 19:16 - 2016-12-30 19:16 - 00055677 _____ C:\Users\Milosz\Downloads\fizyka-sprawko-55 (1).docx
2016-12-30 17:49 - 2016-12-30 17:49 - 00271696 _____ C:\Users\Milosz\Downloads\1.docx
2016-12-28 23:36 - 2016-12-28 23:37 - 06840832 _____ C:\Users\Milosz\Downloads\5800e476dc98b.mp4
2016-12-27 19:27 - 2016-12-27 19:33 - 310294912 _____ C:\Users\Milosz\Downloads\私の嘘。PianoSolo - NKD.rar
2016-12-27 12:39 - 2016-12-27 12:39 - 01201256 _____ (Adobe Systems Incorporated) C:\Users\Milosz\Downloads\flashplayer24_xa_install.exe
2016-12-25 21:36 - 2016-12-25 21:36 - 00000219 _____ C:\Users\Milosz\Desktop\Left 4 Dead 2.url
2016-12-24 00:09 - 2016-12-24 00:10 - 01871877 _____ C:\Users\Milosz\Downloads\bez_ogonkow.zip
2016-12-24 00:09 - 2016-12-24 00:09 - 00000221 _____ C:\Users\Milosz\Desktop\Borderlands 2.url
2016-12-22 09:42 - 2016-12-22 09:42 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-22 09:42 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-22 09:42 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-22 09:42 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-22 09:42 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-22 09:40 - 2016-12-22 09:40 - 00000162 ____H C:\Users\Milosz\Downloads\~$rawozdanie Anteny Cw 2 — kopia.docx
2016-12-22 09:39 - 2016-12-22 09:39 - 00036864 _____ C:\Users\Milosz\Downloads\Strona_tyt-Lab_ANT (1).doc
2016-12-22 09:35 - 2016-12-12 04:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-22 09:35 - 2016-12-12 04:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-22 09:29 - 2017-01-15 17:39 - 00002938 _____ C:\ProgramData\NvTelemetryContainer.log
2016-12-22 09:29 - 2017-01-15 17:38 - 00006973 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-22 09:28 - 2016-12-12 15:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-22 09:26 - 2016-12-13 00:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-22 09:26 - 2016-12-13 00:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-21 21:52 - 2016-12-21 21:52 - 00888606 _____ C:\Users\Milosz\Downloads\Sprawozdanie Anteny Cw 2 — kopia.pdf
2016-12-21 21:50 - 2016-12-21 21:50 - 00000000 ____D C:\Users\Milosz\Downloads\Guitar Hero 3
2016-12-21 20:23 - 2016-12-21 20:23 - 00017288 _____ C:\Users\Milosz\Downloads\Guitar.Hero.III.Legends.of.Rock - SKIDROW.torrent
2016-12-21 17:45 - 2017-01-15 14:15 - 00085504 ___SH C:\Users\Milosz\Downloads\Thumbs.db
2016-12-21 17:45 - 2016-12-21 17:45 - 00037950 _____ C:\Users\Milosz\Downloads\15609131_1242368105849430_1429133713_o.png
2016-12-21 17:45 - 2016-12-21 17:45 - 00037944 _____ C:\Users\Milosz\Downloads\15658111_1242368129182761_1558614944_o.png
2016-12-21 17:45 - 2016-12-21 17:45 - 00037810 _____ C:\Users\Milosz\Downloads\15658887_1242392462513661_394216176_o.png
2016-12-21 17:45 - 2016-12-21 17:45 - 00033456 _____ C:\Users\Milosz\Downloads\15658970_1242392455846995_876708189_o.png
2016-12-21 17:45 - 2016-12-21 17:45 - 00031720 _____ C:\Users\Milosz\Downloads\15682416_1242392459180328_866642426_o.png
2016-12-21 17:45 - 2016-12-21 17:45 - 00026004 _____ C:\Users\Milosz\Downloads\15631276_1242368099182764_734352725_o.png
2016-12-21 11:26 - 2016-12-22 02:28 - 00080275 _____ C:\Users\Milosz\Downloads\new.xlsx
2016-12-21 00:52 - 2016-12-21 00:52 - 00774162 _____ C:\Users\Milosz\Downloads\projekt-lab-2-vfinal.pdf
2016-12-21 00:39 - 2016-12-21 11:27 - 00047671 _____ C:\Users\Milosz\Downloads\kołek.xlsx
2016-12-20 23:23 - 2016-12-20 23:23 - 00001617 _____ C:\Users\Milosz\Downloads\Niepotwierdzony 639072.crdownload
2016-12-20 23:13 - 2016-12-20 23:13 - 00004892 _____ C:\Users\Milosz\AppData\Local\recently-used.xbel
2016-12-20 21:51 - 2016-12-20 21:51 - 00027510 _____ C:\Users\Milosz\Downloads\PROJEKT-3 (1).docx
2016-12-20 20:48 - 2016-12-20 22:34 - 00025173 _____ C:\Users\Milosz\Downloads\PROJEKT-3.docx
2016-12-20 20:48 - 2016-12-20 20:48 - 00027510 ____H C:\Users\Milosz\Downloads\~WRL2899.tmp
2016-12-20 20:44 - 2016-12-20 20:44 - 00456127 _____ C:\Users\Milosz\Downloads\Analiza_IL-PIAST-2016-12-20-21_57.png
2016-12-20 20:00 - 2016-12-21 20:21 - 00372248 _____ C:\Users\Milosz\Downloads\Sprawozdanie Anteny Cw 2 — kopia.docx
2016-12-20 20:00 - 2016-12-20 20:00 - 00427785 ____H C:\Users\Milosz\Downloads\~WRL1364.tmp
2016-12-20 20:00 - 2016-12-20 20:00 - 00427785 _____ C:\Users\Milosz\Downloads\Sprawozdanie Anteny Cw 2 — kopia (1).docx
2016-12-20 19:56 - 2016-12-20 19:56 - 00009961 _____ C:\Users\Milosz\Downloads\virus.exe.7z
2016-12-18 14:44 - 2016-12-18 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex Workshop v6.8
2016-12-18 14:44 - 2016-12-18 14:44 - 00000000 ____D C:\Program Files\BreakPoint Software
2016-12-18 14:43 - 2016-12-18 14:44 - 18864464 _____ (BreakPoint Software) C:\Users\Milosz\Downloads\hw_v680.exe
2016-12-18 14:42 - 2016-12-22 01:46 - 00000000 ____D C:\Users\Milosz\Documents\Aspyr
2016-12-18 14:41 - 2016-12-18 14:41 - 02548793 _____ C:\Users\Milosz\Downloads\vty-0256.7z
2016-12-18 13:05 - 2016-12-22 01:46 - 00000000 ____D C:\Users\Milosz\AppData\Local\Aspyr
2016-12-18 10:41 - 2017-01-15 11:25 - 03977168 _____ C:\Users\Milosz\Downloads\adwcleaner_6.041 (1).exe
2016-12-18 02:36 - 2017-01-15 11:27 - 00000000 ____D C:\AdwCleaner
2016-12-18 02:36 - 2016-12-18 02:36 - 03977168 _____ C:\Users\Milosz\Downloads\adwcleaner_6.041.exe
2016-12-18 02:35 - 2016-12-18 02:35 - 02964472 _____ (Google) C:\Users\Milosz\Downloads\chrome_cleanup_tool.exe
2016-12-18 00:26 - 2016-12-18 00:26 - 00000935 _____ C:\Users\Public\Desktop\Play Guitar Hero World Tour.lnk
2016-12-17 23:38 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2016-12-17 23:38 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2016-12-17 23:38 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2016-12-17 23:38 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2016-12-17 23:38 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2016-12-17 23:38 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2016-12-17 22:03 - 2016-12-30 19:46 - 00042039 _____ C:\Users\Milosz\Downloads\fizyka-sprawko-55.docx
2016-12-17 15:40 - 2016-12-17 15:40 - 00077884 _____ C:\Users\Milosz\Downloads\15320443_1415514385155381_1975078022_n (1).jpg
2016-12-16 11:55 - 2016-12-16 11:55 - 00077884 _____ C:\Users\Milosz\Downloads\15320443_1415514385155381_1975078022_n.jpg
2016-12-16 11:54 - 2016-12-16 11:54 - 00076031 _____ C:\Users\Milosz\Downloads\15401336_1415514421822044_686343686_n.jpg
2016-12-16 11:54 - 2016-12-16 11:54 - 00060940 _____ C:\Users\Milosz\Downloads\15319500_1415514468488706_174192601_n.jpg
2016-12-16 11:49 - 2016-12-16 11:49 - 00019763 _____ C:\Users\Milosz\Downloads\bilet.pdf
2016-12-16 01:52 - 2016-12-16 01:52 - 00232035 _____ C:\Users\Milosz\Downloads\Kodeki opracowanie FINAL.docx
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-01-15 18:02 - 2016-05-04 00:19 - 00000000 ____D C:\Users\Milosz\AppData\Local\Battle.net
2017-01-15 17:59 - 2016-08-20 09:45 - 00000000 ____D C:\Users\Milosz
2017-01-15 17:46 - 2016-10-07 14:33 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2017-01-15 17:42 - 2016-08-20 09:40 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-15 17:41 - 2016-07-14 18:08 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-15 17:41 - 2015-04-22 07:31 - 00000000 ____D C:\Users\Milosz\AppData\Local\Adobe
2017-01-15 17:40 - 2016-08-20 09:41 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-15 17:40 - 2015-04-19 20:49 - 00000000 __SHD C:\Users\Milosz\IntelGraphicsProfiles
2017-01-15 17:39 - 2016-08-20 10:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-15 17:38 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-15 17:31 - 2015-04-19 20:45 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\Skype
2017-01-15 16:59 - 2016-11-27 14:27 - 00000000 ____D C:\Program Files (x86)\SVP 4
2017-01-15 16:55 - 2016-11-27 14:29 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SVP 4
2017-01-15 16:33 - 2016-08-20 09:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-15 15:14 - 2015-04-19 20:49 - 00000000 ____D C:\Users\Milosz\AppData\Local\Packages
2017-01-15 15:03 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-01-15 13:52 - 2016-11-22 12:24 - 00000000 ____D C:\Users\Milosz\AppData\LocalLow\Mozilla
2017-01-15 12:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-15 11:28 - 2015-04-21 11:55 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\CodeBlocks
2017-01-14 16:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-14 13:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-14 12:41 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-14 00:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-13 05:21 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-13 05:19 - 2014-10-21 05:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-13 01:12 - 2015-12-04 03:54 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-01-12 20:29 - 2015-12-30 15:33 - 00000000 ____D C:\Users\Milosz\AppData\Local\CrashDumps
2017-01-12 18:01 - 2016-11-06 19:19 - 00000000 ____D C:\Users\Milosz\Documents\2016
2017-01-11 23:31 - 2015-04-19 20:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-11 23:25 - 2016-08-20 09:37 - 05020912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-11 23:23 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 23:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 23:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 23:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 23:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 19:02 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 18:57 - 2015-04-19 17:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 18:54 - 2015-04-19 17:26 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-09 18:35 - 2016-07-16 23:05 - 00759766 _____ C:\WINDOWS\system32\perfh015.dat
2017-01-09 18:35 - 2016-07-16 23:05 - 00164102 _____ C:\WINDOWS\system32\perfc015.dat
2017-01-09 18:35 - 2015-07-31 15:57 - 02006156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-06 12:01 - 2016-02-04 16:20 - 00000000 ____D C:\Users\Milosz\Documents\Dla Pawła
2017-01-06 11:24 - 2015-04-22 15:11 - 00000000 ____D C:\Users\Milosz\AppData\Local\Ubisoft Game Launcher
2017-01-06 11:01 - 2015-05-27 15:18 - 00000000 ____D C:\Users\Milosz\.VirtualBox
2017-01-06 11:00 - 2015-09-29 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2017-01-06 10:59 - 2015-10-07 15:07 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-01-06 10:58 - 2016-10-23 22:50 - 00000000 ____D C:\ti
2017-01-06 02:55 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-06 01:43 - 2015-12-10 12:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-05 20:15 - 2016-11-06 18:50 - 00000000 ____D C:\Users\Milosz\Documents\inne
2017-01-05 01:26 - 2016-11-09 17:07 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\MPC-HC
2017-01-04 18:11 - 2015-04-19 22:59 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-04 18:04 - 2016-12-11 12:02 - 00000000 ____D C:\Users\Milosz\AppData\Local\LogMeIn Hamachi
2017-01-04 18:04 - 2016-12-10 13:43 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\uTorrent
2017-01-04 18:04 - 2016-09-05 21:49 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-04 18:04 - 2015-09-28 21:39 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\DAEMON Tools Lite
2017-01-04 17:25 - 2015-12-02 08:38 - 00000000 ____D C:\Temp
2017-01-04 14:53 - 2015-04-19 20:49 - 00000000 ____D C:\Users\Milosz\AppData\Roaming\Adobe
2017-01-04 12:09 - 2016-03-23 09:44 - 00000165 _____ C:\Users\Milosz\AppData\Roaming\sp_data.sys
2017-01-03 18:33 - 2016-09-13 10:38 - 00000000 ___RD C:\Users\Milosz\OneDrive
2017-01-03 14:00 - 2015-08-23 09:07 - 00000000 ____D C:\Users\Milosz\.gimp-2.8
2017-01-01 20:26 - 2015-05-01 21:16 - 00000000 ____D C:\Users\Milosz\AppData\Local\Warframe
2016-12-30 17:50 - 2015-11-07 15:38 - 00000000 ____D C:\Users\Milosz\Documents\Fiz
2016-12-28 21:53 - 2015-05-06 11:04 - 00000000 ____D C:\Users\Milosz\AppData\Local\Diagnostics
2016-12-24 00:52 - 2015-04-19 20:32 - 00000000 ____D C:\Users\Milosz\Documents\My Games
2016-12-23 23:45 - 2015-07-03 19:16 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-12-23 00:13 - 2016-11-09 03:09 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-11-09 03:09 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 09:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-12-22 09:29 - 2016-10-19 20:27 - 00001487 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-22 09:29 - 2016-08-20 09:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-22 09:29 - 2016-08-20 09:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-22 09:29 - 2015-04-19 20:49 - 00000000 ____D C:\Users\Milosz\AppData\Local\NVIDIA
2016-12-22 09:28 - 2015-04-19 20:50 - 00000000 ____D C:\Users\Milosz\AppData\Local\NVIDIA Corporation
2016-12-22 09:28 - 2014-12-25 16:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-22 02:29 - 2016-08-20 09:45 - 00524288 ___SH C:\Users\Milosz\NTUSER.DAT{a33bc43b-66b9-11e6-b1d3-8f5f02bf6f6d}.TMContainer00000000000000000001.regtrans-ms
2016-12-20 23:13 - 2015-08-23 09:08 - 00000000 ____D C:\Users\Milosz\AppData\Local\gtk-2.0
2016-12-20 17:52 - 2015-04-20 12:19 - 00000000 ____D C:\Users\Milosz\AppData\Local\ElevatedDiagnostics
2016-12-18 14:42 - 2015-12-14 01:17 - 00000000 ___RD C:\Users\Milosz\3D Objects
2016-12-18 13:35 - 2016-08-20 09:45 - 00000000 ____D C:\Users\Milosz\AppData\Local\Microsoft
2016-12-18 10:38 - 2015-04-19 15:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-17 23:56 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\assembly
2016-12-16 15:17 - 2016-12-15 17:36 - 00021976 _____ C:\Users\Milosz\Documents\Ćwiczenie 7 PTM (Automatycznie zapisany).docx
2016-12-16 15:17 - 2016-12-15 16:59 - 00022443 _____ C:\Users\Milosz\Downloads\media lab 4(2).docx
 
==================== Files in the root of some directories =======
 
2016-03-23 21:40 - 2016-03-23 21:47 - 0002667 _____ () C:\Users\Milosz\AppData\Roaming\droid4xinstaller.log
2016-02-28 16:54 - 2016-05-09 15:36 - 0004751 _____ () C:\Users\Milosz\AppData\Roaming\LTspiceIV.ini
2015-10-01 19:58 - 2015-10-03 16:32 - 0002155 _____ () C:\Users\Milosz\AppData\Roaming\SpeedRunnersLog.txt
2016-03-23 09:44 - 2017-01-04 12:09 - 0000165 _____ () C:\Users\Milosz\AppData\Roaming\sp_data.sys
2016-04-25 21:16 - 2016-04-25 21:16 - 0000600 _____ () C:\Users\Milosz\AppData\Local\PUTTY.RND
2016-12-20 23:13 - 2016-12-20 23:13 - 0004892 _____ () C:\Users\Milosz\AppData\Local\recently-used.xbel
2015-12-10 20:23 - 2015-12-13 22:09 - 0007602 _____ () C:\Users\Milosz\AppData\Local\Resmon.ResmonCfg
2017-01-15 17:39 - 2017-01-15 17:39 - 0000259 _____ () C:\ProgramData\fontcacheev1.dat
2016-12-22 09:29 - 2017-01-15 17:39 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-22 09:29 - 2017-01-15 17:38 - 0006973 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2016-04-09 16:56 - 2016-04-09 16:56 - 0004131 _____ () C:\ProgramData\rxsmznjf.zcp
2014-10-21 05:28 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-21 05:28 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
 
Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat
C:\Users\Milosz\Uninst0.dat
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-01-03 14:58
 
==================== End of FRST.txt ============================

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2017

Ran by Milosz (15-01-2017 18:05:44)
Running from C:\Users\Milosz\Downloads
Windows 10 Home Version 1607 (X64) (2016-08-20 09:14:35)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1398810750-701520212-253893804-500 - Administrator - Disabled)
Gość (S-1-5-21-1398810750-701520212-253893804-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1398810750-701520212-253893804-1006 - Limited - Enabled)
Konto domyślne (S-1-5-21-1398810750-701520212-253893804-503 - Limited - Disabled)
Milosz (S-1-5-21-1398810750-701520212-253893804-1001 - Administrator - Enabled) => C:\Users\Milosz
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adguard (HKLM-x32\...\{b2963e15-24ed-4084-988e-5b2c8660c1e6}) (Version: 6.1.298.1564 - Performix LLC)
Adguard (x32 Version: 6.1.298.1564 - Performix LLC) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.2.0 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 23.1.0.0 (Version: 23.1.0.0 - NVIDIA Corporation) Hidden
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0035 - ASUS)
Audiosurf 2 (HKLM-x32\...\Steam App 235800) (Version:  - Dylan Fitterer)
AviSynth+ 2294 (HKLM-x32\...\{AC78780F-BACA-4805-8D4F-AE1B52B7E7D3}_is1) (Version: 2294.0 - The Public)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.5 - Daum Games EU)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco Packet Tracer 6.3 (HKLM-x32\...\Cisco Packet Tracer 6.3_is1) (Version:  - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version:  - Brace Yourself Games)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dungeon Siege Legends of Aranna (HKLM-x32\...\Dungeon Siege Legends of Aranna 1.0) (Version:  - Microsoft)
ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.)
Epic Games Launcher (HKLM-x32\...\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}) (Version: 1.1.78.0 - Epic Games, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
ffdshow x64 v1.3.4533 [2014-09-29] (HKLM\...\ffdshow64_is1) (Version: 1.3.4533.0 - )
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
Freemake Video Converter wersja 4.1.7 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.7 - Ellora Assets Corporation)
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameMaker: Player (HKLM-x32\...\GameMakerPlayer) (Version: 1.4.1242.41000 - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guitar Hero III (HKLM-x32\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.00.0000 - Aspyr)
Guitar Hero World Tour (HKLM-x32\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr)
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
HexEdit (HKLM-x32\...\{083EF76E-0760-4D7A-9508-0B88A3AF1889}) (Version: 4.0.0 - Expert Commercial Software Pty Ltd)
HideIPVPN (HKLM-x32\...\HideIPVPN) (Version: 4.0.0.1 - HideIPVPN.com)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
LAV Filters 0.68.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1 - Hendrik Leppkes)
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
LEGO - The Hobbit (HKLM-x32\...\Steam App 285160) (Version:  - Traveller's Tales)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
LTspice IV (HKLM-x32\...\LTspice IV) (Version:  - )
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes (wersja 3.0.5.1299) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MATLAB R2015a (HKLM\...\Matlab R2015a) (Version: 8.5 - MathWorks)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Morrowind (HKLM-x32\...\{EF203EF0-3977-41C7-8705-4F259EEC2B4C}) (Version: 1.6.0.1820 - Bethesda Softworks)
Morrowind AnimKit 2.1 (remove only) (HKLM-x32\...\Morrowind AnimKit) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pl)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MPC-HC 1.7.10 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
Muve Downloader (HKLM-x32\...\{29850ACF-D3C1-4EEC-84C4-DE795C6207F1}) (Version: 1.5.0 - Muve)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 (HKLM-x32\...\Steam App 349040) (Version:  - CyberConnect2 Co. Ltd.)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version:  - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.4.1428 - Native Instruments)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Origin (HKLM-x32\...\Origin) (Version: 10.3.2.64936 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Pakiet sterowników systemu Windows - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Panel sterowania NVIDIA 376.33 (Version: 376.33 - NVIDIA Corporation) Hidden
PC Remote (HKLM-x32\...\{C934DF74-D0D9-445C-90AA-34012A04E11D}) (Version: 3.51 - PC Remote)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.13.0.18 - GOG.com)
Pillars of Eternity Kickstarter Item (HKLM-x32\...\1427204139_is1) (Version: 2.13.0.18 - GOG.com)
Pillars of Eternity Kickstarter Item (HKLM-x32\...\Pillars of Eternity Kickstarter Item_is1) (Version: 2.7.0.15 - GOG.com)
Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\1207666843_is1) (Version: 2.13.0.18 - GOG.com)
Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\Pillars of Eternity Preorder Item and Pet_is1) (Version: 2.7.0.15 - GOG.com)
Plustek OpticPro S28 (HKLM-x32\...\{5265664F-6128-405C-9225-9782A85954FD}) (Version: V4.3.0 - )
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation)
PTC Diagnostic Tools (HKLM\...\{D8EE1206-5E41-425D-83E7-E6D9886E716D}) (Version: 3.0.0.0 - PTC)
PTC Mathcad Prime 3.1 (HKLM\...\{3A4F83E8-C604-4970-8A1F-8963B3507630}) (Version: 3.1.0 - PTC)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.833.833.101614 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rocksmith (HKLM-x32\...\Steam App 205190) (Version:  - Ubisoft - San Francisco)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
SDK Debuggers (x32 Version: 8.100.26936 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Skullgirls (HKLM\...\Steam App 245170) (Version:  - Lab Zero Games)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SmoothVideo Project version 3.1.6 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.6 - SVP)
Split/Second (HKLM-x32\...\{28526951-55EF-4901-A0CA-B9AC966D1DD1}) (Version: 1.00.0000 - Disney Interactive Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamVR (HKLM-x32\...\Steam App 250820) (Version:  - )
SVP 4 Free (HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\{c34c71ae-9eca-4b0d-90fb-0fb103b0b9a3}) (Version: 4.0 - SVP Team)
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
System Requirements Lab Detection (HKLM-x32\...\{7929FAC1-521D-4A22-AB2D-08118608D243}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Transistor (HKLM\...\Steam App 237930) (Version:  - Supergiant Games)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.7 - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UPC Fiber Power Optimizer (HKLM-x32\...\UPC Fiber Power Optimizer) (Version:  - UPC Broadband)
UPC Fiber Power Optimizer (x32 Version: 2.0.0.2 - UPC Broadband) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 7.3 - Ubisoft)
Visual Importer (HKLM-x32\...\Visual Importer_is1) (Version: 5.3.7.1 - DB Software Laboratory)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
Windows Phone IP Over USB (HKLM-x32\...\{E7C8E5D3-9EDC-4430-8AEF-FD590937F55F}) (Version: 10.0.10240.0 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1398810750-701520212-253893804-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B12E8D67895A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1398810750-701520212-253893804-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {102c92bb-e159-4ae0-8779-1402c13f6e62} - no filepath
Task: {132D9DE5-4481-489E-BF0F-18CA2FBA3B1B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {17D06B77-0E1A-4CFA-AB05-6A804ED9DB71} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {18B7EF86-84B2-49A2-95BC-68735EFDA355} - \5615r248o2m49 -> No File <==== ATTENTION
Task: {245AB936-E9AE-4CEA-9437-C66931591249} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {280B1E55-EF1E-4D2C-A388-7F81632771C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {34FB31B6-9D84-42C8-8DEB-0F4451172507} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {40E5A722-566B-47B5-B26D-EFF43B9F4854} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {429E775E-8AF3-4BEB-A523-C1370EEB7BB9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {43455DDA-C6F3-4E73-AB97-14A015801296} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-29] (Microsoft Corporation)
Task: {46811037-2145-471B-ABB3-5CDAC6DE8EBB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {635A0363-FC16-407A-929B-30802BDF83CA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {6E3DEDAD-CD39-4E7C-9483-9A4A6D03E1C2} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {8F28458C-158C-4ABE-A3E0-3EC3616337F8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {94F67E02-5DB0-4B50-AA5C-C8C6904925F9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A855E69C-AC7E-4A77-9EDB-E3A2734BA2BE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BF84422F-46C3-4F46-9B71-54627456D8A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {BF92ECC3-2F1C-44CD-81E9-8D28BC81E009} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C49B3A9F-B4BD-4405-A017-C50F35239C91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {DC1CF410-C6B0-4499-824C-43528E4CE673} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {DEEA6C7A-151B-4E79-B1BC-A1FC97D424EB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {E3208402-DE59-46DE-810C-380737308C5B} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\Milosz\AppData\Roaming\Adobe\Manager.exe
Task: {EEB1997C-A02C-4276-B441-6209E1F4C654} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FAB4F693-435F-4EE7-9EFF-F61EB25CF585} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Milosz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\wpadka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 23:59 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-04 14:53 - 2014-03-22 14:48 - 02854400 _____ () C:\ProgramData\5615r248o2m49\5615r248o2m49.dll
2015-10-11 17:35 - 2013-04-15 10:50 - 00198144 _____ () C:\WINDOWS\System32\HP1006LM.DLL
2015-10-11 17:35 - 2013-04-15 10:50 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1006PP.dll
2016-08-18 10:34 - 2012-09-18 14:27 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2016-10-19 20:26 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-19 20:26 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-20 09:39 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 23:59 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-05-22 18:33 - 2016-05-22 18:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-12-09 06:54 - 2016-12-09 06:54 - 01678560 _____ () C:\Users\Milosz\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-09-15 00:36 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 17:29 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 17:28 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 17:28 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 17:28 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 17:28 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 17:28 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-10 20:34 - 2017-01-10 20:34 - 01448936 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8265\Battle.net Helper.exe
2017-01-04 18:11 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2017-01-04 18:11 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-11-16 16:22 - 2016-11-16 16:22 - 01428240 _____ () C:\Program Files (x86)\Adguard\AdguardNetApi.DLL
2016-11-16 16:22 - 2016-11-16 16:22 - 00142096 _____ () C:\Program Files (x86)\Adguard\AdguardNetLib.DLL
2016-12-03 12:11 - 2016-12-03 12:10 - 02493440 _____ () D:\Program Files (x86)\Programy\Origin\libGLESv2.dll
2015-04-19 23:10 - 2016-12-13 00:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-19 20:26 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-19 20:26 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-10 20:34 - 2017-01-10 20:34 - 37247976 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8265\libcef.dll
2017-01-10 20:34 - 2017-01-10 20:34 - 00540336 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8265\ortp.dll
2017-01-10 20:34 - 2017-01-10 20:34 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8265\libEGL.dll
2017-01-10 20:34 - 2017-01-10 20:34 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8265\libGLESv2.dll
2016-10-19 20:26 - 2016-12-13 00:33 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-10-19 20:26 - 2016-12-12 15:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-19 20:26 - 2016-12-12 15:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-19 20:26 - 2016-12-12 15:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-19 20:26 - 2016-12-12 15:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-19 20:26 - 2016-12-12 15:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-19 20:26 - 2016-12-12 15:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-19 20:26 - 2016-12-12 15:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-22 09:28 - 2016-12-12 15:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2017-01-10 20:34 - 2017-01-10 20:34 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8265\libglesv2.dll
2017-01-10 20:34 - 2017-01-10 20:34 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8265\libegl.dll
2017-01-10 20:34 - 2017-01-10 20:34 - 00990696 _____ () C:\Program Files (x86)\Battle.net\Battle.net.8265\ffmpegsumo.dll
2014-12-25 16:12 - 2013-12-09 16:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:E5914F2B [143]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2016-01-09 15:23 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1398810750-701520212-253893804-1001\Control Panel\Desktop\\Wallpaper -> c:\users\milosz\pictures\tapeta.jpg
DNS Servers: 62.179.1.61 - 62.179.1.63
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: 0209301483697013mcinstcleanup => 2
MSCONFIG\Services: ABBYY.Licensing.PDFTransformer.Classic.4.0 => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AIPS => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: Droid4XService => 2
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: HTCMonitorService => 2
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McBootDelayStartSvc => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: ModuleCoreService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: NIHardwareService => 2
MSCONFIG\Services: nlsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: PEFService => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
HKLM\...\StartupApproved\StartupFolder: => "HandyAndy.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Action Manager 32.lnk"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "NCUpdateHelper"
HKLM\...\StartupApproved\Run32: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1287255F383F8AE755FD3FF198A5E1C5"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "SRS Audio Sandbox"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Milosz\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\StartupApproved\Run: => "PC Remote Server"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [UDP Query User{6CCC487C-E4B0-481B-A0E8-1F23E699995B}C:\program files (x86)\zuxxez\battle vs. chess\battlevschess.exe] => C:\program files (x86)\zuxxez\battle vs. chess\battlevschess.exe
FirewallRules: [TCP Query User{7C5B53D3-FCBB-453C-B1D0-BAC4A81017D9}C:\program files (x86)\zuxxez\battle vs. chess\battlevschess.exe] => C:\program files (x86)\zuxxez\battle vs. chess\battlevschess.exe
FirewallRules: [UDP Query User{8A0E6DAD-8E34-48FB-8FF2-CA5916573C41}C:\program files\java\jdk1.7.0_79\bin\jmc.exe] => C:\program files\java\jdk1.7.0_79\bin\jmc.exe
FirewallRules: [TCP Query User{6FEA47D0-8E8D-4B7C-AF53-217AE769C464}C:\program files\java\jdk1.7.0_79\bin\jmc.exe] => C:\program files\java\jdk1.7.0_79\bin\jmc.exe
FirewallRules: [UDP Query User{1497894A-E6FD-4A7D-8408-B1593A8B9470}I:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => I:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{8B7F1E3E-40B9-4EBA-A6EB-3B2E330AD67B}I:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => I:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{46573893-FED2-4E38-8981-E0CCA3F41227}D:\program files (x86)\gry\overwatch\overwatch.exe] => D:\program files (x86)\gry\overwatch\overwatch.exe
FirewallRules: [TCP Query User{A6D63C80-0010-4023-8A75-65B03E5DA8B9}D:\program files (x86)\gry\overwatch\overwatch.exe] => D:\program files (x86)\gry\overwatch\overwatch.exe
FirewallRules: [UDP Query User{B7924930-D10E-4980-ABB6-287F688520CA}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{D9A0D5FA-B683-45D6-B928-7459E36D4CE3}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => C:\program files (x86)\pc remote\pc remote\pcremote.exe
FirewallRules: [{C1A5CF9D-30C4-4775-8A41-63D86A400AA7}] => LPort=1900
FirewallRules: [{20CC4138-3538-46D0-8CBA-BD02C44032FF}] => LPort=2869
FirewallRules: [{F8B99C6F-E44F-4BA5-B664-36390CE99A33}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1A60C782-FFEE-4AFD-85B4-E929CBBCBC1D}] => C:\Program Files\Oracle\VirtualBox\vboxheadless.exe
FirewallRules: [{6B1507A3-4BBE-40FB-9D33-4B2B47C46CBA}] => C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe
FirewallRules: [{E974B715-61FB-49F9-AC56-8B21534AC91F}] => C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe
FirewallRules: [{6842B825-3B41-42A0-91D6-CC4C5088AE4A}] => C:\Program Files (x86)\Droid4X\Droid4X.exe
FirewallRules: [{877F9BF5-9DAD-4D44-B248-902D0B7321CA}] => D:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{455010EC-013C-493E-B48D-E842AE3DE492}] => D:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{8EF20DEE-39F1-499A-9F35-D6C8A951E6A9}] => D:\Program Files (x86)\Steam\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{D215A8DE-F769-4CEE-A021-E8F50AEF7F02}] => D:\Program Files (x86)\Steam\steamapps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{CFA06CC5-676B-4FD8-8DB6-F23D5954DDD4}] => D:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{25A753B8-948D-42B9-B605-3D70EC48526C}] => D:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{54D2E7BF-FC8D-4007-8551-B79CAE271C5B}] => D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{AA3D176D-095B-4A26-ACA0-B9A33372B485}] => D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A2FA3A03-4939-45B9-B14E-BBCAE6F9330C}] => D:\Program Files (x86)\Steam\steamapps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{3B2AE23E-914D-4DB5-9424-D0641E9FA3A3}] => D:\Program Files (x86)\Steam\steamapps\common\Audiosurf 2\Audiosurf2.exe
FirewallRules: [{137C833E-F63E-469D-9322-B07D133D8BB6}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{55BDB99C-D917-4291-9696-BE8E02E4C57A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{29C7D4B9-8423-43F6-8815-FAD28C3A21F6}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6407F308-8DEE-4484-B868-F99FCB5FB098}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8BFFEC42-F0D5-4225-83FC-E4F4B3583CAC}] => D:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{5D03CC95-4A29-41D6-A27A-EEEAF50D460C}] => D:\Program Files (x86)\Steam\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{52BC35DD-BF05-4358-AEF5-625A03FB164B}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{097ED9EB-3F03-4962-93AB-DA23E9833CE6}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{15E32CA3-50A4-4C3E-B82D-4EB860A1586D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6ECA83CB-A37E-4D40-8207-FE11B7936361}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2966F7E-292A-4501-BE2F-1920065120AF}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9CF1324B-6AB3-453E-B5D4-0935CF86E082}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7FF1318E-C742-4819-B5CB-633A31E66DC0}] => D:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{12D6CB33-DC9F-4D2C-B5BD-91B3455080D9}] => D:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{9732774A-FDB8-41BA-832C-D3D90FB420D4}D:\program files (x86)\gry\gta v\gta5.exe] => D:\program files (x86)\gry\gta v\gta5.exe
FirewallRules: [UDP Query User{E5909AB6-D910-4D98-8CE3-1B78D80B2CC1}D:\program files (x86)\gry\gta v\gta5.exe] => D:\program files (x86)\gry\gta v\gta5.exe
FirewallRules: [{32A136BF-C978-4F13-84A4-3FBF5F21715A}] => D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\bin\win32\vrmonitor.exe
FirewallRules: [{CCE189EF-4DDD-4835-8F27-EEA9D749A173}] => D:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\bin\win32\vrmonitor.exe
FirewallRules: [{083B6FD3-689A-456F-B034-D3A13930B7AC}] => D:\Program Files (x86)\Steam\steamapps\common\Rocksmith\Rocksmith.exe
FirewallRules: [{C52E6E56-3256-4B62-82F6-257957EB09F2}] => D:\Program Files (x86)\Steam\steamapps\common\Rocksmith\Rocksmith.exe
FirewallRules: [{844570A4-3768-4662-A437-17C7AFD7349F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1AC68B1F-013B-4641-A9C5-1F5FF0715440}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9233842C-029E-4CA8-9582-937CC8582FF3}] => D:\Program Files (x86)\Muve\Muve Downloader\Launcher.exe
FirewallRules: [{AC433DA7-4793-459E-BD13-FC11D87F37AE}] => D:\Program Files (x86)\Muve\Muve Downloader\Launcher.exe
FirewallRules: [{11502D18-605C-4E72-874B-1F45C5941F26}] => D:\Program Files (x86)\Muve\Muve Downloader\MuveDownloader.exe
FirewallRules: [{BF2C00AD-88E5-4342-84D5-B600973CB742}] => D:\Program Files (x86)\Muve\Muve Downloader\MuveDownloader.exe
FirewallRules: [{11085F20-6EAB-4B41-9D82-E6CC2CD42A51}] => D:\Program Files (x86)\Gry\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{97718BDC-3573-4903-A57B-BDDBDE3852CD}] => D:\Program Files (x86)\Gry\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{4D38FD06-9E3D-443D-9CBF-1C25A9CD4C63}] => D:\Program Files (x86)\Gry\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{E265C258-EB17-44EE-8986-12FB01DF9125}] => D:\Program Files (x86)\Gry\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [TCP Query User{BEB0921E-F2C4-4476-8348-3649324AC3A0}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{26532067-135B-421F-AB76-0A8B58609C6C}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{FBFEAC20-B703-43AD-8F41-64D81AA0B2AB}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{55C1F625-487B-4B39-92A7-3A53E7AF78FD}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{C3C0CC80-B56E-4049-80BC-AFEDF79E9FE2}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9D7F832E-3A6D-4896-8C90-08122BACA8F9}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8131ADE8-B7EC-4CA4-B9AE-B94215765518}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{EAEB0C5E-031F-44C2-9C26-2338C7DE41D7}C:\program files (x86)\cisco packet tracer 6.3\bin\packettracer6.exe] => C:\program files (x86)\cisco packet tracer 6.3\bin\packettracer6.exe
FirewallRules: [UDP Query User{0C2CE6CB-B7B7-492F-8CC5-8D89F80ED761}C:\program files (x86)\cisco packet tracer 6.3\bin\packettracer6.exe] => C:\program files (x86)\cisco packet tracer 6.3\bin\packettracer6.exe
FirewallRules: [TCP Query User{78A03E80-86A6-4CCF-9802-36AE6EEBD4E8}C:\program files (x86)\java\jre1.8.0_111\bin\jp2launcher.exe] => C:\program files (x86)\java\jre1.8.0_111\bin\jp2launcher.exe
FirewallRules: [UDP Query User{17E4C7C7-FAF1-41CA-9222-54CB00A25374}C:\program files (x86)\java\jre1.8.0_111\bin\jp2launcher.exe] => C:\program files (x86)\java\jre1.8.0_111\bin\jp2launcher.exe
FirewallRules: [{82E08FD0-F76A-4219-B334-574ABE90F96F}] => D:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{B9606EDA-F67D-40BB-A76B-98357C849EA1}] => D:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{C285E9D2-108F-4F77-8AB6-4C41E0BD8377}] => %systemroot%\system32\alg.exe
FirewallRules: [{FA644FDD-7E12-4382-9C25-D21BDE447DDC}] => %systemroot%\system32\alg.exe
FirewallRules: [{7D88C8EA-81BD-47BA-BF3B-228ECADE0DD4}] => %systemroot%\system32\alg.exe
FirewallRules: [{B84D4658-E4D0-4934-8289-63229C7ECC03}] => %systemroot%\system32\alg.exe
FirewallRules: [{B5F7DCA0-240D-4D77-AFE3-2AC57BE92BC3}] => %systemroot%\system32\alg.exe
FirewallRules: [{06518D09-168B-450C-A044-AA3D5A4B3FC3}] => %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{EAE77824-935E-4974-88D3-9168D143D9E9}C:\windows\syswow64\dpnsvr.exe] => C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{F3F3748D-8C7C-4960-981B-C2F5CD1A8F21}C:\windows\syswow64\dpnsvr.exe] => C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{5DA6FCF7-CBDD-45A6-B51B-E2FD3F4413EF}] => D:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{7AD60FCF-9A11-4174-86E2-1F9C5A901901}] => D:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [TCP Query User{B43CF626-CB59-40CD-AFFC-78DD6EE658BB}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [UDP Query User{713C0940-DB30-491A-BD91-53FFD0AC1B86}C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe] => C:\program files (x86)\battle.net\battle.net.8180\battle.net.exe
FirewallRules: [TCP Query User{9BF67ACB-C7D2-4536-9C10-3BF3EEFF6A9A}C:\users\milosz\appdata\roaming\utorrent\utorrent.exe] => C:\users\milosz\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D27A69CC-FAF1-4404-A607-F0043E431B2A}C:\users\milosz\appdata\roaming\utorrent\utorrent.exe] => C:\users\milosz\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{835036F7-3F31-42AF-9580-291461044C10}D:\games\microsoft games\dungeon siege\dsloa.exe] => D:\games\microsoft games\dungeon siege\dsloa.exe
FirewallRules: [UDP Query User{E6F7D09F-169C-4EA2-8D3F-356C3CBA2392}D:\games\microsoft games\dungeon siege\dsloa.exe] => D:\games\microsoft games\dungeon siege\dsloa.exe
FirewallRules: [{66A0A083-7FDC-4EB9-9FC2-F83D12932EE1}] => %systemroot%\system32\alg.exe
FirewallRules: [{9C4E3063-4C36-4A84-8794-45D3992454D4}] => C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{BFD72EBF-0F3F-4C96-B7B7-C3EAA52BCC61}] => C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{E5890101-EF3D-4437-B227-DE1196B3D1A6}] => C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{51BE780C-07C6-446C-813B-43108722A074}] => C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{2B22A251-07C2-4A8C-97A9-E2C0D7325540}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BEB255E0-54F4-443B-9466-8DEF12571E94}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5CF9AEBC-86C7-4727-B3A2-D94A35BB77D3}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7D2936FE-8F85-4760-A614-9C6D5FD8D38F}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{C6CA0CC8-2A9F-491F-ADCD-23753812BAFB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3E0366BD-1352-4964-B3B0-2FCD7FB83D01}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{597DD1D5-08E0-4EFB-A87E-4F099745C572}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{27885301-BFAD-48F0-B78F-FBF28508F65C}] => D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{CB27956B-8940-4FBA-B2C2-707520F83432}] => D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9C050380-7B82-48AC-A8BA-3A6CD59CD1F1}] => D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{D6199A7F-05AC-416E-B338-8F41ACC69E08}] => D:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{C56DAF4E-04F5-46E1-BC8F-646A39F5129E}] => D:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EFC159C0-703D-4E10-B9F9-DA74DEAF0DED}] => D:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FE057F82-F386-41D9-8332-A9D8EB6281B4}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{98E194A0-368D-4AB9-9F72-545610A29E31}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{46A9AAD8-B259-4607-AD32-EB0FEC70C2C6}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{9708AB35-CD32-498E-91C9-A693504AB85D}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C15180AC-4FCF-4499-B201-4DC02D1E784E}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{2C378A84-3C54-42DC-BA0A-EC05955D5AC1}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{5FF6A490-7A38-45B0-9BDE-9A5F02BED128}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4AC53B8A-A35B-46AB-98E9-F759D71E3EA3}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F071DC3B-A1DC-42FE-8232-9709CB61185B}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{35EF6FA0-77A9-4691-8D16-D74ACD7B4C0F}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{84B9A1F0-3D78-4F91-938A-79251CE3264F}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{8D65FE99-62C7-488E-BD8E-DB0226C27D85}] => D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{573F0709-8B87-43C7-8F6C-9444C6531E7A}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6474485E-1E3F-44D4-B64A-01938C828834}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8B78F89C-6777-4274-9A95-BDD81FF16CAB}] => D:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{D0D5199A-9F7D-4351-843C-9E076D19B3EE}] => D:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{3C064CAC-5899-4FD8-971A-123E7DB957D8}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{6FCDEDB3-0529-4E96-9A0B-9113D881F822}] => C:\Users\Milosz\AppData\Local\Temp\is-LKERP.tmp\download\MiniThunderPlatform.exe
FirewallRules: [{0C6D7D19-FB0B-4A6E-8AF9-B00DA3CA9552}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{12BF37F3-D40E-4009-9170-DF42E4A142A4}] => D:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{34D7B187-9FC7-44E6-BF4E-9B739113D8EE}] => D:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{C68B2FF9-6C10-4C89-94DE-F2E7A65A9E98}] => D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{7E12DBF6-4D3A-4DA6-9826-F40032B16956}] => D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C7F6498D-4DDF-436F-94FE-88DC8715DFB2}] => C:\Program Files (x86)\Adguard\AdguardSvc.exe
FirewallRules: [{6E1FA243-A0F5-4145-BB9E-53460782BE0A}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{B502FE9C-4B52-4B37-8692-254490842E8B}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{8522795F-7971-4A99-9495-3C6579C6931A}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{61745EFD-FF37-4C3D-AADB-B1E312165A64}] => C:\Windows\System32\rundll32.exe
 
==================== Restore Points =========================
 
06-01-2017 01:43:59 Removed BCL easyConverter Desktop 3 (Word Version).
09-01-2017 14:35:39 Removed ASUS Smart Gesture
10-01-2017 16:46:24 Removed ASUS Smart Gesture
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/15/2017 04:57:08 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury QueryFullProcessImageNameW.  hr = 0x80070006, Nieprawidłowe dojście.
.
 
 
Operacja:
   Wykonywanie operacji asynchronicznej
 
Kontekst:
   Stan bieżący: DoSnapshotSet
 
Error: (01/15/2017 04:56:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.
 
System Error:
Odmowa dostępu.
.
 
Error: (01/15/2017 03:34:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe w wersji 10.0.14393.479 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania.
 
Identyfikator procesu: 19e4
 
Godzina rozpoczęcia: 01d26e5a09df11c9
 
Godzina zakończenia: 0
 
Ścieżka aplikacji: C:\Windows\explorer.exe
 
Identyfikator raportu: 854f0bdb-db2f-11e6-8337-f079593383b9
 
Pełna nazwa pakietu powodującego błąd: 
 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (01/15/2017 02:47:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury QueryFullProcessImageNameW.  hr = 0x80070006, Nieprawidłowe dojście.
.
 
 
Operacja:
   Wykonywanie operacji asynchronicznej
 
Kontekst:
   Stan bieżący: DoSnapshotSet
 
Error: (01/15/2017 02:47:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft.
 
System Error:
Odmowa dostępu.
.
 
Error: (01/15/2017 11:21:51 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (01/14/2017 12:38:31 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (01/13/2017 10:38:26 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (01/12/2017 08:29:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: xcoronahost.xem, wersja: 3.5.0.42, sygnatura czasowa: 0x5474a737
Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00000000
Identyfikator procesu powodującego błąd: 0x2678
Godzina uruchomienia aplikacji powodującej błąd: 0x01d26d062c63f2a0
Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\Black Desert Online\bin64\XC\NA\2\xcoronahost.xem
Ścieżka modułu powodującego błąd: unknown
Identyfikator raportu: bc1ff1fd-755b-4dee-8f88-7aa4d77c50e5
Pełna nazwa pakietu powodującego błąd: 
Identyfikator aplikacji względem pakietu powodującego błąd:
 
Error: (01/12/2017 12:00:30 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
 
System errors:
=============
Error: (01/15/2017 05:40:26 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 i identyfikatorem aplikacji APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
 
Error: (01/15/2017 05:40:26 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 i identyfikatorem aplikacji APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
 
Error: (01/15/2017 05:40:25 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 i identyfikatorem aplikacji APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
 
Error: (01/15/2017 05:39:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Phiblysuputher zakończyła działanie; wystąpił następujący błąd: 
Nie można odnaleźć określonego modułu.
 
Error: (01/15/2017 05:37:40 PM) (Source: DCOM) (EventID: 10010) (User: CREARTHOR)
Description: Serwer {D63B10C5-BB46-4990-A94F-E40B9D520160} nie zarejestrował się w modelu DCOM w wymaganym czasie.
 
Error: (01/15/2017 05:37:22 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 i identyfikatorem aplikacji APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
 
Error: (01/15/2017 04:34:09 PM) (Source: DCOM) (EventID: 10016) (User: CREARTHOR)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 i identyfikatorem aplikacji APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 użytkownikowi Crearthor\Milosz o identyfikatorze zabezpieczeń SID (S-1-5-21-1398810750-701520212-253893804-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (S-1-15-2-876514525-4186005252-1227212836-2777855676-728355931-1019161079-3581676753). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
 
Error: (01/15/2017 04:34:00 PM) (Source: DCOM) (EventID: 10016) (User: CREARTHOR)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 i identyfikatorem aplikacji APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 użytkownikowi Crearthor\Milosz o identyfikatorze zabezpieczeń SID (S-1-5-21-1398810750-701520212-253893804-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (S-1-15-2-876514525-4186005252-1227212836-2777855676-728355931-1019161079-3581676753). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
 
Error: (01/15/2017 03:35:39 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT)
Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 i identyfikatorem aplikacji APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe.
 
Error: (01/15/2017 03:02:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie.
 
 
CodeIntegrity:
===================================
  Date: 2017-01-15 17:50:07.176
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-14 12:53:10.009
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-12 12:20:12.586
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-11 12:02:15.873
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-10 12:04:37.522
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-06 11:31:44.443
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-06 01:44:25.771
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-01-05 00:12:25.371
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-04 13:13:34.425
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-01-01 22:18:27.859
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 8075.01 MB
Available physical RAM: 3598.27 MB
Total Virtual: 13963.01 MB
Available Virtual: 8781.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:150.15 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:15.58 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A0A05130)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 


#5 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:55 PM

Posted 15 January 2017 - 01:51 PM

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your Desktop, but you have: Running from C:\Users\Milosz\Downloads) as fixlist.txt

 
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\MountPoints2: {2b0bc7e1-9e89-11e5-82ab-f079593383b9} - "G:\_DS.exe" 
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\MountPoints2: {386ea456-9f09-11e5-82ad-f079593383b9} - "H:\_DS.exe" 
HKU\S-1-5-21-1398810750-701520212-253893804-1001\...\MountPoints2: {a0c5ec1d-652b-11e5-828d-f079593383b9} - "F:\Setup.exe" 
ShortcutTarget: Curse.lnk -> C:\Users\Milosz\AppData\Roaming\Curse Client\Bin\Curse.exe (No File)
SearchScopes: HKU\S-1-5-21-1398810750-701520212-253893804-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
S4 0209301483697013mcinstcleanup; C:\Users\Milosz\AppData\Local\Temp\020930~1.EXE -cleanup -nolog [X]
S4 AIPS; d:\Program Files (x86)\netcut\services\AIPS.exe [X]
S4 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]
S2 Phiblysuputher; C:\Program Files (x86)\Jerqerthervnaly\SerpocultCnf.dll [X]
C:\ProgramData\fontcacheev1.dat
C:\Users\Milosz\Uninst0.dat
CustomCLSID: HKU\S-1-5-21-1398810750-701520212-253893804-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B12E8D67895A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
Task: {102c92bb-e159-4ae0-8779-1402c13f6e62} - no filepath
Task: {17D06B77-0E1A-4CFA-AB05-6A804ED9DB71} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {18B7EF86-84B2-49A2-95BC-68735EFDA355} - \5615r248o2m49 -> No File <==== ATTENTION
Task: {280B1E55-EF1E-4D2C-A388-7F81632771C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {34FB31B6-9D84-42C8-8DEB-0F4451172507} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {40E5A722-566B-47B5-B26D-EFF43B9F4854} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {429E775E-8AF3-4BEB-A523-C1370EEB7BB9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {46811037-2145-471B-ABB3-5CDAC6DE8EBB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {94F67E02-5DB0-4B50-AA5C-C8C6904925F9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A855E69C-AC7E-4A77-9EDB-E3A2734BA2BE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BF92ECC3-2F1C-44CD-81E9-8D28BC81E009} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EEB1997C-A02C-4276-B441-6209E1F4C654} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FAB4F693-435F-4EE7-9EFF-F61EB25CF585} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:E5914F2B [143]
FirewallRules: [{6FCDEDB3-0529-4E96-9A0B-9113D881F822}] => C:\Users\Milosz\AppData\Local\Temp\is-LKERP.tmp\download\MiniThunderPlatform.exe
EmptyTemp:
End

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#6 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:55 PM

Posted 18 January 2017 - 04:09 AM

Hi,

it has been several days since I sent my last set of instructions to help with your computer problem.

Please let me know if you are having problems and still need help.

Note: Thread will be closed if no response after 3 days.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:06:55 PM

Posted 24 January 2017 - 03:57 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users