Logi

From az121212, 5 Years ago, written in Plain Text.

Embed

Download Paste or View Raw
Hits: 322

OTL

OTL logfile created on: 2018-07-19 16:19:00 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Agnieszka\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,53 Gb Available Physical Memory | 70,16% Memory free

15,77 Gb Paging File | 13,43 Gb Available in Paging File | 85,14% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 227,68 Gb Total Space | 62,78 Gb Free Space | 27,57% Space Free | Partition Type: NTFS

Drive D: | 238,08 Gb Total Space | 213,99 Gb Free Space | 89,88% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Agnieszka | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2018-07-19 16:18:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Agnieszka\Downloads\OTL.exe

PRC - [2018-07-18 12:12:40 | 010,828,504 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2018-07-18 10:28:47 | 000,322,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2018-04-20 10:53:04 | 003,943,664 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

PRC - [2018-04-20 10:51:12 | 003,892,256 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

PRC - [2018-04-20 10:48:08 | 006,788,032 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

PRC - [2018-03-21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2013-05-04 15:16:41 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe

PRC - [2012-07-17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2012-07-17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2012-07-13 17:37:46 | 000,017,376 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

PRC - [2012-06-25 17:19:24 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

PRC - [2012-06-25 15:54:28 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

PRC - [2012-06-25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

PRC - [2012-06-19 13:59:04 | 000,174,752 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

PRC - [2012-05-28 10:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

PRC - [2012-05-07 15:10:20 | 001,121,448 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

PRC - [2012-05-03 15:13:10 | 000,309,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe

PRC - [2012-04-24 02:17:00 | 002,458,944 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

PRC - [2012-04-13 10:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe

PRC - [2012-02-21 14:49:04 | 000,102,568 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

PRC - [2012-02-21 14:49:00 | 000,162,456 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe

PRC - [2012-02-16 16:01:36 | 000,473,728 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe

PRC - [2012-02-07 06:12:52 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

PRC - [2011-11-21 14:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

PRC - [2011-11-21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

PRC - [2009-06-19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

PRC - [2009-06-19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

PRC - [2008-12-22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2018-07-18 10:30:39 | 067,126,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll

MOD - [2018-07-18 10:28:51 | 000,483,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\streamback.dll

MOD - [2018-07-18 10:28:42 | 000,282,840 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

MOD - [2012-02-21 14:49:00 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2018-07-18 10:28:47 | 000,322,464 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:[b]64bit:[/b] - [2018-07-18 10:28:43 | 007,780,400 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)

SRV:[b]64bit:[/b] - [2017-08-14 12:30:26 | 002,291,904 | ---- | M] (Disc Soft Ltd) [On_Demand | Running] -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe -- (Disc Soft Lite Bus Service)

SRV:[b]64bit:[/b] - [2016-05-10 09:56:46 | 000,037,504 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)

SRV:[b]64bit:[/b] - [2012-04-20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)

SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2018-07-18 10:25:01 | 000,194,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2018-07-18 10:18:53 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2018-05-22 12:54:56 | 000,779,392 | ---- | M] (EasyAntiCheat Ltd) [Disabled | Stopped] -- C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe -- (EasyAntiCheat)

SRV - [2018-03-21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012-07-17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2012-07-17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2012-06-25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)

SRV - [2012-04-24 02:17:00 | 002,458,944 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012-04-13 10:14:00 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)

SRV - [2012-02-22 09:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)

SRV - [2011-12-29 15:27:48 | 000,158,880 | ---- | M] (Atheros) [Disabled | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)

SRV - [2011-12-29 15:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Disabled | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)

SRV - [2011-11-21 14:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)

SRV - [2011-11-21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)

SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,463,080 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,381,584 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,211,160 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,159,640 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,085,968 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,046,976 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:55 | 000,197,160 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswArPot.sys -- (aswArPot)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:55 | 000,111,872 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:45 | 001,027,728 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:42 | 000,239,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswHdsKe.sys -- (aswHdsKe)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:41 | 000,346,664 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:41 | 000,201,328 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:41 | 000,059,592 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)

DRV:[b]64bit:[/b] - [2018-07-18 10:28:40 | 000,229,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)

DRV:[b]64bit:[/b] - [2017-09-03 17:19:57 | 000,047,672 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtliteusbbus.sys -- (dtliteusbbus)

DRV:[b]64bit:[/b] - [2017-09-03 17:19:32 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)

DRV:[b]64bit:[/b] - [2016-04-21 11:10:04 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)

DRV:[b]64bit:[/b] - [2015-03-05 11:00:00 | 004,137,472 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:[b]64bit:[/b] - [2012-07-13 17:37:48 | 000,049,824 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)

DRV:[b]64bit:[/b] - [2012-07-13 17:37:48 | 000,035,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)

DRV:[b]64bit:[/b] - [2012-07-13 17:37:46 | 000,019,104 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)

DRV:[b]64bit:[/b] - [2012-07-02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:[b]64bit:[/b] - [2012-05-07 15:10:18 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)

DRV:[b]64bit:[/b] - [2012-04-24 02:17:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)

DRV:[b]64bit:[/b] - [2012-03-01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:[b]64bit:[/b] - [2012-02-22 09:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:[b]64bit:[/b] - [2012-02-20 04:31:14 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

DRV:[b]64bit:[/b] - [2012-02-07 06:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)

DRV:[b]64bit:[/b] - [2012-02-07 06:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)

DRV:[b]64bit:[/b] - [2012-02-07 06:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)

DRV:[b]64bit:[/b] - [2012-02-01 11:06:18 | 000,292,968 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)

DRV:[b]64bit:[/b] - [2011-12-29 15:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)

DRV:[b]64bit:[/b] - [2011-12-29 15:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)

DRV:[b]64bit:[/b] - [2011-12-29 15:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)

DRV:[b]64bit:[/b] - [2011-12-29 15:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)

DRV:[b]64bit:[/b] - [2011-12-29 15:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)

DRV:[b]64bit:[/b] - [2011-12-29 15:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)

DRV:[b]64bit:[/b] - [2011-12-29 15:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)

DRV:[b]64bit:[/b] - [2011-12-29 15:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)

DRV:[b]64bit:[/b] - [2011-12-23 05:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:[b]64bit:[/b] - [2011-08-23 15:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:[b]64bit:[/b] - [2009-07-20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)

DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:[b]64bit:[/b] - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2011-09-07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009-07-02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "PL"

FF - prefs.js..browser.search.region: "PL"

FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2013-05-04 16:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\Extensions

[2017-11-17 11:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\SystemExtensionsDev

[2018-07-19 12:18:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\Firefox\Profiles\hs2g5730.default-1531903920870\extensions

[2018-07-19 12:18:25 | 002,457,020 | ---- | M] () (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\firefox\profiles\hs2g5730.default-1531903920870\extensions\[email protected]

O1 HOSTS File: ([2013-05-04 15:52:32 | 000,000,921 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 genuine.microsoft.com

O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com

O1 - Hosts: 127.0.0.1 sls.microsoft.com

O2:[b]64bit:[/b] - BHO: (ASUS Browser Extension x64) - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)

O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O4:[b]64bit:[/b] - HKLM..\Run: [ASUS Quick Gesture (x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.)

O4:[b]64bit:[/b] - HKLM..\Run: [ASUS Quick Gesture (x86)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.)

O4:[b]64bit:[/b] - HKLM..\Run: [ASUS TP Center (x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek)

O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)

O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)

O4:[b]64bit:[/b] - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)

O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)

O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)

O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)

O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)

O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)

O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)

O4 - HKCU..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O13[b]64bit:[/b] - gopher Prefix: missing

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 31.11.202.254 37.8.214.2

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A39DCEA6-AE18-446E-A073-25F0B53414D3}: DhcpNameServer = 31.11.202.254 37.8.214.2

O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found

O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{1e689c3c-b4e9-11e2-967b-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{1e689c3c-b4e9-11e2-967b-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe

O33 - MountPoints2\{5905c1c1-0d6a-11e8-9d11-2016d8634425}\Shell - "" = AutoRun

O33 - MountPoints2\{5905c1c1-0d6a-11e8-9d11-2016d8634425}\Shell\AutoRun\command - "" = G:\HiSuiteDownLoader.exe

O33 - MountPoints2\{87335f18-68cc-11e5-bbf9-2016d8634425}\Shell - "" = AutoRun

O33 - MountPoints2\{87335f18-68cc-11e5-bbf9-2016d8634425}\Shell\AutoRun\command - "" = F:\HiSuiteDownLoader.exe

O33 - MountPoints2\{996c72d4-229a-11e3-8a4c-2016d8634425}\Shell - "" = AutoRun

O33 - MountPoints2\{996c72d4-229a-11e3-8a4c-2016d8634425}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe

O33 - MountPoints2\{dc6e2375-a377-11e3-a288-2016d8634425}\Shell - "" = AutoRun

O33 - MountPoints2\{dc6e2375-a377-11e3-a288-2016d8634425}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*

O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*

O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2018-07-19 16:11:41 | 000,000,000 | R--D | C] -- C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

[2018-07-19 12:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

[2018-07-19 12:26:24 | 000,032,168 | ---- | C] (Safer-Networking Ltd.) -- C:\Windows\SysNative\sdnclean64.exe

[2018-07-19 12:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2018-07-19 12:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2

[2018-07-18 10:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2018-07-18 10:49:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

[2018-07-18 10:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2018-07-18 10:30:48 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\AVAST Software

[2018-07-18 10:30:46 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\AVAST Software

[2018-07-18 10:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software

[2018-07-18 10:29:07 | 001,027,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2018-07-18 10:29:07 | 000,463,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2018-07-18 10:29:07 | 000,381,584 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys

[2018-07-18 10:29:07 | 000,346,664 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbloga.sys

[2018-07-18 10:29:07 | 000,239,680 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHdsKe.sys

[2018-07-18 10:29:07 | 000,229,392 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys

[2018-07-18 10:29:07 | 000,211,160 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys

[2018-07-18 10:29:07 | 000,201,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsha.sys

[2018-07-18 10:29:07 | 000,197,160 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswArPot.sys

[2018-07-18 10:29:07 | 000,159,640 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2018-07-18 10:29:07 | 000,111,872 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys

[2018-07-18 10:29:07 | 000,085,968 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys

[2018-07-18 10:29:07 | 000,059,592 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbuniva.sys

[2018-07-18 10:29:07 | 000,046,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys

[2018-07-18 10:29:01 | 001,142,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll

[2018-07-18 10:29:01 | 001,001,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll

[2018-07-18 10:29:01 | 000,378,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2018-07-18 10:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVAST Software

[2018-07-18 10:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2018-07-18 10:27:11 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software

[2018-07-18 10:21:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2018-07-06 13:23:27 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\TDUeditor

[2018-07-06 12:08:12 | 000,000,000 | ---D | C] -- C:\acr_logs

[2018-07-06 08:36:31 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Desktop\SARDU_324

[2018-07-05 17:54:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Steam

[2018-07-05 17:16:52 | 006,981,240 | ---- | C] (ESET spol. s r.o.) -- C:\Users\Agnieszka\Desktop\esetonlinescanner_enu.exe

[2018-07-05 16:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heliborne Dragons Awakening

[2018-07-05 16:36:50 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Desktop\Supreme.Commander.MULTi9

[2018-07-05 14:17:28 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Documents\ZombieDriverHD

[2018-07-05 13:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exor Studios

[2018-07-05 12:56:39 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\Targem

[2018-07-05 12:56:39 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Documents\My Games

[2018-07-05 11:40:20 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Documents\Test Drive Unlimited

[2018-07-05 11:38:35 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\paradise_launcher

[2018-07-05 11:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Test Drive Unlimited

[2018-07-05 11:36:34 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\Gaijin

[2018-07-05 11:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Gaijin

[2018-07-05 11:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyAntiCheat

[2018-07-05 11:36:31 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout

[2018-07-05 11:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Test Drive Unlimited ReincarnaTion

[2018-07-05 10:06:29 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\uTorrent

[2009-07-14 03:14:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Users\Agnieszka\OiNEFMLyeniag.exe

[1 C:\Users\Agnieszka\Desktop\*.tmp files -> C:\Users\Agnieszka\Desktop\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2018-07-19 16:16:59 | 001,676,974 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2018-07-19 16:16:59 | 000,743,280 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2018-07-19 16:16:59 | 000,656,628 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2018-07-19 16:16:59 | 000,156,730 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2018-07-19 16:16:59 | 000,122,440 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2018-07-19 16:11:45 | 000,000,387 | ---- | M] () -- C:\Users\Agnieszka\AppData\Roaming\sp_data.sys

[2018-07-19 16:09:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2018-07-19 16:09:06 | 2057,424,895 | -HS- | M] () -- C:\hiberfil.sys

[2018-07-19 16:08:34 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2018-07-19 16:08:34 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2018-07-19 13:22:21 | 000,000,114 | ---- | M] () -- C:\Windows\wininit.ini

[2018-07-19 12:26:33 | 000,001,379 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

[2018-07-18 10:50:34 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2018-07-18 10:49:57 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2018-07-18 10:30:44 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk

[2018-07-18 10:28:56 | 000,463,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2018-07-18 10:28:56 | 000,381,584 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys

[2018-07-18 10:28:56 | 000,211,160 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys

[2018-07-18 10:28:56 | 000,159,640 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2018-07-18 10:28:56 | 000,085,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys

[2018-07-18 10:28:56 | 000,046,976 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys

[2018-07-18 10:28:55 | 000,378,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2018-07-18 10:28:55 | 000,197,160 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswArPot.sys

[2018-07-18 10:28:55 | 000,111,872 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys

[2018-07-18 10:28:53 | 001,142,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll

[2018-07-18 10:28:53 | 001,001,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll

[2018-07-18 10:28:45 | 001,027,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2018-07-18 10:28:42 | 000,239,680 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHdsKe.sys

[2018-07-18 10:28:41 | 000,346,664 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbloga.sys

[2018-07-18 10:28:41 | 000,201,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsha.sys

[2018-07-18 10:28:41 | 000,059,592 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbuniva.sys

[2018-07-18 10:28:40 | 000,229,392 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys

[2018-07-18 10:18:53 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2018-07-18 10:18:53 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2018-07-06 11:46:57 | 000,422,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2018-07-05 21:04:30 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job

[2018-07-05 17:16:57 | 006,981,240 | ---- | M] (ESET spol. s r.o.) -- C:\Users\Agnieszka\Desktop\esetonlinescanner_enu.exe

[2018-07-05 10:18:14 | 000,000,002 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\WMI.ini

[2018-07-05 10:06:29 | 000,000,853 | ---- | M] () -- C:\Users\Agnieszka\Desktop\µTorrent.lnk

[2018-07-05 09:28:29 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll

[1 C:\Users\Agnieszka\Desktop\*.tmp files -> C:\Users\Agnieszka\Desktop\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2018-07-19 16:10:46 | 000,001,268 | ---- | C] () -- C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2018-07-19 13:22:21 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini

[2018-07-19 12:26:33 | 000,001,391 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

[2018-07-19 12:26:33 | 000,001,379 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

[2018-07-18 10:49:57 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2018-07-18 10:30:44 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk

[2018-07-05 10:18:14 | 000,000,002 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\WMI.ini

[2018-07-05 10:06:29 | 000,000,853 | ---- | C] () -- C:\Users\Agnieszka\Desktop\µTorrent.lnk

[2018-07-05 09:28:29 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll

[2018-02-02 15:43:47 | 000,001,320 | ---- | C] () -- C:\Users\Agnieszka\Freemake Video Converter.lnk

[2017-09-01 17:08:02 | 000,013,312 | ---- | C] () -- C:\Windows\SDL_net.dll

[2017-09-01 17:04:58 | 000,448,231 | ---- | C] () -- C:\Windows\sdl.dll

[2016-06-22 13:27:00 | 000,227,365 | ---- | C] () -- C:\Users\Agnieszka\13509576_1132322483476306_2078620343_o(1).jpg

[2016-05-08 15:05:35 | 000,164,757 | ---- | C] () -- C:\Users\Agnieszka\13177595_1101458853229336_236600193053475177_n.jpg

[2015-05-13 13:16:35 | 001,728,113 | ---- | C] () -- C:\Users\Agnieszka\Łubińska Agnieszka.pdf

[2015-03-02 23:28:55 | 000,070,691 | ---- | C] () -- C:\Users\Agnieszka\hgh.jpg

[2014-04-20 18:18:49 | 000,112,241 | ---- | C] () -- C:\Users\Agnieszka\pandzia.jpg

[2014-02-14 20:28:41 | 000,004,608 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013-09-04 19:04:48 | 001,536,596 | ---- | C] () -- C:\Users\Agnieszka\Sherry Argov - Dlaczego mezczyzni kochaja zolzy [PL] [.pdf].pdf

[2013-09-01 21:36:31 | 000,000,860 | ---- | C] () -- C:\Users\Agnieszka\CCleaner.lnk

[2013-05-05 19:46:17 | 004,598,588 | ---- | C] () -- C:\Users\Agnieszka\IMG_0013.JPG

[2013-05-04 15:35:13 | 000,000,017 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\resmon.resmoncfg

[2013-05-04 15:24:52 | 000,000,387 | ---- | C] () -- C:\Users\Agnieszka\AppData\Roaming\sp_data.sys

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Extras

OTL Extras logfile created on: 2018-07-19 16:19:00 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Agnieszka\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,53 Gb Available Physical Memory | 70,16% Memory free

15,77 Gb Paging File | 13,43 Gb Available in Paging File | 85,14% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 227,68 Gb Total Space | 62,78 Gb Free Space | 27,57% Space Free | Partition Type: NTFS

Drive D: | 238,08 Gb Total Space | 213,99 Gb Free Space | 89,88% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Agnieszka | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()

Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()

Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{06455A94-E7E3-445F-BF09-20791838C2AB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

"{06ECF59F-658F-49C3-ADFE-2D3BA4EC50DF}" = lport=139 | protocol=6 | dir=in | app=system |

"{182F7726-303D-43DF-BF3A-4F9D74E5409A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{1E11EA80-75A7-47DE-843E-A93AB9D3A8C2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{2094A525-4E92-4410-8D0D-5132384DDF58}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{243C93D2-2C14-4A1B-8524-3BA5E3935B26}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{2FB166BE-294C-46FB-B6C6-FBF200E60E15}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{36DDCF61-8F4D-4F75-A553-5261E56511E2}" = lport=445 | protocol=6 | dir=in | app=system |

"{3FED752E-6211-4AD7-86C1-52C300526825}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{422D2FE4-95CB-48AB-9FBE-043F6DD63F20}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{5243676D-7000-497D-BF35-4B9909912650}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{6B72C46F-449C-4566-A700-023A0DF11694}" = rport=10243 | protocol=6 | dir=out | app=system |

"{70C7E9FA-92B2-4E54-B0BE-EAD50DDA86BA}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |

"{7E340CD0-9251-43C8-A90F-8CACB4126141}" = rport=445 | protocol=6 | dir=out | app=system |

"{7E5C3FC3-3D18-47C3-B2F3-72561A9D47C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{800BF457-3C72-4D8F-83A1-F99FD255CF52}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

"{91122527-71E8-42B7-B2E0-3E89ED4BED07}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{92482748-5928-4B26-9650-367D572F5FBD}" = lport=11155 | protocol=17 | dir=in | name=11155 \udp |

"{93108E78-3181-4E7D-B0B2-F1383582CF53}" = rport=138 | protocol=17 | dir=out | app=system |

"{95C23585-D99B-4A8C-A1CE-729B70F7DCC2}" = rport=137 | protocol=17 | dir=out | app=system |

"{AFB92AFD-A061-446A-B5CC-AD93E5D199BA}" = lport=2869 | protocol=6 | dir=in | app=system |

"{B3934B62-FB9B-49AB-BCC3-F91D6AE4E4DC}" = lport=137 | protocol=17 | dir=in | app=system |

"{C79BB746-948F-4465-9771-D27E203FEB1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{E94E7A77-F431-409A-B2CA-751E7C2974F4}" = lport=10243 | protocol=6 | dir=in | app=system |

"{EB7F9817-F695-46D7-BDB9-E866DF9F96A0}" = lport=138 | protocol=17 | dir=in | app=system |

"{F0E0F9D4-AA60-426C-A7F2-21C72149442B}" = lport=11155 | protocol=6 | dir=in | name=11155 \tcp |

"{F6B2CC4A-F6B2-4F8D-AB9A-68A8A46CBDED}" = rport=139 | protocol=6 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{022591E1-3CB7-4AF2-93AB-F0D804F77450}" = dir=in | app=c:\users\agnieszka\oinefmlyeniag.exe |

"{03C6624E-0A26-4AED-ABF0-88F229F09D39}" = protocol=17 | dir=in | app=c:\users\agnieszka\appdata\roaming\utorrent\utorrent.exe |

"{07279CB7-ACC2-4A63-B51B-D1694F0FDC6A}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{07482B67-4D10-42EA-AAAB-ED3614E0388D}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{09DE66C7-B947-41F2-8193-504B3CBAD6F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{0A46A35D-AD87-4024-AF9C-E12C711D9BE1}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{0B9385DF-B481-49BC-BCF9-825704A02A13}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{0CBA28F0-5E51-46E2-BC83-0F6E58E0E041}" = protocol=17 | dir=in | app=c:\program files\ccleaner\ccupdate.exe |

"{0D422189-05F4-42BF-A1F4-3F1E2B85ACC8}" = protocol=6 | dir=in | app=c:\users\agnieszka\appdata\roaming\utorrent\utorrent.exe |

"{0E91E4A1-9598-46AC-BEE6-3C44A5575963}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{10AE8020-6EE9-4BBE-97A9-AC933CDA2883}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\avemupdate.exe |

"{112D5403-603F-4750-B5A2-9C861108523F}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{13C2F1FF-B1EE-442A-AA0F-DD2773C2D9C2}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{14482028-9636-4D9F-9BD1-F16C537A105D}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |

"{19C020EC-6AC7-45A6-9424-59CC49F142CB}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{1D2DFC62-F4B0-462C-B4AF-03AAC4552F7A}" = protocol=1 | dir=out | [email protected],-28544 |

"{250A23D3-57DB-48F6-9F83-597890661AC5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{26AF1E2F-B0EE-4187-9983-653FDF22CA58}" = protocol=6 | dir=out | app=system |

"{27DC0601-A103-48D8-9D3D-CD106063EBD3}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{31C2FBA1-73E5-49FF-85EF-5F42857EEA7F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{3732F758-558F-4785-90E9-4CA965AB206F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{391C73EB-3A9D-4171-AC2D-2B745FD2171A}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{4345382A-28DC-4E3A-A7A8-9C37D774E9E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{45BD1B89-B547-4EBD-96A5-0556FB655CA1}" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |

"{48B037B8-4528-4527-82CA-499374AC219C}" = protocol=17 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe |

"{4EBFA56E-6B3F-4286-B906-0FEA0E3B7FEE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{502E34DE-4175-48E5-9691-373370026D80}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{509F12E6-6A95-4A58-A3AA-FCEA05566C69}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{517BFEEB-7EAD-4E94-B585-A61C6458D7DC}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |

"{536EFA19-D693-4B50-B212-1D5BD61BD55A}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{590DD259-BCFC-473B-B8FF-BFD75E8434A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{595935CA-EEA4-4999-8626-9A0B1B8F400F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{599CD80B-FC4A-4C3A-AFC0-616CBC56AB74}" = protocol=58 | dir=in | [email protected],-28545 |

"{5D8BA1E9-14EC-4A38-8560-1FD4FB088542}" = dir=in | app=c:\windows\syswow64\gvstey.exe |

"{62DAB257-5448-476C-A713-6B33699A51FE}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |

"{6371CB51-1C0B-4B84-AD9C-749D519D0D6A}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{63DCA7C8-0F8C-43C6-9686-62FE6AEA638F}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{67048F4A-7C86-48CC-9689-3EF1944AD785}" = protocol=6 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe |

"{6ACCE22B-16FC-4FB5-B93F-8EECFB7E032C}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{71446AC3-A42F-4BEB-8980-8CBE169A50EB}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{7C9BD599-78D1-4BD5-8931-34E07E78D95B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{7FE6F024-BE2D-4F78-96C2-BB061AA86F8C}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |

"{80D69F94-D058-4C5C-850F-485E89799CDD}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{8AC83572-E7FB-4EC9-86D7-21885559F7B6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{8CA3C0D7-60E0-4188-B7A2-C2B4980DC8FC}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{95FD78F6-D6A3-45D5-ABB2-B3BF9D0A96CD}" = dir=in | app=c:\program files (x86)\3cxphone\3cxphone.exe |

"{9D5CD730-F811-4AD3-A19D-A269559EDACB}" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |

"{A6033299-B2D4-4BAB-85C5-94FE4BA442FA}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\avemupdate.exe |

"{ACB20B78-BDFD-4E4F-BC99-F0FD70D7FA13}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{AD84E723-2AB5-4A53-9D54-F1D69B6B8E13}" = protocol=6 | dir=in | app=c:\program files\ccleaner\ccupdate.exe |

"{AF965D2A-B1F8-40C5-A00B-8446C6252E17}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |

"{B42F9553-AB26-4CA7-9873-A5482F3E72A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{B52F6973-BEBB-45EA-8D0A-9EE74C994479}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{B687E29B-D9F4-46B6-A238-114EFCA9B8FE}" = protocol=1 | dir=in | [email protected],-28543 |

"{B99B80C8-1BC8-42F2-AE6B-0009E214DFFD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{BE57F5E5-3E00-4B9B-A63F-D829CAF4618A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{C7D428F0-54E9-4533-9E64-812B9D20B0DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{D453F2E5-EE17-4FB5-923E-AE7DB5F674C9}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{E37EC7D9-C019-4919-92F6-6F892751D839}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |

"{E5B76B56-9171-4BA7-8649-5D4F45F1DDE0}" = dir=in | app=c:\windows\syswow64\svchost.exe |

"{E6DBEC35-3D50-44A9-A42F-564FFAD4C963}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{E723476A-F6F2-4784-B964-3FAB6FC339A1}" = dir=in | app=c:\windows\syswow64\msiexec.exe |

"{ED7A3E9A-418F-47C9-94AB-036FB8F0DE2B}" = protocol=58 | dir=out | [email protected],-28546 |

"{F4633F24-117B-4FC1-A6FE-0C533F536871}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"TCP Query User{02C313C3-5AFE-4A13-B665-7BE197BA037E}C:\gierki świniaka ;v\crashday\crashday -steam.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday -steam.exe |

"TCP Query User{1F82E831-02C2-4FAF-9FD1-093F543175E3}C:\gierki świniaka ;v\c&c\twisted insurrection 0.7\game.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\c&c\twisted insurrection 0.7\game.exe |

"TCP Query User{310F9E84-C4EC-4F1E-B175-DBAE0CBBB9F5}D:\gierki\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe |

"TCP Query User{3C2D20C7-5656-4DC7-BD14-093CE9CBA5DB}C:\gierki świniaka ;v\crashday\crashday.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday.exe |

"TCP Query User{4CC13FB4-D5D9-4338-8D6C-899E7FC73EA7}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |

"TCP Query User{523F56A3-3392-4F4F-829E-C5229CD42E02}D:\gierki\crossout\launcher.exe" = protocol=6 | dir=in | app=d:\gierki\crossout\launcher.exe |

"TCP Query User{5720E2B3-86E3-40B0-9FC3-10A8E15A00D7}D:\gierki\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe |

"TCP Query User{83A0E1F3-2C2F-4913-A265-B02F9B6D83D3}C:\gierki świniaka ;v\c&c\dta\game.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\c&c\dta\game.exe |

"TCP Query User{A32F6C0E-C526-46E7-AC6A-AFD751247F64}C:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe |

"TCP Query User{D1C83E02-CADC-46DF-B226-2E995CEA0854}C:\gierki świniaka ;v\c&c\ts client\game.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\c&c\ts client\game.exe |

"TCP Query User{E6234540-62FE-4D36-9D29-E443825A609B}C:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe" = protocol=6 | dir=in | app=c:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe |

"TCP Query User{ECD982A3-3803-41AE-816F-30E6B735945A}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |

"UDP Query User{09D45FA5-B40F-4F81-A24C-0F88BE233E6A}C:\gierki świniaka ;v\crashday\crashday.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday.exe |

"UDP Query User{1FDF57B8-5FA7-4138-97CE-727FE176E0E3}D:\gierki\crossout\launcher.exe" = protocol=17 | dir=in | app=d:\gierki\crossout\launcher.exe |

"UDP Query User{3F5C0608-1672-43F4-9814-8E068CC5E501}C:\gierki świniaka ;v\c&c\dta\game.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\c&c\dta\game.exe |

"UDP Query User{42D92E73-9108-4F7E-8A62-6EFD5233B5F2}C:\gierki świniaka ;v\c&c\ts client\game.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\c&c\ts client\game.exe |

"UDP Query User{62E354D2-2AC3-4548-862B-0BEA57204B72}D:\gierki\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe |

"UDP Query User{8D6AB85D-5366-492C-BE84-5031EE1A5B05}C:\gierki świniaka ;v\crashday\crashday -steam.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday -steam.exe |

"UDP Query User{AD7905A6-84C0-4FCA-95AB-390F949F2DFD}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |

"UDP Query User{B388D9C2-3E08-4E4C-9B6B-2E8122E52C95}C:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe |

"UDP Query User{B8863803-9ED6-4F86-AF44-AB0F7E01F967}C:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe |

"UDP Query User{CF139E3E-8D60-45D1-AD64-159F8897F3F9}D:\gierki\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe |

"UDP Query User{CF72C22B-36D0-4F07-8E94-03C3A67FD1F6}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |

"UDP Query User{ECDC248B-4E15-4BBF-B76D-AF57B7E461A0}C:\gierki świniaka ;v\c&c\twisted insurrection 0.7\game.exe" = protocol=17 | dir=in | app=c:\gierki świniaka ;v\c&c\twisted insurrection 0.7\game.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)

"{23170F69-40C1-2702-1805-000001000000}" = 7-Zip 18.05 (x64 edition)

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK

"{94C42BE9-B62A-3558-A793-AD49B354F7AA}" = Microsoft .NET Framework 4.5 PLK Language Pack

"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.67

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.67

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.13

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.13

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client

"747C94D329BB5CCC3231C84E4D319B6CEC7BBAB3" = Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (07/08/2012 1.0.0.93)

"8461-7759-5462-8226" = Vuze

"CCleaner" = CCleaner

"DAEMON Tools Lite" = DAEMON Tools Lite

"Mozilla Firefox 61.0.1 (x64 pl)" = Mozilla Firefox 61.0.1 (x64 pl)

"OpenVPN" = OpenVPN 2.3.11-I601

"SKIDROW - Air Missions HIND" = Air Missions HIND

"TAP-Windows" = TAP-Windows 9.21.2

"YWVyaWFsZGVzdHJ1Y3Rpb24_is1" = Aerial Destruction Frontline Assault

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology

"{0DF8FA4D-299C-4250-9F09-C14E47E12224}" = 3CXPhone

"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3

"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver

"{42A4EC40-09BC-427C-B657-67978B784058}" = Rally Trophy

"{4CA7F8A0-DB20-11D4-8B30-000021015D1C}" = Need for Speed 5 Porsche Unleashed

"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture

"{5172E572-C175-4F80-A6D5-5CB45826AD61}" = SceneSwitch

"{5CB6A112-DA36-486B-9B1C-6341CB95DE37}" = Enemy Engaged 2 Speech

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB

"{78B1279E-7DFB-4289-B6E1-7C62A1A455A1}_is1" = STALKERSOUP 1.1.0016

"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation Program

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash

"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007

"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007

"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007

"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007

"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007

"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007

"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007

"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007

"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007

"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9C27ADE1-EAFB-4BB7-9FE3-5DD9BA9A3DD2}" = Crashday

"{A48A1FF5-3393-481E-BEC1-3C705184816C}_is1" = Test Drive Unlimited ReincarnaTion, версия 1

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus

"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package

"{AC76BA86-0804-1033-1959-001824272646}" = Adobe Refresh Manager

"{AC76BA86-7AD7-1045-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Polish

"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy

"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader

"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX

"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera

"{EF0D610C-92BE-4D8F-BD33-9F658F8754F1}" = GTI Racing

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

"{F8718F95-21A1-44B9-97EC-679C93020BAE}" = Colin McRae Rally 04

"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005

"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update

"{FB83EAC4-E3F6-4666-B45B-44522F2344B6}" = Brother MFL-Pro Suite DCP-J315W

"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime

"Adobe Flash Player NPAPI" = Adobe Flash Player 30 NPAPI

"Adobe Shockwave Player" = Adobe Shockwave Player 12.3

"ASUS K5 Series ScreenSaver" = ASUS K5 Series ScreenSaver

"Avast Antivirus" = Avast Free Antivirus

"Cities XXL_R.G. Mechanics_is1" = Cities XXL

"Command and Conquer - Generals_R.G. Mechanics_is1" = Command and Conquer - Generals

"CrossOutLauncher_is1" = Crossout Launcher 1.0.3.61

"Enemy Engaged 2_is1" = Enemy Engaged 2

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Freemake Video Converter_is1" = Freemake Video Converter wersja 4.1.10

"InstallShield_{EF0D610C-92BE-4D8F-BD33-9F658F8754F1}" = GTI Racing

"MozillaMaintenanceService" = Mozilla Maintenance Service

"NapiProjekt_is1" = NapiProjekt (2.2.0.2399)

"QWlyR3VhcmRpYW5z_is1" = Air Guardians

"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005]

"Spintires_is1" = Spintires

"Strike Fighters 2" = Strike Fighters 2

"Strike Fighters 2 Europe" = Strike Fighters 2 Europe

"Strike Fighters 2 Expansion Pack 1" = Strike Fighters 2 Expansion Pack 1

"Strike Fighters 2 Expansion Pack 2" = Strike Fighters 2 Expansion Pack 2

"Strike Fighters 2 Extractor" = Strike Fighters 2 Extractor Jun 2011

"Strike Fighters 2 Guns Editor" = Strike Fighters 2 Guns Editor May 2011

"Strike Fighters 2 Israel" = Strike Fighters 2 Israel

"Strike Fighters 2 North Atlantic" = Strike Fighters 2 North Atlantic

"Strike Fighters 2 Vietnam" = Strike Fighters 2 Vietnam

"Strike Fighters 2 Weapons Editor" = Strike Fighters 2 Weapons Editor Aug 2011

"SumatraPDF" = SumatraPDF

"VLC media player" = VLC media player

"Zombie Driver HD - Complete Edition_is1" = Zombie Driver HD - Complete Edition

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{a0a4ee0b-3284-483d-93ce-7bf190eacc8c}" = Citra

"Photoscape Packages" = Photoscape Packages

"ROTR Beta 1.85" = ROTR Beta 1.85

"ROTR Map Pack V2.0" = ROTR Map Pack V2.0

"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]

Error - 2018-07-19 10:10:09 | Computer Name = laptop | Source = ESENT | ID = 455

Description = Windows (4016) Windows: Wystąpił błąd -1811 podczas otwierania pliku

dziennika C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0059B.log.

Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 9000

Description =

Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 7040

Description =

Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 7042

Description =

Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 9002

Description =

Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 3029

Description =

Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 3029

Description =

Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 3028

Description =

Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 3058

Description =

Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 7010

Description =

[ System Events ]

Error - 2018-07-19 10:09:44 | Computer Name = laptop | Source = Service Control Manager | ID = 7000

Description = Nie można uruchomić usługi Spybot-S&D 2 Security Center Service z

powodu następującego błędu: %%577

Error - 2018-07-19 10:10:15 | Computer Name = laptop | Source = Service Control Manager | ID = 7024

Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla

niej błąd %%-1073473535.

Error - 2018-07-19 10:10:15 | Computer Name = laptop | Source = Service Control Manager | ID = 7031

Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło

to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna:

Uruchom usługę ponownie.

< End of report >

Author

Title

Language

Your paste - Paste your paste here

OTL

OTL logfile created on: 2018-07-19 16:19:00 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Agnieszka\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,89 Gb Total Physical Memory | 5,53 Gb Available Physical Memory | 70,16% Memory free
15,77 Gb Paging File | 13,43 Gb Available in Paging File | 85,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 227,68 Gb Total Space | 62,78 Gb Free Space | 27,57% Space Free | Partition Type: NTFS
Drive D: | 238,08 Gb Total Space | 213,99 Gb Free Space | 89,88% Space Free | Partition Type: NTFS
 
Computer Name: LAPTOP | User Name: Agnieszka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2018-07-19 16:18:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Agnieszka\Downloads\OTL.exe
PRC - [2018-07-18 12:12:40 | 010,828,504 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2018-07-18 10:28:47 | 000,322,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2018-04-20 10:53:04 | 003,943,664 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdSvc.exe
PRC - [2018-04-20 10:51:12 | 003,892,256 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDFSSvc.exe
PRC - [2018-04-20 10:48:08 | 006,788,032 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDTray.exe
PRC - [2018-03-21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-05-04 15:16:41 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2012-07-17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-07-17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-07-13 17:37:46 | 000,017,376 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2012-06-25 17:19:24 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012-06-25 15:54:28 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012-06-25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-06-19 13:59:04 | 000,174,752 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012-05-28 10:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012-05-07 15:10:20 | 001,121,448 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012-05-03 15:13:10 | 000,309,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012-04-24 02:17:00 | 002,458,944 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-04-13 10:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012-02-21 14:49:04 | 000,102,568 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2012-02-21 14:49:00 | 000,162,456 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2012-02-16 16:01:36 | 000,473,728 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2012-02-07 06:12:52 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011-11-21 14:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2011-11-21 14:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-06-19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008-12-22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2018-07-18 10:30:39 | 067,126,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2018-07-18 10:28:51 | 000,483,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\streamback.dll
MOD - [2018-07-18 10:28:42 | 000,282,840 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2012-02-21 14:49:00 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2018-07-18 10:28:47 | 000,322,464 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2018-07-18 10:28:43 | 007,780,400 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:[b]64bit:[/b] - [2017-08-14 12:30:26 | 002,291,904 | ---- | M] (Disc Soft Ltd) [On_Demand | Running] -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe -- (Disc Soft Lite Bus Service)
SRV:[b]64bit:[/b] - [2016-05-10 09:56:46 | 000,037,504 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV:[b]64bit:[/b] - [2012-04-20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2018-07-18 10:25:01 | 000,194,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2018-07-18 10:18:53 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018-05-22 12:54:56 | 000,779,392 | ---- | M] (EasyAntiCheat Ltd) [Disabled | Stopped] -- C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe -- (EasyAntiCheat)
SRV - [2018-03-21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-07-17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012-06-25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-04-24 02:17:00 | 002,458,944 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-04-13 10:14:00 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2012-02-22 09:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011-12-29 15:27:48 | 000,158,880 | ---- | M] (Atheros) [Disabled | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&amp;Wlan Coex Agent)
SRV - [2011-12-29 15:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Disabled | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011-11-21 14:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2011-11-21 14:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,463,080 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,381,584 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,211,160 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,159,640 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,085,968 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:56 | 000,046,976 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:55 | 000,197,160 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswArPot.sys -- (aswArPot)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:55 | 000,111,872 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:45 | 001,027,728 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:42 | 000,239,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:41 | 000,346,664 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:41 | 000,201,328 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:41 | 000,059,592 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:[b]64bit:[/b] - [2018-07-18 10:28:40 | 000,229,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:[b]64bit:[/b] - [2017-09-03 17:19:57 | 000,047,672 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtliteusbbus.sys -- (dtliteusbbus)
DRV:[b]64bit:[/b] - [2017-09-03 17:19:32 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:[b]64bit:[/b] - [2016-04-21 11:10:04 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2015-03-05 11:00:00 | 004,137,472 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2012-07-13 17:37:48 | 000,049,824 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusTP.sys -- (ATP)
DRV:[b]64bit:[/b] - [2012-07-13 17:37:48 | 000,035,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:[b]64bit:[/b] - [2012-07-13 17:37:46 | 000,019,104 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)
DRV:[b]64bit:[/b] - [2012-07-02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012-05-07 15:10:18 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:[b]64bit:[/b] - [2012-04-24 02:17:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012-03-01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-22 09:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-02-20 04:31:14 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012-02-07 06:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-02-07 06:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-02-07 06:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-02-01 11:06:18 | 000,292,968 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:[b]64bit:[/b] - [2011-12-29 15:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2011-12-29 15:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2011-12-29 15:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2011-12-29 15:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2011-12-29 15:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2011-12-29 15:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2011-12-29 15:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:[b]64bit:[/b] - [2011-12-29 15:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2011-12-23 05:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-08-23 15:57:24 | 000,565,352 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-07-20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011-09-07 09:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: &quot;URL&quot; = http://www.bing.com/search?q={searchTerms}&amp;FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: &quot;URL&quot; = http://www.bing.com/search?q={searchTerms}&amp;FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: &quot;URL&quot; = http://www.bing.com/search?q={searchTerms}&amp;src=IE-SearchBox&amp;FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: &quot;ProxyEnable&quot; = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.countryCode: &quot;PL&quot;
FF - prefs.js..browser.search.region: &quot;PL&quot;
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 
[2013-05-04 16:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\Extensions
[2017-11-17 11:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\SystemExtensionsDev
[2018-07-19 12:18:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\Firefox\Profiles\hs2g5730.default-1531903920870\extensions
[2018-07-19 12:18:25 | 002,457,020 | ---- | M] () (No name found) -- C:\Users\Agnieszka\AppData\Roaming\mozilla\firefox\profiles\hs2g5730.default-1531903920870\extensions\sp@avast.com.xpi
 
O1 HOSTS File: ([2013-05-04 15:52:32 | 000,000,921 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 genuine.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 sls.microsoft.com
O2:[b]64bit:[/b] - BHO: (ASUS Browser Extension x64) - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [ASUS Quick Gesture (x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [ASUS Quick Gesture (x86)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [ASUS TP Center (x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek)
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 31.11.202.254 37.8.214.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A39DCEA6-AE18-446E-A073-25F0B53414D3}: DhcpNameServer = 31.11.202.254 37.8.214.2
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1e689c3c-b4e9-11e2-967b-806e6f6e6963}\Shell - &quot;&quot; = AutoRun
O33 - MountPoints2\{1e689c3c-b4e9-11e2-967b-806e6f6e6963}\Shell\AutoRun\command - &quot;&quot; = E:\InstAll.exe
O33 - MountPoints2\{5905c1c1-0d6a-11e8-9d11-2016d8634425}\Shell - &quot;&quot; = AutoRun
O33 - MountPoints2\{5905c1c1-0d6a-11e8-9d11-2016d8634425}\Shell\AutoRun\command - &quot;&quot; = G:\HiSuiteDownLoader.exe
O33 - MountPoints2\{87335f18-68cc-11e5-bbf9-2016d8634425}\Shell - &quot;&quot; = AutoRun
O33 - MountPoints2\{87335f18-68cc-11e5-bbf9-2016d8634425}\Shell\AutoRun\command - &quot;&quot; = F:\HiSuiteDownLoader.exe
O33 - MountPoints2\{996c72d4-229a-11e3-8a4c-2016d8634425}\Shell - &quot;&quot; = AutoRun
O33 - MountPoints2\{996c72d4-229a-11e3-8a4c-2016d8634425}\Shell\AutoRun\command - &quot;&quot; = F:\LGAutoRun.exe
O33 - MountPoints2\{dc6e2375-a377-11e3-a288-2016d8634425}\Shell - &quot;&quot; = AutoRun
O33 - MountPoints2\{dc6e2375-a377-11e3-a288-2016d8634425}\Shell\AutoRun\command - &quot;&quot; = F:\LGAutoRun.exe
O33 - MountPoints2\F\Shell - &quot;&quot; = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - &quot;&quot; = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- &quot;%1&quot; %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- &quot;%1&quot; %*
O35 - HKLM\..comfile [open] -- &quot;%1&quot; %*
O35 - HKLM\..exefile [open] -- &quot;%1&quot; %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- &quot;%1&quot; %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- &quot;%1&quot; %*
O37 - HKLM\...com [@ = comfile] -- &quot;%1&quot; %*
O37 - HKLM\...exe [@ = exefile] -- &quot;%1&quot; %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2018-07-19 16:11:41 | 000,000,000 | R--D | C] -- C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2018-07-19 12:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search &amp; Destroy 2
[2018-07-19 12:26:24 | 000,032,168 | ---- | C] (Safer-Networking Ltd.) -- C:\Windows\SysNative\sdnclean64.exe
[2018-07-19 12:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search &amp; Destroy
[2018-07-19 12:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search &amp; Destroy 2
[2018-07-18 10:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2018-07-18 10:49:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2018-07-18 10:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2018-07-18 10:30:48 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\AVAST Software
[2018-07-18 10:30:46 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\AVAST Software
[2018-07-18 10:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2018-07-18 10:29:07 | 001,027,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2018-07-18 10:29:07 | 000,463,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2018-07-18 10:29:07 | 000,381,584 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2018-07-18 10:29:07 | 000,346,664 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2018-07-18 10:29:07 | 000,239,680 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHdsKe.sys
[2018-07-18 10:29:07 | 000,229,392 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2018-07-18 10:29:07 | 000,211,160 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2018-07-18 10:29:07 | 000,201,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2018-07-18 10:29:07 | 000,197,160 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswArPot.sys
[2018-07-18 10:29:07 | 000,159,640 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2018-07-18 10:29:07 | 000,111,872 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2018-07-18 10:29:07 | 000,085,968 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2018-07-18 10:29:07 | 000,059,592 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2018-07-18 10:29:07 | 000,046,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2018-07-18 10:29:01 | 001,142,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2018-07-18 10:29:01 | 001,001,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2018-07-18 10:29:01 | 000,378,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2018-07-18 10:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVAST Software
[2018-07-18 10:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2018-07-18 10:27:11 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2018-07-18 10:21:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2018-07-06 13:23:27 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\TDUeditor
[2018-07-06 12:08:12 | 000,000,000 | ---D | C] -- C:\acr_logs
[2018-07-06 08:36:31 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Desktop\SARDU_324
[2018-07-05 17:54:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Steam
[2018-07-05 17:16:52 | 006,981,240 | ---- | C] (ESET spol. s r.o.) -- C:\Users\Agnieszka\Desktop\esetonlinescanner_enu.exe
[2018-07-05 16:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heliborne Dragons Awakening
[2018-07-05 16:36:50 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Desktop\Supreme.Commander.MULTi9
[2018-07-05 14:17:28 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Documents\ZombieDriverHD
[2018-07-05 13:59:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exor Studios
[2018-07-05 12:56:39 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\Targem
[2018-07-05 12:56:39 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Documents\My Games
[2018-07-05 11:40:20 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\Documents\Test Drive Unlimited
[2018-07-05 11:38:35 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\paradise_launcher
[2018-07-05 11:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Test Drive Unlimited
[2018-07-05 11:36:34 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Local\Gaijin
[2018-07-05 11:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Gaijin
[2018-07-05 11:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyAntiCheat
[2018-07-05 11:36:31 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout
[2018-07-05 11:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Test Drive Unlimited ReincarnaTion
[2018-07-05 10:06:29 | 000,000,000 | ---D | C] -- C:\Users\Agnieszka\AppData\Roaming\uTorrent
[2009-07-14 03:14:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Users\Agnieszka\OiNEFMLyeniag.exe
[1 C:\Users\Agnieszka\Desktop\*.tmp files -&gt; C:\Users\Agnieszka\Desktop\*.tmp -&gt; ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2018-07-19 16:16:59 | 001,676,974 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018-07-19 16:16:59 | 000,743,280 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2018-07-19 16:16:59 | 000,656,628 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018-07-19 16:16:59 | 000,156,730 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2018-07-19 16:16:59 | 000,122,440 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018-07-19 16:11:45 | 000,000,387 | ---- | M] () -- C:\Users\Agnieszka\AppData\Roaming\sp_data.sys
[2018-07-19 16:09:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018-07-19 16:09:06 | 2057,424,895 | -HS- | M] () -- C:\hiberfil.sys
[2018-07-19 16:08:34 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018-07-19 16:08:34 | 000,009,776 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018-07-19 13:22:21 | 000,000,114 | ---- | M] () -- C:\Windows\wininit.ini
[2018-07-19 12:26:33 | 000,001,379 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&amp;D Start Center.lnk
[2018-07-18 10:50:34 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2018-07-18 10:49:57 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2018-07-18 10:30:44 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2018-07-18 10:28:56 | 000,463,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2018-07-18 10:28:56 | 000,381,584 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2018-07-18 10:28:56 | 000,211,160 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2018-07-18 10:28:56 | 000,159,640 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2018-07-18 10:28:56 | 000,085,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2018-07-18 10:28:56 | 000,046,976 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2018-07-18 10:28:55 | 000,378,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2018-07-18 10:28:55 | 000,197,160 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswArPot.sys
[2018-07-18 10:28:55 | 000,111,872 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2018-07-18 10:28:53 | 001,142,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2018-07-18 10:28:53 | 001,001,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2018-07-18 10:28:45 | 001,027,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2018-07-18 10:28:42 | 000,239,680 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHdsKe.sys
[2018-07-18 10:28:41 | 000,346,664 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2018-07-18 10:28:41 | 000,201,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2018-07-18 10:28:41 | 000,059,592 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2018-07-18 10:28:40 | 000,229,392 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2018-07-18 10:18:53 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2018-07-18 10:18:53 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2018-07-06 11:46:57 | 000,422,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2018-07-05 21:04:30 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2018-07-05 17:16:57 | 006,981,240 | ---- | M] (ESET spol. s r.o.) -- C:\Users\Agnieszka\Desktop\esetonlinescanner_enu.exe
[2018-07-05 10:18:14 | 000,000,002 | ---- | M] () -- C:\Users\Agnieszka\AppData\Local\WMI.ini
[2018-07-05 10:06:29 | 000,000,853 | ---- | M] () -- C:\Users\Agnieszka\Desktop\µTorrent.lnk
[2018-07-05 09:28:29 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[1 C:\Users\Agnieszka\Desktop\*.tmp files -&gt; C:\Users\Agnieszka\Desktop\*.tmp -&gt; ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2018-07-19 16:10:46 | 000,001,268 | ---- | C] () -- C:\Users\Agnieszka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2018-07-19 13:22:21 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini
[2018-07-19 12:26:33 | 000,001,391 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&amp;D Start Center.lnk
[2018-07-19 12:26:33 | 000,001,379 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&amp;D Start Center.lnk
[2018-07-18 10:49:57 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2018-07-18 10:30:44 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2018-07-05 10:18:14 | 000,000,002 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\WMI.ini
[2018-07-05 10:06:29 | 000,000,853 | ---- | C] () -- C:\Users\Agnieszka\Desktop\µTorrent.lnk
[2018-07-05 09:28:29 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2018-02-02 15:43:47 | 000,001,320 | ---- | C] () -- C:\Users\Agnieszka\Freemake Video Converter.lnk
[2017-09-01 17:08:02 | 000,013,312 | ---- | C] () -- C:\Windows\SDL_net.dll
[2017-09-01 17:04:58 | 000,448,231 | ---- | C] () -- C:\Windows\sdl.dll
[2016-06-22 13:27:00 | 000,227,365 | ---- | C] () -- C:\Users\Agnieszka\13509576_1132322483476306_2078620343_o(1).jpg
[2016-05-08 15:05:35 | 000,164,757 | ---- | C] () -- C:\Users\Agnieszka\13177595_1101458853229336_236600193053475177_n.jpg
[2015-05-13 13:16:35 | 001,728,113 | ---- | C] () -- C:\Users\Agnieszka\Łubińska Agnieszka.pdf
[2015-03-02 23:28:55 | 000,070,691 | ---- | C] () -- C:\Users\Agnieszka\hgh.jpg
[2014-04-20 18:18:49 | 000,112,241 | ---- | C] () -- C:\Users\Agnieszka\pandzia.jpg
[2014-02-14 20:28:41 | 000,004,608 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-09-04 19:04:48 | 001,536,596 | ---- | C] () -- C:\Users\Agnieszka\Sherry Argov - Dlaczego mezczyzni kochaja zolzy [PL] [.pdf].pdf
[2013-09-01 21:36:31 | 000,000,860 | ---- | C] () -- C:\Users\Agnieszka\CCleaner.lnk
[2013-05-05 19:46:17 | 004,598,588 | ---- | C] () -- C:\Users\Agnieszka\IMG_0013.JPG
[2013-05-04 15:35:13 | 000,000,017 | ---- | C] () -- C:\Users\Agnieszka\AppData\Local\resmon.resmoncfg
[2013-05-04 15:24:52 | 000,000,387 | ---- | C] () -- C:\Users\Agnieszka\AppData\Roaming\sp_data.sys
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
&quot;&quot; = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
&quot;ThreadingModel&quot; = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
&quot;&quot; = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
&quot;ThreadingModel&quot; = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
&quot;&quot; = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
&quot;ThreadingModel&quot; = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
&quot;&quot; = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
&quot;ThreadingModel&quot; = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
&quot;&quot; = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
&quot;ThreadingModel&quot; = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

&lt; End of report &gt;

Extras

OTL Extras logfile created on: 2018-07-19 16:19:00 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Agnieszka\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
7,89 Gb Total Physical Memory | 5,53 Gb Available Physical Memory | 70,16% Memory free
15,77 Gb Paging File | 13,43 Gb Available in Paging File | 85,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 227,68 Gb Total Space | 62,78 Gb Free Space | 27,57% Space Free | Partition Type: NTFS
Drive D: | 238,08 Gb Total Space | 213,99 Gb Free Space | 89,88% Space Free | Partition Type: NTFS
 
Computer Name: LAPTOP | User Name: Agnieszka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\&lt;extension&gt;]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\&lt;extension&gt;]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\&lt;extension&gt;]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\&lt;key&gt;\shell\[command]\command]
batfile [open] -- &quot;%1&quot; %*
cmdfile [open] -- &quot;%1&quot; %*
comfile [open] -- &quot;%1&quot; %*
exefile [open] -- &quot;%1&quot; %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe &quot;%1&quot; (Microsoft Corporation)
InternetShortcut [open] -- &quot;C:\Windows\System32\rundll32.exe&quot; &quot;C:\Windows\System32\ieframe.dll&quot;,OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- &quot;C:\Windows\System32\rundll32.exe&quot; &quot;C:\Windows\System32\mshtml.dll&quot;,PrintHTML &quot;%1&quot; (Microsoft Corporation)
piffile [open] -- &quot;%1&quot; %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- &quot;%1&quot;
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- &quot;%1&quot; /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- &quot;C:\Program Files (x86)\VideoLAN\VLC\vlc.exe&quot; --started-from-file --playlist-enqueue &quot;%1&quot; (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd &quot;%V&quot; (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- &quot;C:\Program Files (x86)\NapiProjekt\napisy.exe&quot; &quot;%1&quot; ()
Directory [napiprojekt0] -- &quot;C:\Program Files (x86)\NapiProjekt\napisy.exe&quot; &quot;%1&quot; -pobierz_ang ()
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE &quot;%L&quot;
Directory [PlayWithVLC] -- &quot;C:\Program Files (x86)\VideoLAN\VLC\vlc.exe&quot; --started-from-file --no-playlist-enqueue &quot;%1&quot; (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\&lt;key&gt;\shell\[command]\command]
batfile [open] -- &quot;%1&quot; %*
cmdfile [open] -- &quot;%1&quot; %*
comfile [open] -- &quot;%1&quot; %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe &quot;%1&quot;,%* (Microsoft Corporation)
exefile [open] -- &quot;%1&quot; %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe &quot;%1&quot; (Microsoft Corporation)
piffile [open] -- &quot;%1&quot; %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- &quot;%1&quot;
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- &quot;%1&quot; /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- &quot;C:\Program Files (x86)\VideoLAN\VLC\vlc.exe&quot; --started-from-file --playlist-enqueue &quot;%1&quot; (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd &quot;%V&quot; (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- &quot;C:\Program Files (x86)\NapiProjekt\napisy.exe&quot; &quot;%1&quot; ()
Directory [napiprojekt0] -- &quot;C:\Program Files (x86)\NapiProjekt\napisy.exe&quot; &quot;%1&quot; -pobierz_ang ()
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE &quot;%L&quot;
Directory [PlayWithVLC] -- &quot;C:\Program Files (x86)\VideoLAN\VLC\vlc.exe&quot; --started-from-file --no-playlist-enqueue &quot;%1&quot; (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
&quot;cval&quot; = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
&quot;VistaSp1&quot; = 28 4D B2 76 41 04 CA 01  [binary data]
&quot;AntiVirusOverride&quot; = 0
&quot;AntiSpywareOverride&quot; = 0
&quot;FirewallOverride&quot; = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
&quot;DisableNotifications&quot; = 0
&quot;EnableFirewall&quot; = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
&quot;DisableNotifications&quot; = 0
&quot;EnableFirewall&quot; = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
&quot;DisableNotifications&quot; = 0
&quot;EnableFirewall&quot; = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
&quot;C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDTray.exe&quot; = C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDTray.exe:*:Enabled:Spybot - Search &amp; Destroy tray access -- (Safer-Networking Ltd.)
&quot;C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDFSSvc.exe&quot; = C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&amp;D 2 Scanner Service -- (Safer-Networking Ltd.)
&quot;C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe&quot; = C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&amp;D 2 Updater -- (Safer-Networking Ltd.)
&quot;C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdSvc.exe&quot; = C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&amp;D 2 Background update service -- (Safer-Networking Ltd.)
&quot;C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDTray.exe&quot; = C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDTray.exe:*:Enabled:Spybot - Search &amp; Destroy tray access -- (Safer-Networking Ltd.)
&quot;C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDFSSvc.exe&quot; = C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&amp;D 2 Scanner Service -- (Safer-Networking Ltd.)
&quot;C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe&quot; = C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&amp;D 2 Updater -- (Safer-Networking Ltd.)
&quot;C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdSvc.exe&quot; = C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&amp;D 2 Background update service -- (Safer-Networking Ltd.)
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
&quot;{06455A94-E7E3-445F-BF09-20791838C2AB}&quot; = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
&quot;{06ECF59F-658F-49C3-ADFE-2D3BA4EC50DF}&quot; = lport=139 | protocol=6 | dir=in | app=system | 
&quot;{182F7726-303D-43DF-BF3A-4F9D74E5409A}&quot; = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
&quot;{1E11EA80-75A7-47DE-843E-A93AB9D3A8C2}&quot; = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
&quot;{2094A525-4E92-4410-8D0D-5132384DDF58}&quot; = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
&quot;{243C93D2-2C14-4A1B-8524-3BA5E3935B26}&quot; = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
&quot;{2FB166BE-294C-46FB-B6C6-FBF200E60E15}&quot; = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
&quot;{36DDCF61-8F4D-4F75-A553-5261E56511E2}&quot; = lport=445 | protocol=6 | dir=in | app=system | 
&quot;{3FED752E-6211-4AD7-86C1-52C300526825}&quot; = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
&quot;{422D2FE4-95CB-48AB-9FBE-043F6DD63F20}&quot; = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
&quot;{5243676D-7000-497D-BF35-4B9909912650}&quot; = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
&quot;{6B72C46F-449C-4566-A700-023A0DF11694}&quot; = rport=10243 | protocol=6 | dir=out | app=system | 
&quot;{70C7E9FA-92B2-4E54-B0BE-EAD50DDA86BA}&quot; = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | 
&quot;{7E340CD0-9251-43C8-A90F-8CACB4126141}&quot; = rport=445 | protocol=6 | dir=out | app=system | 
&quot;{7E5C3FC3-3D18-47C3-B2F3-72561A9D47C7}&quot; = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
&quot;{800BF457-3C72-4D8F-83A1-F99FD255CF52}&quot; = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
&quot;{91122527-71E8-42B7-B2E0-3E89ED4BED07}&quot; = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
&quot;{92482748-5928-4B26-9650-367D572F5FBD}&quot; = lport=11155 | protocol=17 | dir=in | name=11155 \udp | 
&quot;{93108E78-3181-4E7D-B0B2-F1383582CF53}&quot; = rport=138 | protocol=17 | dir=out | app=system | 
&quot;{95C23585-D99B-4A8C-A1CE-729B70F7DCC2}&quot; = rport=137 | protocol=17 | dir=out | app=system | 
&quot;{AFB92AFD-A061-446A-B5CC-AD93E5D199BA}&quot; = lport=2869 | protocol=6 | dir=in | app=system | 
&quot;{B3934B62-FB9B-49AB-BCC3-F91D6AE4E4DC}&quot; = lport=137 | protocol=17 | dir=in | app=system | 
&quot;{C79BB746-948F-4465-9771-D27E203FEB1E}&quot; = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
&quot;{E94E7A77-F431-409A-B2CA-751E7C2974F4}&quot; = lport=10243 | protocol=6 | dir=in | app=system | 
&quot;{EB7F9817-F695-46D7-BDB9-E866DF9F96A0}&quot; = lport=138 | protocol=17 | dir=in | app=system | 
&quot;{F0E0F9D4-AA60-426C-A7F2-21C72149442B}&quot; = lport=11155 | protocol=6 | dir=in | name=11155 \tcp | 
&quot;{F6B2CC4A-F6B2-4F8D-AB9A-68A8A46CBDED}&quot; = rport=139 | protocol=6 | dir=out | app=system | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
&quot;{022591E1-3CB7-4AF2-93AB-F0D804F77450}&quot; = dir=in | app=c:\users\agnieszka\oinefmlyeniag.exe | 
&quot;{03C6624E-0A26-4AED-ABF0-88F229F09D39}&quot; = protocol=17 | dir=in | app=c:\users\agnieszka\appdata\roaming\utorrent\utorrent.exe | 
&quot;{07279CB7-ACC2-4A63-B51B-D1694F0FDC6A}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{07482B67-4D10-42EA-AAAB-ED3614E0388D}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{09DE66C7-B947-41F2-8193-504B3CBAD6F3}&quot; = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
&quot;{0A46A35D-AD87-4024-AF9C-E12C711D9BE1}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{0B9385DF-B481-49BC-BCF9-825704A02A13}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{0CBA28F0-5E51-46E2-BC83-0F6E58E0E041}&quot; = protocol=17 | dir=in | app=c:\program files\ccleaner\ccupdate.exe | 
&quot;{0D422189-05F4-42BF-A1F4-3F1E2B85ACC8}&quot; = protocol=6 | dir=in | app=c:\users\agnieszka\appdata\roaming\utorrent\utorrent.exe | 
&quot;{0E91E4A1-9598-46AC-BEE6-3C44A5575963}&quot; = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
&quot;{10AE8020-6EE9-4BBE-97A9-AC933CDA2883}&quot; = protocol=6 | dir=in | app=c:\program files\avast software\avast\avemupdate.exe | 
&quot;{112D5403-603F-4750-B5A2-9C861108523F}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{13C2F1FF-B1EE-442A-AA0F-DD2773C2D9C2}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{14482028-9636-4D9F-9BD1-F16C537A105D}&quot; = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
&quot;{19C020EC-6AC7-45A6-9424-59CC49F142CB}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{1D2DFC62-F4B0-462C-B4AF-03AAC4552F7A}&quot; = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
&quot;{250A23D3-57DB-48F6-9F83-597890661AC5}&quot; = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
&quot;{26AF1E2F-B0EE-4187-9983-653FDF22CA58}&quot; = protocol=6 | dir=out | app=system | 
&quot;{27DC0601-A103-48D8-9D3D-CD106063EBD3}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{31C2FBA1-73E5-49FF-85EF-5F42857EEA7F}&quot; = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
&quot;{3732F758-558F-4785-90E9-4CA965AB206F}&quot; = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
&quot;{391C73EB-3A9D-4171-AC2D-2B745FD2171A}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{4345382A-28DC-4E3A-A7A8-9C37D774E9E1}&quot; = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
&quot;{45BD1B89-B547-4EBD-96A5-0556FB655CA1}&quot; = protocol=6 | dir=in | app=c:\gierki świniaka ;v\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
&quot;{48B037B8-4528-4527-82CA-499374AC219C}&quot; = protocol=17 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | 
&quot;{4EBFA56E-6B3F-4286-B906-0FEA0E3B7FEE}&quot; = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
&quot;{502E34DE-4175-48E5-9691-373370026D80}&quot; = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
&quot;{509F12E6-6A95-4A58-A3AA-FCEA05566C69}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{517BFEEB-7EAD-4E94-B585-A61C6458D7DC}&quot; = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
&quot;{536EFA19-D693-4B50-B212-1D5BD61BD55A}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{590DD259-BCFC-473B-B8FF-BFD75E8434A3}&quot; = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
&quot;{595935CA-EEA4-4999-8626-9A0B1B8F400F}&quot; = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
&quot;{599CD80B-FC4A-4C3A-AFC0-616CBC56AB74}&quot; = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
&quot;{5D8BA1E9-14EC-4A38-8560-1FD4FB088542}&quot; = dir=in | app=c:\windows\syswow64\gvstey.exe | 
&quot;{62DAB257-5448-476C-A713-6B33699A51FE}&quot; = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe | 
&quot;{6371CB51-1C0B-4B84-AD9C-749D519D0D6A}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{63DCA7C8-0F8C-43C6-9686-62FE6AEA638F}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{67048F4A-7C86-48CC-9689-3EF1944AD785}&quot; = protocol=6 | dir=in | app=c:\program files (x86)\napiprojekt\napisy.exe | 
&quot;{6ACCE22B-16FC-4FB5-B93F-8EECFB7E032C}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{71446AC3-A42F-4BEB-8980-8CBE169A50EB}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{7C9BD599-78D1-4BD5-8931-34E07E78D95B}&quot; = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
&quot;{7FE6F024-BE2D-4F78-96C2-BB061AA86F8C}&quot; = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
&quot;{80D69F94-D058-4C5C-850F-485E89799CDD}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{8AC83572-E7FB-4EC9-86D7-21885559F7B6}&quot; = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
&quot;{8CA3C0D7-60E0-4188-B7A2-C2B4980DC8FC}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{95FD78F6-D6A3-45D5-ABB2-B3BF9D0A96CD}&quot; = dir=in | app=c:\program files (x86)\3cxphone\3cxphone.exe | 
&quot;{9D5CD730-F811-4AD3-A19D-A269559EDACB}&quot; = protocol=17 | dir=in | app=c:\gierki świniaka ;v\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe | 
&quot;{A6033299-B2D4-4BAB-85C5-94FE4BA442FA}&quot; = protocol=17 | dir=in | app=c:\program files\avast software\avast\avemupdate.exe | 
&quot;{ACB20B78-BDFD-4E4F-BC99-F0FD70D7FA13}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{AD84E723-2AB5-4A53-9D54-F1D69B6B8E13}&quot; = protocol=6 | dir=in | app=c:\program files\ccleaner\ccupdate.exe | 
&quot;{AF965D2A-B1F8-40C5-A00B-8446C6252E17}&quot; = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe | 
&quot;{B42F9553-AB26-4CA7-9873-A5482F3E72A0}&quot; = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
&quot;{B52F6973-BEBB-45EA-8D0A-9EE74C994479}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{B687E29B-D9F4-46B6-A238-114EFCA9B8FE}&quot; = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
&quot;{B99B80C8-1BC8-42F2-AE6B-0009E214DFFD}&quot; = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
&quot;{BE57F5E5-3E00-4B9B-A63F-D829CAF4618A}&quot; = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
&quot;{C7D428F0-54E9-4533-9E64-812B9D20B0DF}&quot; = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
&quot;{D453F2E5-EE17-4FB5-923E-AE7DB5F674C9}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{E37EC7D9-C019-4919-92F6-6F892751D839}&quot; = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
&quot;{E5B76B56-9171-4BA7-8649-5D4F45F1DDE0}&quot; = dir=in | app=c:\windows\syswow64\svchost.exe | 
&quot;{E6DBEC35-3D50-44A9-A42F-564FFAD4C963}&quot; = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
&quot;{E723476A-F6F2-4784-B964-3FAB6FC339A1}&quot; = dir=in | app=c:\windows\syswow64\msiexec.exe | 
&quot;{ED7A3E9A-418F-47C9-94AB-036FB8F0DE2B}&quot; = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
&quot;{F4633F24-117B-4FC1-A6FE-0C533F536871}&quot; = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
&quot;TCP Query User{02C313C3-5AFE-4A13-B665-7BE197BA037E}C:\gierki świniaka ;v\crashday\crashday -steam.exe&quot; = protocol=6 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday -steam.exe | 
&quot;TCP Query User{1F82E831-02C2-4FAF-9FD1-093F543175E3}C:\gierki świniaka ;v\c&amp;c\twisted insurrection 0.7\game.exe&quot; = protocol=6 | dir=in | app=c:\gierki świniaka ;v\c&amp;c\twisted insurrection 0.7\game.exe | 
&quot;TCP Query User{310F9E84-C4EC-4F1E-B175-DBAE0CBBB9F5}D:\gierki\test drive unlimited\testdriveunlimited.exe&quot; = protocol=6 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe | 
&quot;TCP Query User{3C2D20C7-5656-4DC7-BD14-093CE9CBA5DB}C:\gierki świniaka ;v\crashday\crashday.exe&quot; = protocol=6 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday.exe | 
&quot;TCP Query User{4CC13FB4-D5D9-4338-8D6C-899E7FC73EA7}C:\program files (x86)\mozilla firefox\firefox.exe&quot; = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
&quot;TCP Query User{523F56A3-3392-4F4F-829E-C5229CD42E02}D:\gierki\crossout\launcher.exe&quot; = protocol=6 | dir=in | app=d:\gierki\crossout\launcher.exe | 
&quot;TCP Query User{5720E2B3-86E3-40B0-9FC3-10A8E15A00D7}D:\gierki\test drive unlimited\testdriveunlimited.exe&quot; = protocol=6 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe | 
&quot;TCP Query User{83A0E1F3-2C2F-4913-A265-B02F9B6D83D3}C:\gierki świniaka ;v\c&amp;c\dta\game.exe&quot; = protocol=6 | dir=in | app=c:\gierki świniaka ;v\c&amp;c\dta\game.exe | 
&quot;TCP Query User{A32F6C0E-C526-46E7-AC6A-AFD751247F64}C:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe&quot; = protocol=6 | dir=in | app=c:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe | 
&quot;TCP Query User{D1C83E02-CADC-46DF-B226-2E995CEA0854}C:\gierki świniaka ;v\c&amp;c\ts client\game.exe&quot; = protocol=6 | dir=in | app=c:\gierki świniaka ;v\c&amp;c\ts client\game.exe | 
&quot;TCP Query User{E6234540-62FE-4D36-9D29-E443825A609B}C:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe&quot; = protocol=6 | dir=in | app=c:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe | 
&quot;TCP Query User{ECD982A3-3803-41AE-816F-30E6B735945A}C:\windows\syswow64\dplaysvr.exe&quot; = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 
&quot;UDP Query User{09D45FA5-B40F-4F81-A24C-0F88BE233E6A}C:\gierki świniaka ;v\crashday\crashday.exe&quot; = protocol=17 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday.exe | 
&quot;UDP Query User{1FDF57B8-5FA7-4138-97CE-727FE176E0E3}D:\gierki\crossout\launcher.exe&quot; = protocol=17 | dir=in | app=d:\gierki\crossout\launcher.exe | 
&quot;UDP Query User{3F5C0608-1672-43F4-9814-8E068CC5E501}C:\gierki świniaka ;v\c&amp;c\dta\game.exe&quot; = protocol=17 | dir=in | app=c:\gierki świniaka ;v\c&amp;c\dta\game.exe | 
&quot;UDP Query User{42D92E73-9108-4F7E-8A62-6EFD5233B5F2}C:\gierki świniaka ;v\c&amp;c\ts client\game.exe&quot; = protocol=17 | dir=in | app=c:\gierki świniaka ;v\c&amp;c\ts client\game.exe | 
&quot;UDP Query User{62E354D2-2AC3-4548-862B-0BEA57204B72}D:\gierki\test drive unlimited\testdriveunlimited.exe&quot; = protocol=17 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe | 
&quot;UDP Query User{8D6AB85D-5366-492C-BE84-5031EE1A5B05}C:\gierki świniaka ;v\crashday\crashday -steam.exe&quot; = protocol=17 | dir=in | app=c:\gierki świniaka ;v\crashday\crashday -steam.exe | 
&quot;UDP Query User{AD7905A6-84C0-4FCA-95AB-390F949F2DFD}C:\windows\syswow64\dplaysvr.exe&quot; = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | 
&quot;UDP Query User{B388D9C2-3E08-4E4C-9B6B-2E8122E52C95}C:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe&quot; = protocol=17 | dir=in | app=c:\gierki świniaka ;v\enemy engaged 2\cohokum\ee2.exe | 
&quot;UDP Query User{B8863803-9ED6-4F86-AF44-AB0F7E01F967}C:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe&quot; = protocol=17 | dir=in | app=c:\gierki świniaka ;v\aerial destruction\binaries\win32\udk.exe | 
&quot;UDP Query User{CF139E3E-8D60-45D1-AD64-159F8897F3F9}D:\gierki\test drive unlimited\testdriveunlimited.exe&quot; = protocol=17 | dir=in | app=d:\gierki\test drive unlimited\testdriveunlimited.exe | 
&quot;UDP Query User{CF72C22B-36D0-4F07-8E94-03C3A67FD1F6}C:\program files (x86)\mozilla firefox\firefox.exe&quot; = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 
&quot;UDP Query User{ECDC248B-4E15-4BBF-B76D-AF57B7E461A0}C:\gierki świniaka ;v\c&amp;c\twisted insurrection 0.7\game.exe&quot; = protocol=17 | dir=in | app=c:\gierki świniaka ;v\c&amp;c\twisted insurrection 0.7\game.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
&quot;{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}&quot; = Microsoft .NET Framework 4.5
&quot;{1D8E6291-B0D5-35EC-8441-6616F567A0F7}&quot; = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
&quot;{230D1595-57DA-4933-8C4E-375797EBB7E1}&quot; = Atheros Bluetooth Suite (64)
&quot;{23170F69-40C1-2702-1805-000001000000}&quot; = 7-Zip 18.05 (x64 edition)
&quot;{8220EEFE-38CD-377E-8595-13398D740ACE}&quot; = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
&quot;{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}&quot; = Microsoft Silverlight
&quot;{90120000-002A-0000-1000-0000000FF1CE}&quot; = Microsoft Office Office 64-bit Components 2007
&quot;{90120000-002A-0415-1000-0000000FF1CE}&quot; = Microsoft Office Shared 64-bit MUI (Polish) 2007
&quot;{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033&quot; = Microsoft .NET Framework 4.5
&quot;{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045&quot; = Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK
&quot;{94C42BE9-B62A-3558-A793-AD49B354F7AA}&quot; = Microsoft .NET Framework 4.5 PLK Language Pack
&quot;{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}&quot; = ASUS Power4Gear Hybrid
&quot;{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel&quot; = Panel sterowania NVIDIA 296.67
&quot;{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver&quot; = NVIDIA Sterownik graficzny 296.67
&quot;{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus&quot; = NVIDIA Optimus 1.7.13
&quot;{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update&quot; = Aktualizacje NVIDIA 1.7.13
&quot;{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer&quot; = NVIDIA Install Application
&quot;{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update&quot; = NVIDIA Update Components
&quot;{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}&quot; = Intel® Trusted Connect Service Client
&quot;747C94D329BB5CCC3231C84E4D319B6CEC7BBAB3&quot; = Pakiet sterowników systemu Windows - ASUS (ATP) Mouse  (07/08/2012 1.0.0.93)
&quot;8461-7759-5462-8226&quot; = Vuze
&quot;CCleaner&quot; = CCleaner
&quot;DAEMON Tools Lite&quot; = DAEMON Tools Lite
&quot;Mozilla Firefox 61.0.1 (x64 pl)&quot; = Mozilla Firefox 61.0.1 (x64 pl)
&quot;OpenVPN&quot; = OpenVPN 2.3.11-I601 
&quot;SKIDROW - Air Missions HIND&quot; = Air Missions HIND
&quot;TAP-Windows&quot; = TAP-Windows 9.21.2
&quot;YWVyaWFsZGVzdHJ1Y3Rpb24_is1&quot; = Aerial Destruction Frontline Assault
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
&quot;{0969AF05-4FF6-4C00-9406-43599238DE0D}&quot; = ASUS Splendid Video Enhancement Technology
&quot;{0DF8FA4D-299C-4250-9F09-C14E47E12224}&quot; = 3CXPhone
&quot;{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}&quot; = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
&quot;{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}&quot; = ASUS LifeFrame3
&quot;{240C3DDD-C5E9-4029-9DF7-95650D040CF2}&quot; = Intel(R) USB 3.0 eXtensible Host Controller Driver
&quot;{42A4EC40-09BC-427C-B657-67978B784058}&quot; = Rally Trophy
&quot;{4CA7F8A0-DB20-11D4-8B30-000021015D1C}&quot; = Need for Speed 5 Porsche Unleashed
&quot;{4D3286A6-F6AB-498A-82A4-E4F040529F3D}&quot; = ASUS Smart Gesture
&quot;{5172E572-C175-4F80-A6D5-5CB45826AD61}&quot; = SceneSwitch
&quot;{5CB6A112-DA36-486B-9B1C-6341CB95DE37}&quot; = Enemy Engaged 2 Speech
&quot;{612C34C7-5E90-47D8-9B5C-0F717DD82726}&quot; = swMSM
&quot;{64452561-169F-4A36-A2FF-B5E118EC65F5}&quot; = ASUS FaceLogon
&quot;{65153EA5-8B6E-43B6-857B-C6E4FC25798A}&quot; = Intel(R) Management Engine Components
&quot;{749F674B-2674-47E8-879C-5626A06B2A91}&quot; = InstantOn for NB
&quot;{78B1279E-7DFB-4289-B6E1-7C62A1A455A1}_is1&quot; = STALKERSOUP 1.1.0016
&quot;{7D916FA5-DAE9-4A25-B089-655C70EAF607}&quot; = Qualcomm Atheros WiFi Driver Installation Program
&quot;{8833FFB6-5B0C-4764-81AA-06DFEED9A476}&quot; = Realtek Ethernet Controller Driver
&quot;{8F21291E-0444-4B1D-B9F9-4370A73E346D}&quot; = WinFlash
&quot;{90120000-0015-0415-0000-0000000FF1CE}&quot; = Microsoft Office Access MUI (Polish) 2007
&quot;{90120000-0016-0415-0000-0000000FF1CE}&quot; = Microsoft Office Excel MUI (Polish) 2007
&quot;{90120000-0018-0415-0000-0000000FF1CE}&quot; = Microsoft Office PowerPoint MUI (Polish) 2007
&quot;{90120000-0019-0415-0000-0000000FF1CE}&quot; = Microsoft Office Publisher MUI (Polish) 2007
&quot;{90120000-001A-0415-0000-0000000FF1CE}&quot; = Microsoft Office Outlook MUI (Polish) 2007
&quot;{90120000-001B-0415-0000-0000000FF1CE}&quot; = Microsoft Office Word MUI (Polish) 2007
&quot;{90120000-001F-0407-0000-0000000FF1CE}&quot; = Microsoft Office Proof (German) 2007
&quot;{90120000-001F-0409-0000-0000000FF1CE}&quot; = Microsoft Office Proof (English) 2007
&quot;{90120000-001F-0415-0000-0000000FF1CE}&quot; = Microsoft Office Proof (Polish) 2007
&quot;{90120000-002C-0415-0000-0000000FF1CE}&quot; = Microsoft Office Proofing (Polish) 2007
&quot;{90120000-0030-0000-0000-0000000FF1CE}&quot; = Microsoft Office Enterprise 2007
&quot;{90120000-0044-0415-0000-0000000FF1CE}&quot; = Microsoft Office InfoPath MUI (Polish) 2007
&quot;{90120000-006E-0415-0000-0000000FF1CE}&quot; = Microsoft Office Shared MUI (Polish) 2007
&quot;{90120000-00A1-0415-0000-0000000FF1CE}&quot; = Microsoft Office OneNote MUI (Polish) 2007
&quot;{90120000-00BA-0415-0000-0000000FF1CE}&quot; = Microsoft Office Groove MUI (Polish) 2007
&quot;{9A25302D-30C0-39D9-BD6F-21E6EC160475}&quot; = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
&quot;{9C27ADE1-EAFB-4BB7-9FE3-5DD9BA9A3DD2}&quot; = Crashday
&quot;{A48A1FF5-3393-481E-BEC1-3C705184816C}_is1&quot; = Test Drive Unlimited ReincarnaTion, версия 1
&quot;{A49F249F-0C91-497F-86DF-B2585E8E76B7}&quot; = Microsoft Visual C++ 2005 Redistributable
&quot;{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}&quot; = ASUS USB Charger Plus
&quot;{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}&quot; = ATK Package
&quot;{AC76BA86-0804-1033-1959-001824272646}&quot; = Adobe Refresh Manager
&quot;{AC76BA86-7AD7-1045-7B44-AC0F074E4100}&quot; = Adobe Acrobat Reader DC - Polish
&quot;{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1&quot; = Spybot - Search &amp; Destroy
&quot;{C1594429-8296-4652-BF54-9DBE4932A44C}&quot; = Realtek PCIE Card Reader
&quot;{DD1865F0-AD73-40FB-B23E-1822E02396FF}&quot; = NVIDIA PhysX
&quot;{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}&quot; = ASUS Virtual Camera
&quot;{EF0D610C-92BE-4D8F-BD33-9F658F8754F1}&quot; = GTI Racing
&quot;{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}&quot; = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
&quot;{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}&quot; = Intel(R) Processor Graphics
&quot;{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}&quot; = Realtek High Definition Audio Driver
&quot;{f65db027-aff3-4070-886a-0d87064aabb1}&quot; = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
&quot;{F8718F95-21A1-44B9-97EC-679C93020BAE}&quot; = Colin McRae Rally 04
&quot;{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}&quot; = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
&quot;{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}&quot; = ASUS Live Update
&quot;{FB83EAC4-E3F6-4666-B45B-44522F2344B6}&quot; = Brother MFL-Pro Suite DCP-J315W
&quot;{FCB3772C-B7D0-4933-B1A9-3707EBACC573}&quot; = Intel(R) OpenCL CPU Runtime
&quot;Adobe Flash Player NPAPI&quot; = Adobe Flash Player 30 NPAPI
&quot;Adobe Shockwave Player&quot; = Adobe Shockwave Player 12.3
&quot;ASUS K5 Series ScreenSaver&quot; = ASUS K5 Series ScreenSaver
&quot;Avast Antivirus&quot; = Avast Free Antivirus
&quot;Cities XXL_R.G. Mechanics_is1&quot; = Cities XXL
&quot;Command and Conquer - Generals_R.G. Mechanics_is1&quot; = Command and Conquer - Generals
&quot;CrossOutLauncher_is1&quot; = Crossout Launcher 1.0.3.61
&quot;Enemy Engaged 2_is1&quot; = Enemy Engaged 2
&quot;ENTERPRISE&quot; = Microsoft Office Enterprise 2007
&quot;Freemake Video Converter_is1&quot; = Freemake Video Converter wersja 4.1.10
&quot;InstallShield_{EF0D610C-92BE-4D8F-BD33-9F658F8754F1}&quot; = GTI Racing
&quot;MozillaMaintenanceService&quot; = Mozilla Maintenance Service
&quot;NapiProjekt_is1&quot; = NapiProjekt (2.2.0.2399)
&quot;QWlyR3VhcmRpYW5z_is1&quot; = Air Guardians
&quot;S.T.A.L.K.E.R. - Shadow of Chernobyl_is1&quot; = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005]
&quot;Spintires_is1&quot; = Spintires
&quot;Strike Fighters 2&quot; = Strike Fighters 2
&quot;Strike Fighters 2 Europe&quot; = Strike Fighters 2 Europe
&quot;Strike Fighters 2 Expansion Pack 1&quot; = Strike Fighters 2 Expansion Pack 1
&quot;Strike Fighters 2 Expansion Pack 2&quot; = Strike Fighters 2 Expansion Pack 2
&quot;Strike Fighters 2 Extractor&quot; = Strike Fighters 2 Extractor Jun 2011
&quot;Strike Fighters 2 Guns Editor&quot; = Strike Fighters 2 Guns Editor May 2011
&quot;Strike Fighters 2 Israel&quot; = Strike Fighters 2 Israel
&quot;Strike Fighters 2 North Atlantic&quot; = Strike Fighters 2 North Atlantic
&quot;Strike Fighters 2 Vietnam&quot; = Strike Fighters 2 Vietnam
&quot;Strike Fighters 2 Weapons Editor&quot; = Strike Fighters 2 Weapons Editor Aug 2011
&quot;SumatraPDF&quot; = SumatraPDF
&quot;VLC media player&quot; = VLC media player
&quot;Zombie Driver HD - Complete Edition_is1&quot; = Zombie Driver HD - Complete Edition
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
&quot;{a0a4ee0b-3284-483d-93ce-7bf190eacc8c}&quot; = Citra
&quot;Photoscape Packages&quot; = Photoscape Packages
&quot;ROTR Beta 1.85&quot; = ROTR Beta 1.85
&quot;ROTR Map Pack V2.0&quot; = ROTR Map Pack V2.0
&quot;uTorrent&quot; = µTorrent
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 2018-07-19 10:10:09 | Computer Name = laptop | Source = ESENT | ID = 455
Description = Windows (4016) Windows: Wystąpił błąd -1811 podczas otwierania pliku
 dziennika C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0059B.log.
 
Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 9000
Description = 
 
Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 7040
Description = 
 
Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 7042
Description = 
 
Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 9002
Description = 
 
Error - 2018-07-19 10:10:10 | Computer Name = laptop | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 3028
Description = 
 
Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 3058
Description = 
 
Error - 2018-07-19 10:10:14 | Computer Name = laptop | Source = Windows Search Service | ID = 7010
Description = 
 
[ System Events ]
Error - 2018-07-19 10:09:44 | Computer Name = laptop | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Spybot-S&amp;D 2 Security Center Service z 
powodu następującego błędu:   %%577
 
Error - 2018-07-19 10:10:15 | Computer Name = laptop | Source = Service Control Manager | ID = 7024
Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla
 niej błąd %%-1073473535.
 
Error - 2018-07-19 10:10:15 | Computer Name = laptop | Source = Service Control Manager | ID = 7031
Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło 
to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna:
 Uruchom usługę ponownie.
 
 
&lt; End of report &gt;

Private - Private paste aren't shown in recent listings.

Delete After - When should we delete your paste?

Spam protection -

Reply to "Logi"